Lead Of Digital Forensics And Incident Response
CurrentPresently serve as a Lead of Digital Forensics and Incident Response (DFIR) and a Subject Matter Expert (SME) for Fortinet, which is a global DFIR Firm with offices in the United States, Europe, and Asia. Routinely lead IR engagements, while overseeing, mentoring, and training analysts supporting the ongoing investigations. The team is frequently deployed to run engagements dealing with APT campaigns, network intrusions, data breaches, and ransomware encryption investigations. During the engagements, the team of analysts conduct network and host-based analysis on Windows, Linux, and Mac systems to include file system, log, and memory analysis. The team routinely deploys and leverages FortiEDR and Velociraptor during the engagements, which provides a high level of visibility into compromised environments with the capacity to take effective remediation actions in coordinationwith the client(s). The team is also well versed in providing compromise assessments of client’s networks in an effort to ascertain whether there are indications of undetected malicious activity in those networks that need to be addressed by the client in coordination with the Fortinet DFIR team.