• Threat hunting• Incident response• V-CISO advisory services• Network security assessment• Malware analysis• Communication to management and C-Level personnel

• Triage alerts• Analyze suspicious or malicious emails and attachments• Analyze network events• Threat hunting• Packet analysis

• Familiarity and experience with OWASP Top 10• Manage inventory of 850+ web applications to ensure proper security scanning• Validate and rate vulnerabilities reported by production scanners• Assist web application teams with and confirm vulnerability remediation• Support web application teams with pre-production web application scanning• Evaluate and approve or deny false positive requests• Provide support for open source component uplift• Audit web application inventory for site decommissioning and consolidation• Work with web application teams to resolve access, scope and credential issues encountered by scanning team• Work with developers to create and implement automation for internal team processes• Provide support to senior team members for scan tool development• Evaluate and audit tools used for asset discovery

• Manage investigations escalated by Tier 1 Analysts• Proactively identify and mitigate unfound threats• Assist Tier 3s in incidents and investigations with identification, containment, and eradication• Research known threats to find their origin and recommend action• Perform process analysis on endpoints that alert on suspicious activity• Analyze weaponized documents and obfuscated Powershell to extract IOCs and scope the environment• Pivot on IOCs provided by Threat Intel to determine American Airlines’ exposure and report findings• Review and/or approve tickets from Tier I analysts for phishing, malware and network events• Assist in tuning SIEM rules alerting on IDS events• Create, update and improve SOC policies and procedures, and enforce American Airlines’ IT Security Policies

Currently a full-time apprentice working through a guided curriculum of SOC related concepts and systems as well as red team mindset and methodologies.Fully installed, from source, Snort, Barnyard2, PulledPork, and Snorby on Ubuntu Server 16.04 twice, once on CentOSDocumented my process of installing and troubleshooting the systemUtilize Snort to monitor and analyze alerts to identify potential threatsBasic utilization of Wireshark to further investigate alerts and determine if the alerts present a true threatTune Snort to reduce the number of unnecessary alertsSuccessfully used FileBeat to send syslog data to Logstash and learning to visualize and interpret the data in KibanaLearning RegEx to write and/or locate a filter to further parse Snort dataFamiliar with important concepts such as the OSI Model, basic networking, known ports, and general security measuresGained basic understanding of NIST and its relevance to cyber securityDeveloped basic experience in researching Common Vulnerabilities and Exposures (CVE)

Oversaw two retail locations and a restaurant, and technical operations for two websites and 3 versions of POS installations.Maintained patching, updates and backups for all systemsEnsured anti-virus was always installed and up to dateCreated policies to ensure confidentiality and integrity of business information and availability of all systemsBuilt and managed the website using Volusion, WordPress and most recently, ShopifyInstalled and maintained 3 separate POS systems: Lightspeed, POS Lavu, ShopifyManaged the separation of online presences of the retail and restaurant businessesMaintained 2 Wordpress blogs with consistent contentOversaw a complete re-brand of the conceptCut costs by nearly 80% to avoid insolvency during the most difficult time for small retail in U.S. historyCompleted 2 packaging redesigns of over 1,000 SKUs using PhotoshopAnalyzed cost of goods sold for over 70 formulas using advanced Excel functionsMaintained a consistent e-mail marketing program using Aweber and Constant ContactDeveloped scores of educational materials and presentations for customers and employeesTrained staff on sales and customer service techniques increasing the average sale by 100%Implemented operational improvements in production, order fulfillment, and customer service

Assisted with vendor managementAssisted with product line developmentConsulted on sales presentation and messaging to help secure major accountsDeveloped initial online strategy and began an e-mail marketing programCreated and distributed a steady flow of blog content using Wordpress

Conducted market research with IT Executives and Managers to determine the viability of a Network Access Control application based on prospect feedback