Hunting, Threat Research, Cyber Security SME, SIEM/Security data tuning. Adversary research and building analytics and detection.

Leading research and analysis initiatives within Anomali to drive innovative ways for customers to maximize the value and productivity from their security operations and CTI resources.

As a member of the Research Team, I research threats (actor analysis, infrastructure, malware analysis (future), etc.), create content within TIP platform, while helping improve the platform and content to assist in research (hunting) for myself and clients.

Working within the Security Operations umbrella, in close ties with the Threat Intelligence Research team, I will be "hunting" through the historical data for the presence of active, or past, malicious activity.

Using real-time log monitoring from diverse sources (Blue coat web proxies, Sourcefire IDS, Checkpoint, Cisco, Juniper firewall systems, McAfee Anti-Virus, Active Directory, and Windows and Linux security logs, etc.) to respond to incidents using the PICERL methodology developed by SANS. Refine response and containment procedures and ensuring case documentation meet exacting standards for compliance and audit needs. Incorporate actual incidents into educational presentations and policy proposals for all levels of management. Harvest threat intelligence information from incidents. Mentor lower level analysts in the skills of information security monitoring and analysis. Train fellow analysts in the use of Splunk and ArcSight. Coordinate incident response across business groups within Apollo. Conduct threat intelligence research and response against web based exploit kits and developing trends in cybercriminal activity. Develop and improve Snort/Sourcefire signatures; NeoSploit being one of my focal points. Proficient in the use of Splunk for data analysis and pattern discovery to detect sophisticated malware. Investigate anomalies via real-time log monitoring to ensure secure operations, maintain regulatory compliance and enforce corporate policy. Active in the Emerging Threats Sourcefire security community. Developed content for the HP ArcSight SIEM. Perform forensic systems analysis using EnCase.

I am a Security Analyst in the Apollo Group Inc. Information Security Operations Center. Engaging in Network Security monitoring and analysis with various security technologies. Utilizing the PICERL Incident Response methodology for security incident response. I am becoming proficient in identifying exploit kit activity, research and response.

Provided in-depth system and application level support on mission critical student facing applications for Apollo Group. In addition worked as a liaison between development teams and other functional IT teams for new applications and systems, in addition to assisting with application uplifts.

Provided in-depth system and application level support on mission critical student facing applications for Apollo Group.

Was part of a Incident Management and Problem Management team, working mission critical outages and root cause investigation.