Bill Vest, Cissp Email & Phone Number

Armonk, New York, NY, US

• Use open-source research to develop threat hunt hypothesis for Advanced Persistent Threat (APT) groups and other malicious threat actors.
• Perform TTP based Cyber Threat hunts for 500K endpoints located throughout the globe.
• Hunt suspicious behaviors through analysis of EDR data from Carbon Black Response, Carbon Black Detect, CrowdStrike, and Microsoft Defender Advanced Threat Protection as well as SIEM data.
• Examine process data and network activity for suspicious scripts, including PowerShell, Python, and WMIC for malicious use.
• Recommend threat mitigations and remediations for malicious activities.
• Develop EDR queries for console detections used as alerts for SOC personnel.

Reston, VA, US

Work under direction of U.S. Army Cyber Command, in support of the 24/7 mission of the Defensive Cyber Operations Division at the Regional Computer Emergency Response Team located at the South West Asia Cyber Center, Camp Arifjan Kuwait. Monitor, correlate and analyze network security events to determine if anonymous and suspicious network activity.

Provide technical instruction in the Joint Cyber Analyst Course. Provide instruction to all US Military branches in Active Exploitation of Solaris, Linux and Windows platforms, Cisco Routers and Switches. Familiar with Metasploit, NMap, Wireshark, P0f, and other open source tools.Teach Basic through Advanced CISCO Networking and Router Security, Network.

Alexandria, VA, US

Working to gain accreditation for the F35 Reprogramming Lab systems.Prepare hybrid DIACAP/JAFAN packages and supporting documents.Review and tune ST&E plans

Reston, VA, US

Reston, VA, US

Theatre Information Assurance Lead. Provided overall program guidance for both Afghanistan and Iraq COIC organizations. Reviewed DISA Gold Disk and E-eye Retina scan reports. Performed RETINA scans unclassified and classified networks. Conducted Syslog and System log reviews. Completed remediation’s for identified vulnerabilities on Windows 2003, Exchange.

Managed the development of DITSCAP and DIACP Accreditation packages for Naval Education and Training Command (NETC) learning sites. Assisted with identification and remediation of RETINA and DISA GOLD DISK vulnerabilities. Reviewed network configurations to ensure compliance with appropriate DISA STIGs. Prepared and submitted mitigation statements for.

Managed network perimeter and local area network security and provided network engineering for the local region. Developed solutions to implement DAA Information Assurance policies for the Taji region. Completed successful migration from Websense to the Bluecoat Proxy server. Implemented changes to Cisco PIX, ASA, routers, core and access switches to.

New York, NY, US

Managed computer network security for locations within the USCENTAF Iraq AOR. Developed reports and trend analysis documentation on bandwidth, network architecture, as well as network security incidents. Proactive and reactive implementation of access control lists on Cisco IPS Devices and Cisco Routers. Implementation and troubleshooting of VPN/ IPSEC.

Designed and implemented a DMZ network using Cisco PIX firewall. Modified both router and PIX ACLs to meet DOD mandated network/host blocks. Implement Microsoft ISA 2004 server to enable the UTN Protect policy, ensured only specified network traffic was permitted to the Internet. Implemented DISA STIG compliant security for Windows 2000/2003 servers and.

Team lead for five network engineers, providing network management for a Windows 2000/2003 Active Directory for 1000 users. These servers included Microsoft Exchange Server 5.5, Microsoft Proxy Server 2.0, and Microsoft Internet Information Server 5.0/6.0. Responsibilities include maintenance of user accounts, GPO, and roaming profiles, DNS, WINS, DHCP.

Provide Network Administration and Level III helpdesk for five LAN's covering classifications up to Top Secret. Installed and maintained 18 Dell Power Edge servers and over 900 Dell Desktops. Provided liaison with Dell repair services to ensure failed computers were repaired. Managed Microsoft Exchange server and 600+ e-mail accounts. Supported Microsoft.

Provides Network administration for three Windows NT 4.0 Clusters and 18 additional NT Servers supporting 300+ users in two domains. Manages the MS Exchange 5.5 Cluster configured to provide secure and non-secure e-mail to users at several international locations. Supports the Internet Mail and x.400 connectors as well as the Global Address List and Public.

Provides Network administration and management for three Windows NT 4.0 domains with 12 servers and 1000 users. These servers included Microsoft Exchange Server 5.5, Microsoft Proxy Server 2.0, and Microsoft Internet Information Server 4.0. Responsibilities include maintenance of user accounts, policies, and profiles, DNS, WINS, DHCP services and.

Washington, DC, US

years 11 months Supervised 9 active duty and 4 government support contract administrators and Helpdesk technicians in a Windows NT 4.0 environment with 12 servers and 1000 users.TECHNICAL Databases: SQL Server 2000SUMMARY Platforms: Windows 2003/XP/2000/NT4 Networking: Cisco: ASA/PIX Firewalls, Switches, Routers, IDS, Works, VMS, Catalyst; VPN.

Washington, DC, US