AeroLeads people directory · profile

Bill Vest, Cissp Email & Phone Number

Cyber Threat Hunt at IBM at IBM
Location: Milton, Florida, United States 17 work roles
3 work emails found @ibm.com LinkedIn matched
✓ Verified July 2026 3 data sources Profile completeness 86%

Contact Signals · 3 work emails

Work email b****@ibm.com
LinkedIn Profile matched
3 free lookups remaining · No credit card
Current company
IBM
Role
Cyber Threat Hunt at IBM
Location
Milton, Florida, United States

Who is Bill Vest, Cissp? Overview

A concise factual answer block for searchers comparing this professional profile.

Quick answer

Bill Vest, Cissp is listed as Cyber Threat Hunt at IBM at IBM, based in Milton, Florida, United States. AeroLeads shows a work email signal at ibm.com and a matched LinkedIn profile for Bill Vest, Cissp.

Bill Vest, Cissp previously worked as Cyber Threat Hunt at Ibm and Threat Analyst and Incident Handler at The Buffalo Group.

Company email context

Email format at IBM

This section adds company-level context without repeating Bill Vest, Cissp's masked contact details.

*@ibm.com
74% confidence

AeroLeads found 3 current-domain work email signals for Bill Vest, Cissp. Compare company email patterns before reaching out.

Profile bio

About Bill Vest, Cissp

Cyber Threat AnalystSolutions-driven change agent with a career-long record of information security, risk management, and intelligence management success for private and government intelligence organizationsSUMMARYSignificant experience in Cyber Threat Analysis including Packet Analysis, SIEM, Flow Data Analysis, Networking Security Engineering including Firewall, Bluecoat, VPN, staff supervision and project execution.Recognized for successfully managing change, mitigating risk, infusing new ideas and delivering results that take enterprise system performance/productivity to the next level.Adept at documenting and clearly presenting project plans and complex technical information to diverse audiences.Successfully partner with business leaders and technical teams to plan, integrate, document and execute project plans on time and under aggressive deadlines.Specialties:SIEMO/S: Windows and LinuxNetwork Security: Carbon Black, MDATP, CrowdStrike, Sourcefire IDS, VPN, Websense, Bluecoat Proxy.Software: ArcSight ESM, ArcSight Logger, Wireshark, PCAP, Security Onion, BRO, Tanium, Syslog.

Listed skills include Network Security, Firewalls, Information Assurance, Security, and 35 others.

Current workplace

Bill Vest, Cissp's current company

Company context helps verify the profile and gives searchers a useful next step.

IBM
Ibm
Cyber Threat Hunt at IBM
AeroLeads page
17 roles · 46 years

Bill Vest, Cissp work experience

A career timeline built from the work history available for this profile.

Cyber Threat Hunt

Current
Ibm

Armonk, New York, Ny, Us

• Use open-source research to develop threat hunt hypothesis for Advanced Persistent Threat (APT) groups and other malicious threat actors.• Perform TTP based Cyber Threat hunts for 500K endpoints located throughout the globe.• Hunt suspicious behaviors through analysis of EDR data from Carbon Black Response, Carbon Black Detect, CrowdStrike, and Microsoft Defender Advanced Threat Protection as well as SIEM data. • Examine process data and network activity for suspicious scripts, including PowerShell, Python, and WMIC for malicious use.• Recommend threat mitigations and remediations for malicious activities.• Develop EDR queries for console detections used as alerts for SOC personnel.

Jul 2019 - Present

Threat Analyst And Incident Handler

Reston, Va, Us

Work under direction of U.S. Army Cyber Command, in support of the 24/7 mission of the Defensive Cyber Operations Division at the Regional Computer Emergency Response Team located at the South West Asia Cyber Center, Camp Arifjan Kuwait. Monitor, correlate and analyze network security events to determine if anonymous and suspicious network activity warrants further investigation. Employs security logs, to include SNORT IDS alerts, BlueCoat Proxy logs, Netflow, Tanium, various system and firewall logs, as well as packet capture (PCAP) data. Ability to navigate and manipulate raw data in a Linux operating system environment. Maintain knowledge of Cyber Network Exploitation (CNE) actors’ exploitation tactics that aid in determining true malicious activity. Maintain knowledge of common web vulnerabilities to aid in determine malicious CNE attempts. Initiate incident handling and response to probable network intrusions by identifying, locating, and isolating threat while further investigating how system/network incurred an infection/compromise and making recommendations to network and system administrators on hardening security to prevent repeat exploitation. Report all findings and categorize activities in accordance with CJCSM 6510.01B.

Apr 2017 - Jul 2019

Technical Instructor

Comtech Telecommunications Corp.

Provide technical instruction in the Joint Cyber Analyst Course. Provide instruction to all US Military branches in Active Exploitation of Solaris, Linux and Windows platforms, Cisco Routers and Switches. Familiar with Metasploit, NMap, Wireshark, P0f, and other open source tools.Teach Basic through Advanced CISCO Networking and Router Security, Network Analysis and supporting technologies. Provide training in DNS, DHCP, SNMP, NAT, Tunneling, and routing protocols.

Aug 2012 - Apr 2017

Information Assurance Officer

Alexandria, Va, Us

Working to gain accreditation for the F35 Reprogramming Lab systems.Prepare hybrid DIACAP/JAFAN packages and supporting documents.Review and tune ST&E plans

Mar 2012 - Aug 2012

System Engineer/Information Assurance

Reston, Va, Us

Theatre Information Assurance Lead. Provided overall program guidance for both Afghanistan and Iraq COIC organizations. Reviewed DISA Gold Disk and E-eye Retina scan reports. Performed RETINA scans unclassified and classified networks. Conducted Syslog and System log reviews. Completed remediation’s for identified vulnerabilities on Windows 2003, Exchange 2003 and Windows XP systems and developed mitigation strategies for unremediated findings. Updated DISA Vulnerability Management System (VMS) with current status for open findings. Performed installations and updates for server based software including WSUS, Symantec, and Altiris. Performed routine Windows administration including user accounts and e-mail management, system backup and recovery. Manage Cisco ASA firewalls, implemented ingress and egress filtering. Perform day-to-day administration for the Cisco LAN including port-security violations, VLAN reassignment and computer relocations.

Mar 2009 - Oct 2010

Information Security Engineer

Booz-Allen-Hamilton

Managed the development of DITSCAP and DIACP Accreditation packages for Naval Education and Training Command (NETC) learning sites. Assisted with identification and remediation of RETINA and DISA GOLD DISK vulnerabilities. Reviewed network configurations to ensure compliance with appropriate DISA STIGs. Prepared and submitted mitigation statements for vulnerabilities which could not be remediated due to operational impact. Performed on-site technical assist visits to aid the local Information Assurance staff in preparation of DICAP documentation including System Information Profile (SIP), SIPRNET Connection Questionnaire (SCQ), REL-DMZ, Information Assurance Control Implementation and Validations.

Jul 2008 - Mar 2009

Information Assurance Network Engineer

Raytheon (Iraq)

Managed network perimeter and local area network security and provided network engineering for the local region. Developed solutions to implement DAA Information Assurance policies for the Taji region. Completed successful migration from Websense to the Bluecoat Proxy server. Implemented changes to Cisco PIX, ASA, routers, core and access switches to provide required access while marinating a secure communications infrastructure. Completed regular review of syslogs and Bluecoat reports. Prepared network diagrams with Visio and maintained all network hardware operating systems (Cisco IOS), performs required upgrades and patching. Used packet captures to identify rouge network traffic and troubleshoot connectivity problems. Assisted with weekly security scans using Retina for over 2000 Windows XP, Server 2003 and other clients, directed local administrators in required remediation. Performed initial review of software/hardware requirements, researched comprehensive solutions and provided recommendations to senior management.

Mar 2007 - Apr 2008

Network Security Analyst

New York, Ny, Us

Managed computer network security for locations within the USCENTAF Iraq AOR. Developed reports and trend analysis documentation on bandwidth, network architecture, as well as network security incidents. Proactive and reactive implementation of access control lists on Cisco IPS Devices and Cisco Routers. Implementation and troubleshooting of VPN/ IPSEC tunnels. Monitor, control, and facilitate troubleshooting of Cisco Secure Intrusion Detection Systems and CiscoWorks VMS within the USCENTCOM AOR. Monitor logs and Cisco IDS logs for worm and trojan activity, unauthorized traffic, provide overall security guidance to deployed units.

Aug 2006 - Jan 2007

Senior Communications Analyst

Lockheed Martin It

Designed and implemented a DMZ network using Cisco PIX firewall. Modified both router and PIX ACLs to meet DOD mandated network/host blocks. Implement Microsoft ISA 2004 server to enable the UTN Protect policy, ensured only specified network traffic was permitted to the Internet. Implemented DISA STIG compliant security for Windows 2000/2003 servers and Windows 2000/XP workstations. Performed security scans with ISS network scanner and RETINA. Led team during mitigation and resolution of security scan findings. Installed and configured Cisco PIX 525E fail-over hardware. Implemented corporate anti-virus distribution using Network Associates E-Policy server and managed clients. Performed daily Security Log reviews for PIX, ISA Server and Active Directory to identify suspect activity. Implemented Stony Lake Firewall Reporter to provide streamlined PIX reporting. Designed and implemented the Windows 2003 Active Directory, developed group policies to ease administration and software distribution. Installed and configured Windows Server Update Services (WSUS) to perform automated security patch installation. Technical lead for Windows 2003 Migration. Installed DHCP and converted all clients, designed TCP/IP addressing plan to migrate users and network infrastructure to private IP address space. Completed e-mail migration from Exchange 5.5 to Exchange 2003 including temporary upgrade to Exchange 2000. Implemented Exchange 2003 Front-End Server for use as a Outlook Web Access server. Implemented server and user certificates to enable CAC based login for all Active Directory users. Developed detailed network maps, spanning tree diagrams and documented all switch port utilization using Fluke tools. Developed baseline network utilization statistics and monitor utilization using Fluke OptiView Console and Fluke OptiView II. Implemented Microsoft WSUS patch management to ensure all security patches are completed with out user intervention.

Jan 2005 - Aug 2006

Senior Network Engineer

At&T Government Solutions

Team lead for five network engineers, providing network management for a Windows 2000/2003 Active Directory for 1000 users. These servers included Microsoft Exchange Server 5.5, Microsoft Proxy Server 2.0, and Microsoft Internet Information Server 5.0/6.0. Responsibilities include maintenance of user accounts, GPO, and roaming profiles, DNS, WINS, DHCP services and administration of the MS Exchange 5.5 server. Installed Dell servers on SCSI disk array and Dell/EMC fiber channel SAN, created Windows 2000 Clusters; provide high availability file and print shares and web services. Designed the enterprise Active Directory implementation to allow for collapse of two NT 4 domains into a single Windows 2000 domain. Installed Dell PowerVault LTO tape backup system and Backup Exec 9.0, developed backup and tape rotation schedule. Perform engineering feasibility studies for network enhancements including switch upgrades and replacements, network backbone expansion, server upgrades including operating systems and all peripherals. Technical lead during the network infrastructure upgrade from DecHub 900 Multi-Switches to Cisco Catalyst 3550, 4006 and 6509. Perform IOS/CATOS upgrades, switch and LAN router configuration. Maintain network diagrams using Visio and Fluke Network Inspector software. Perform server and workstation maintenance, troubleshooting and repair. Review security logs, maintain Norton Anti-Virus Enterprise Edition software and Microsoft Software Update Server (SUS), ensuring all systems are running latest security patches. Provide senior management with procurement inputs/assessments on new hardware and software acquisitions for budgetary planning.

Jan 2003 - Jan 2005

Network Engineer

Raytheon Technical Services

Provide Network Administration and Level III helpdesk for five LAN's covering classifications up to Top Secret. Installed and maintained 18 Dell Power Edge servers and over 900 Dell Desktops. Provided liaison with Dell repair services to ensure failed computers were repaired. Managed Microsoft Exchange server and 600+ e-mail accounts. Supported Microsoft Office, CETARSWEB applications, and various other COTS software packages.

Jun 2002 - Jan 2003

Network Engineer/Senior System Administrator

Raytheon Technical Services/Inveresk Research
Jan 2001 - Jan 2003

Senior System Administrator

Provides Network administration for three Windows NT 4.0 Clusters and 18 additional NT Servers supporting 300+ users in two domains. Manages the MS Exchange 5.5 Cluster configured to provide secure and non-secure e-mail to users at several international locations. Supports the Internet Mail and x.400 connectors as well as the Global Address List and Public folders. Supports three file and print clusters on an IBM ESS "Shark" Storage Area Network. Technical lead for installation and implementation of SalesLogix.Net. Performed custom configuration of server including hardware installation, server assembly and software installation. Technical lead during the conversion from MS Exchange 5.5 to Lotus Notes R5. Migrated 300 users and all e-mail, contacts, calendars and task lists with no data loss. Primary administrator for SalesLogix.net on SQL Server 2000. Migrated 70 printers from a stand-alone print server to a Windows NT Cluster environment to provide redundancy in case of failure. Project lead installing and configuring ROBOMON proactive network monitoring software. Provides Level III assistance to Desktop Support Technicians in resolving OS and applications issues as well as hardware failures. Provides research and procurement assistance for hardware and software upgrades and future planning.

Jan 2001 - Jun 2002

Network Manager

Naval Technical Training Center

Provides Network administration and management for three Windows NT 4.0 domains with 12 servers and 1000 users. These servers included Microsoft Exchange Server 5.5, Microsoft Proxy Server 2.0, and Microsoft Internet Information Server 4.0. Responsibilities include maintenance of user accounts, policies, and profiles, DNS, WINS, DHCP services and administration of the MS Exchange 5.5 server. Perform server and workstation maintenance, troubleshooting and repair. Review security logs for questionable activity, maintain anti-virus software, and ensure all systems are running latest security patches. Restore failed servers, perform in-place replacements of upgraded servers. Manage help desk for Microsoft Windows NT 4.0, MS Office 97 Professional, Lotus CC-Mail, MS Exchange 5.5, Outlook 98 and 2000, and Internet Explorer for; users. Provide upper management procurement inputs/assessments on new hardware and software acquisitions Technical Liaison between NTTC and external government agencies. Technical Lead for migration of NTTC unclassified administrative LAN to Chief Naval Education and Training (CNET) enterprise WAN. Project manager for transition of Windows NT 4 domains to Windows 2000. This transition included the replacement of 6 DEC Alpha servers with Dell PowerEdge 6400's. Supervised 9 active duty and 4 Government Support Contract System Administrators and Help Desk Technicians.

Feb 1998 - Jan 2001

Network Manager

Washington, Dc, Us

years 11 months Supervised 9 active duty and 4 government support contract administrators and Helpdesk technicians in a Windows NT 4.0 environment with 12 servers and 1000 users.TECHNICAL Databases: SQL Server 2000SUMMARY Platforms: Windows 2003/XP/2000/NT4 Networking: Cisco: ASA/PIX Firewalls, Switches, Routers, IDS, Works, VMS, Catalyst; VPN Concentrator, VLAN, EMC/ESS SAN, Websense, Bluecoat Proxy, Sidewinder Firewalls, Ethernet, ISA Server, IIS 5.0/6.0 Software: MS Office Suite, Exchange, Active Directory, Lotus Notes/Domino, eEye Retina, DISA Gold Disk, Wireshark, Altris, WSUS, Syslog, Adobe, Stony Lake Firewall Reporter, Fluke OptiView II, ADMT, Cluster Manager Page 3 of 3

Feb 1998 - Jan 2001

Ctmc(Ss)

Washington, Dc, Us

1981 - 2001 ~20 yrs
FAQ

Frequently asked questions about Bill Vest, Cissp

Quick answers generated from the profile data available on this page.

What company does Bill Vest, Cissp work for?

Bill Vest, Cissp works for IBM.

What is Bill Vest, Cissp's role at IBM?

Bill Vest, Cissp is listed as Cyber Threat Hunt at IBM at IBM.

What is Bill Vest, Cissp's email address?

AeroLeads has found 3 work email signals at @ibm.com for Bill Vest, Cissp at IBM.

Where is Bill Vest, Cissp based?

Bill Vest, Cissp is based in Milton, Florida, United States while working with IBM.

What companies has Bill Vest, Cissp worked for?

Bill Vest, Cissp has worked for Ibm, The Buffalo Group, Comtech Telecommunications Corp., Gtangible Corporation, and Intelligent Waves Llc.

How can I contact Bill Vest, Cissp?

You can use AeroLeads to view verified contact signals for Bill Vest, Cissp at IBM, including work email, phone, and LinkedIn data when available.

What skills is Bill Vest, Cissp known for?

Bill Vest, Cissp is listed with skills including Network Security, Firewalls, Information Assurance, Security, Cissp, Information Security, Network Administration, and Vpn.

Find 750M verified contacts

Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.