Sr. Strategic Security Advisor

• Sep 2022 - Present

- Provide professional level best practice consultation to better secure client organizations including security program management, policy and playbook creation, tabletop exercises, security platform recommendations, and executive level briefings. - Provide risk-based vulnerability management services consultation including weekly and monthly reporting, and remediation prioritization. - Provide professional level best practice consultation to better secure client organizations including security program management, policy and playbook creation, tabletop exercises, security platform recommendations, and executive level briefings. - Provide risk-based vulnerability management services consultation including weekly and monthly reporting, and remediation prioritization.

Senior Security Engineer

• Feb 2022 - Sep 2022

Senior Cybersecurity Operations Analyst

• Jul 2021 - Feb 2022

- Operational SME support of EnCase Forensics and EnCase Endpoint Security across 5000+ devices- Responsible for analyzing all incoming Cyber Threat Intelligence, incorporating all Indicator of Compromises into our existing security tools, and disseminating all information to key shareholders within the contract and SAIC as a whole- Responsible for Process and Policy documentation spanning the tier 3 and tier 2 duties- Responsible for Security Incident Response Team (SIRT) notifications and incident handling leadership- Perform escalated analysis of triaged security events from Tier 1 and Tier 2 analysts- Follow the security incident lifecycle to completion including investigation, response, and follow-up actions- Guiding and training Tier 1 and Tier 2 analysts Show less

SOC Team Lead

• Sep 2019 - Jul 2021

- Operational support of all assigned security tools, including advanced administration, configuration and tuning of Vulnerability management and threat intelligence specific tools- Represent SAIC for the Vulnerability Management / Threat Intel tools posture to C-level client executives during the transition and operational phases of the contract - Led a team of five Tier 2 analysts spanning Vulnerability Management, Threat Intelligence, Forensics, Incident Response- Responsible for shift staff attendance, End of Shift (EOS) reports and turn over- Responsible for P1 notifications and incident handling leadership- Perform escalated analysis of triaged security events from Tier 1 and Tier 2 analysts- Follow the security incident lifecycle to completion including investigation, response and follow-up actions- Guiding and training Tier 1 and Tier 2 analysts- Threat hunting based on approved threat hunting theory Show less

Senior Cyber Intelligence and Vulnerability Assessment Analyst

• Jan 2019 - Sep 2019

- Operational support of all assigned security tools, including advanced administration, configuration and tuning of Vulnerability management and threat intelligence specific tools- Represent SAIC for the Vulnerability Management / Threat Intel tools posture to C-level client executives during the transition and operational phases of the contract - Responsible for shift staff attendance, End of Shift (EOS) reports and turn over- Responsible for P1 notifications and incident handling leadership- Perform escalated analysis of triaged security events from Tier 1 analysts- Follow the security incident lifecycle to completion including investigation, response and follow-up actions- Guiding and training Tier 1 analysts- Threat hunting based on approved threat hunting theory Show less

Security Engineer - Vulnerability Management

• Apr 2018 - Jan 2019

- Oversee the entire Vulnerability Management as a Service program- Assist multiple companies with improving their patch management process- Work closely with other departments on training, demos, and projects- Implement Qualys across a wide range of customers and give recommendations tailored to each environment- Utilize Kenna for patching recommendations to deliver best use of money and time for the customers- Collaborate with Research and Development on projects designed to enhance the company’s MSSP services Show less

Sr SOC Analyst

• Jan 2017 - Apr 2018

- Overseeing the analysts on shift, on a day to day basis- Assisting in creating and implementing a training plan for interns / new hires- Assisting Engineering and Content Development with customer ticket resolution and closure- Event monitoring using both the ArcSight ESM SIEM Console and Splunk.- Watch active channels/dashboards and replay and interpret events.- Create annotations, reports, cases and incident reports for customers.- Investigate incidents using channels, event graphs, annotations, cases, reports and trends.- Recognize patterns or inconsistencies that could indicate complex cyber attacks.- Recommended improvements to service, efficiency and quality of work.- Develop and documented appropriate troubleshooting techniques.- Demonstrate excellent communication and customer care skills.- Continuously meet defined service level agreements regarding response time and customer notification.Experience with monitoring several log sources such as Cisco ASA, Palo Alto PAN-OS, Snort, Cylance, Crowdstrike, McAfee ePO, Websense, Bluecoat Proxy, TrendMicro TippingPoint, Wildfire, Sophos AV, Symantec AV, Kaspersky AV, IronPort, FireEye, Microsoft SCCM, Reblaze, Imperva WAF & Microsoft AD. Show less

SOC Analyst

• Aug 2016 - Jan 2017

- Event monitoring using a ArcSight ESM SIEM Console.- Watched active channels/dashboards and replay and interpret events.- Created annotations, reports, cases and incident reports for customers.- Investigated incidents using channels, event graphs, annotations, cases, reports and trends.- Recognized patterns or inconsistencies that could indicate complex cyber attacks.- Recommended improvements to service, efficiency and quality of work.- Developed and documented appropriate troubleshooting techniques.- Demonstrated excellent communication and customer care skills.- Met defined service level agreements regarding response time and customer notification.Experience with monitoring several log sources such as Cisco ASA, Palo Alto PAN-OS, Snort, Cylance, Crowdstrike, McAfee ePO, Websense, Bluecoat Proxy, TrendMicro TippingPoint, Wildfire, Sophos AV, Symantec AV, Kaspersky AV, IronPort, FireEye, Microsoft SCCM, Reblaze, Imperva WAF & Microsoft AD. Show less

Associate, IT Security Consultant

• Sep 2014 - Jun 2015

-Perform PCI, HIPAA, HITECH and SOC security assessments and compliance audits for clients across multiple industries, including, but not limited to, banks, retail merchants, healthcare providers and business associates, and payment card service providers -Developing an in-depth understanding of key business processes, business risk assessment, audit planning, development of audit programs, and testing of internal controls of critical business areas, supporting applications and data centers. -Evaluate results of test work, develop recommendations to mitigate residual risks or improve efficiency operations, and deliver recommendations to client management -Assist with vulnerability assessments and other security consulting engagements. Assess policies, procedures, and documentation against industry's best security practice -Map client's IT and security controls to standard control frameworks such as ISO27002, GLBA, FFIEC, HNAP, FSAP, BITS, and NIST -Identify risks to sensitive data, such as storage of unprotected PAN for PCI or unprotected PII data for HIPAA, FISMA, and GLBA -Create guidelines and documentation on possible resolutions for any Non-Compliant issues or GAPs in the environment -Writing the Report on Compliance, Attestation of Compliance, and/or GAP Analysis from start to finish on all assigned projects -Maintained constant contact with clients to inform them of the status of project(s) as well as any issues or findings that needed to be resolved -Performed quarterly Wireless scans to meet PCI Requirement 11.1 for clients by utilizing Heat Mapper and a wireless scanner Show less

Engineer 1

• Mar 2013 - Sep 2014

-Validating device builds prior to commercialization -Ensuring new Android OS features work as expected before being released to Original Equipment Manufacturers and developers -Assisting in procedural and workflow documentation -Validating device builds prior to commercialization -Ensuring new Android OS features work as expected before being released to Original Equipment Manufacturers and developers -Assisting in procedural and workflow documentation

ITSSO Specialist

• Jul 2012 - Oct 2012

-Resolved technical issues with employees workstations/printers to maintain operational readiness -In charge of setting up new and replacement workstations for employees using Microsoft System Center -Utilizing VSphere to monitor Virtual Servers performances to maintain uptime -Assisted in setting up employees accounts and privileges in Active Directory and Exchange -Assisting in finding ways to better facilitate the IT department while cutting costs -Resolved technical issues with employees workstations/printers to maintain operational readiness -In charge of setting up new and replacement workstations for employees using Microsoft System Center -Utilizing VSphere to monitor Virtual Servers performances to maintain uptime -Assisted in setting up employees accounts and privileges in Active Directory and Exchange -Assisting in finding ways to better facilitate the IT department while cutting costs

Test Technician, Senior

• Mar 2011 - Jun 2012

-Validating device builds from Original Equipment Manufacturers prior to commercialization -Consistently completing testing procedures earlier than the projected dates -Ensuring new Brew MP SDK Tool features work as expected before being released to Original Equipment Manufacturers and developers -Assisting in procedural and workflow documentation -Validating device builds from Original Equipment Manufacturers prior to commercialization -Consistently completing testing procedures earlier than the projected dates -Ensuring new Brew MP SDK Tool features work as expected before being released to Original Equipment Manufacturers and developers -Assisting in procedural and workflow documentation

Technical Support Specialist

• Aug 2010 - Dec 2010

-Assisted in resolving technical issues with H&R Block employees to maintain operational readiness -Maintained a 95% first call resolution while receiving a positive grading from Clients every week -Provided excellent technical support via remote access, with a strong emphasis on Customer Satisfaction -Documented every call on a ticketing system, handling an incoming call volume of 40-60 calls daily -Assisted in resolving technical issues with H&R Block employees to maintain operational readiness -Maintained a 95% first call resolution while receiving a positive grading from Clients every week -Provided excellent technical support via remote access, with a strong emphasis on Customer Satisfaction -Documented every call on a ticketing system, handling an incoming call volume of 40-60 calls daily

Aviation Boatswain Mate - Equipment

• Sep 2005 - Jul 2009

-Operate and maintained steam catapults and arresting gear on USS Nimitz -Performed organizational maintenance on hydraulic and steam catapults, barricades, arresting gear and engines -Controlled catapult launch and arresting consoles, firing panels, water breaks, blast deflectors and cooling panels -Successful launch and recovery of naval aircraft -Operate and maintained steam catapults and arresting gear on USS Nimitz -Performed organizational maintenance on hydraulic and steam catapults, barricades, arresting gear and engines -Controlled catapult launch and arresting consoles, firing panels, water breaks, blast deflectors and cooling panels -Successful launch and recovery of naval aircraft

Warehouse Supervisor/Field Tech Assistant

• Jul 2003 - Apr 2005

-Assisted Operations Manager with warehouse record keeping and asset control -Ordered and maintained stock for all Technicians -Staged Telecommunication systems, Telrad, Avaya, Samsung for Technician retrieval -Pulled and punched down cat.3, cat.5, cat 5e, and cat. 6 plenum and non-plenum cables -Worked closely with Operations Manager to maintain the on-site network and computers -Troubleshot network issues both on and off site -Maintained Firewall and network for Riverside, CA office Show less