Experience

ThreatWarrior

• United States
• Computer and Network Security
• 1 - 100 Employee

• Cyber Security and Network Engineer

  • Feb 2022 - Mar 2023

  Austin, Texas, United States Assist customers with investigating alerts triggered by ThreatWarrior. Lead customer meetings to ensure customers are utilizing the ThreatWarrior Platform and getting the most out of ThreatWarrior Built, configure, maintain and manage an EVE-NG lab environment containing Palo Alto Firewalls, Windows Servers, Active Directory, Windows Clients, Linux Hosts, Splunk Server, and Cisco Switches to provide an environment for the ThreatWarrior Development Team. Analyzed potential customers… Show more Assist customers with investigating alerts triggered by ThreatWarrior. Lead customer meetings to ensure customers are utilizing the ThreatWarrior Platform and getting the most out of ThreatWarrior Built, configure, maintain and manage an EVE-NG lab environment containing Palo Alto Firewalls, Windows Servers, Active Directory, Windows Clients, Linux Hosts, Splunk Server, and Cisco Switches to provide an environment for the ThreatWarrior Development Team. Analyzed potential customers network traffic to determine the amount of ThreatWarrior sensors needed to provide full coverage of their network. Show less



Washington State Department of Fish and Wildlife

• Senior Network Defense Engineer

  • Sep 2018 - Feb 2022

  Designs, implements, and monitors WDFW network intrusion detection and prevention systems by configuring and managing the Security Information and Event Management (SIEM) solution using PowerShell scripting to develop network security baselines and anomaly detection. Manages IDS and UTM updates and configuration. Performs incident response actions appropriate to the nature of the incident. Develops on the fly identification and quarantine through log analysis scripts to identify… Show more Designs, implements, and monitors WDFW network intrusion detection and prevention systems by configuring and managing the Security Information and Event Management (SIEM) solution using PowerShell scripting to develop network security baselines and anomaly detection. Manages IDS and UTM updates and configuration. Performs incident response actions appropriate to the nature of the incident. Develops on the fly identification and quarantine through log analysis scripts to identify malicious traffic and deploys network based isolation actions through 802.1x, NAC, VLAN and VRF route pruning. Responsible for designing, implementing, and supporting WDFW Enterprise network security solutions both on premise and cloud hosted, across multiple solutions such as Juniper, Palo Alto, and Cisco Responsible for centralized monitoring and logging of network infrastructure devices. Builds network traffic analytics to develop an operational baseline and anomaly detection of NetFlow (Cisco) and sFlow (Juniper), syslog, DHCP log correlation and NAT/PAT analysis. Responsible for threat detection and incident response of network related cybersecurity attacks using a wide variety of tools and knowledge in order to identify hosts, URLs, IPs, ports, protocols, and services (PPS) used in relation to an attack, developing scripts and/or router/switch configurations to monitor and deny malicious traffic. Conducts internal security reviews for new and existing hardware and software requests. Using technical and business alignment, determines and documents agency risk related to new and emerging technology requests. Independently develops the WDFW network defense infrastructure and acts as the technical point of contact for ITS in relation to new and existing network security offerings, both on premise and in the cloud Show less



Washington State Office of Cyber Security

• Senior Security Operations Architect

  • Feb 2014 - Aug 2018

  Olympia WA Performed comprehensive security assessments for state agencies, included it the security assessments are network discovery, system vulnerability assessments, application vulnerability assessments, critical asset identification and system configuration assessments Performed forensics investigation on computer system suspected of misuse or malicious infection Utilizes SIEM technology to detect, analyze, and respond to security events and investigations Provided tier 3 support for the… Show more Performed comprehensive security assessments for state agencies, included it the security assessments are network discovery, system vulnerability assessments, application vulnerability assessments, critical asset identification and system configuration assessments Performed forensics investigation on computer system suspected of misuse or malicious infection Utilizes SIEM technology to detect, analyze, and respond to security events and investigations Provided tier 3 support for the Office of Cyber Security (OCS) SOC in prevention, detection, and response activities Participated in new product and technology evaluations to represent the interests of the Washington State Information Security Program policies and controls Provided requirements for design, configuration, and implementation of security focused tools and solutions Advised and consult on risk assessments, threat modeling, vulnerability management and remediation and deployment of security controls Provided input to refine existing security policies and procedures Provided cyber security incident handling and mitigation activities Maintained relationships with external parties for response efforts Show less



TechWise

• United States
• Defense and Space Manufacturing
• 1 - 100 Employee

• Network Operation Security Center Lead

  • Jan 2012 - Apr 2014

  Joint Base Lewis-McChord, WA Lead the configuration management/network vulnerability testing and remediation Program. Lead the configuration, monitoring and securing of Cisco routers, switches, firewalls and IDPS across 3 different classifications of Department of Defense networks. Installed, configured and tested new network hardware and updates to network software. Planned and implemented network designs and configurations to streamline data flow and network management. Audited and monitored Cisco routers… Show more Lead the configuration management/network vulnerability testing and remediation Program. Lead the configuration, monitoring and securing of Cisco routers, switches, firewalls and IDPS across 3 different classifications of Department of Defense networks. Installed, configured and tested new network hardware and updates to network software. Planned and implemented network designs and configurations to streamline data flow and network management. Audited and monitored Cisco routers, switches, ASAs and IDPS using SolarWinds and eEye Retina. Mentored new employees on the configuration of Cisco routers, switches, ASAs and IDPS and the security standards of the DoD Show less



SAIC

• Information Assurance Specialist

  • Jan 2009 - Dec 2011

  Joint Base Lewis-McChord, Wa Designs, implements, monitors, manages and secures operating systems, networks, network devices, and identifies controls used to enforce various levels of confidentiality, integrity and availability Advises Government and Contract personal on Defense Information Assurance Certification and Accreditation Process (DIACAP). Manages, and maintains the security configuration for network and computing devices on five separate enclaves. Installs, configures, manages and maintains enclave… Show more Designs, implements, monitors, manages and secures operating systems, networks, network devices, and identifies controls used to enforce various levels of confidentiality, integrity and availability Advises Government and Contract personal on Defense Information Assurance Certification and Accreditation Process (DIACAP). Manages, and maintains the security configuration for network and computing devices on five separate enclaves. Installs, configures, manages and maintains enclave boundary defenses to include network based firewalls and intrusion detection/prevention systems. Administers, manages and maintains network monitoring software, Windows operating systems and VMware IE: SolarWinds Orion Network Performance Monitor and Solarwinds Orion Network Configuration Monitor, Cisco Unified Communications Severs, and VMware Workstation 7. Configures, manages, maintains, and advises on the Information Assurance Vulnerability Alerts (IAVMs) release by the Defense Information Systems Agency (DISA) for network and operating systems. Manages, maintains, configures, and troubleshoots Cisco Networks across LAN and WAN topologies. Performs upgrades, maintenance, trouble shooting, and backups to minimize downtime. Show less



Cubic Corporation

• United States
• IT Services and IT Consulting
• 700 & Above Employee

• Comm. Network and VTC Tech.

  • May 2008 - Jan 2009

  Fort Lewis, WA Planned, configured, and installed data and communications networks across the BCTC Campus and Yakima Training Center to support US Army training events. Installed, configured, managed, monitored, troubleshot, and integrated Network devices with existing secure and non-secure networks. Provided support for Military units conducting VTC’s with various operational locations throughout the world. Managed, maintained, configured, and troubleshot Cisco Networks across LAN and WAN… Show more Planned, configured, and installed data and communications networks across the BCTC Campus and Yakima Training Center to support US Army training events. Installed, configured, managed, monitored, troubleshot, and integrated Network devices with existing secure and non-secure networks. Provided support for Military units conducting VTC’s with various operational locations throughout the world. Managed, maintained, configured, and troubleshot Cisco Networks across LAN and WAN topologies. Provided support of unified, telecommunications, and network services to aid the US Military in accomplishing their missions. Administrated, managed and maintained SolarWinds and Cisco Unified Communications Severs. Performed upgrades, maintenance, trouble shooting, and backups to minimize downtime. Show less



Volt Contract for Microsoft

• Operations Engineer

  • Mar 2008 - May 2008

  Provided on the fly trouble shooting for Windows Server 2003, XP, and Vista. Managed and maintained 8 labs with over 1,000 severs and 1,500 PC's. Installed and maintained Windows CE tests environments. Managed and Maintained Cisco switches.



US Army

• United States
• Armed Forces
• 700 & Above Employee

• Network Administrator

  • Aug 2002 - Mar 2008

  Multiple Managed the transmission methods, transport formats, and security measures used to provide integrity, availability, authentication and confidentiality for transmission over private and public communications networks and media. Installed, configured, secured, monitored, troubleshot, and integrated Network devices with existing secure and non-secure networks. Administrated and managed Windows Enterprise Server 2003, Microsoft Exchange Server 2003, and Active Directory. Provided quick and… Show more Managed the transmission methods, transport formats, and security measures used to provide integrity, availability, authentication and confidentiality for transmission over private and public communications networks and media. Installed, configured, secured, monitored, troubleshot, and integrated Network devices with existing secure and non-secure networks. Administrated and managed Windows Enterprise Server 2003, Microsoft Exchange Server 2003, and Active Directory. Provided quick and reliable solutions to problems with Network devices, Windows Servers, and PC's. Verified and ensured availability of network services to include Windows Enterprise Server 2003, Microsoft Exchange Server 2003, Active Directory, Breeze/Connect, and Web Services. Administrated, managed, and maintained Server and Network operations during multinational training events that supported in excess of 2000 user in multiple locations over Asia. Managed the integration and setup of Solarwinds and Cisco Works Server for network monitoring, configuration and management. Show less