CEO/Principal Consultant

• Jul 2011 - Present

Critical Solutions, LLC is a trusted partner in providing industry expertise in Cyber Security services. We are focused on attracting the top talent in the industry. Our ability to stay abreast with the ever growing cyber landscape stems from our dedication to providing our team with continuous education through conferences, training and mentorships. • Computer Network Defense• Cyber Threat Intelligence• Incident Response• Security Assessments• Fusion Operations• Innovation and Optimization

Digital Media/Malware Analyst

• Jul 2011 - Present

•Utilize Encase to acquire computer images and perform host-based analysis to confirm infections, extract malware artifacts, and conduct digital forensic analysis to identify infection vectors. •Perform dynamic analysis of malware samples in a controlled environment to study their characteristics and behaviors to provide both host based and network based indicators of compromise to facilitate fast and better incident response process. •Perform static code analysis of malware sample to confirm/overcome obstacles presented by more advance malwares using debugging and disassembling tools (e.g. olly, IDAPro, JAD-Gui, ILSpy, etc..)•Conduct threat research and monitor sources for malware samples utilized by advanced threat actors•Implement security improvements by assessing current network security posture; evaluating on going trends; anticipating new requirements. •Develop SIEM detection content and signatures (YARA and SNORT) for various security products and ensure the threat detection tools stay up-to-date with the most current signatures for exploits and vulnerabilities. •Contribute to SOC maturity projects as a task lead and a SME for the areas of incident response and Monitoring and Analysis. •Support department incident response fly-away missions to include compromise assessment and hunt missions at agency and partner sites. Proficient in various tools used for the hunt such as Snort, Limon (sandbox), Cuckoo, Security Onion, BroIDS (Zeek), ELK, Sguil•Create advanced and complex SPL searches to identify suspicious and anomalous activity•Produced SOPs, playbooks and brown-bags to help cross train and develop skills for junior analysts•Authored scripts to perform host artifact collection and basic triage.•Support the SOC monitoring and analysis team as the senior analyst to review of high visibility and priority investigation.•Act as a liaison between the customer and program to ensure objectives are met

Vulnerability Assessment Penetration Team Lead

• Jan 2016 - Jan 2018

• Worked with Information Systems Security Officers (ISSOs) and System Owners to define scope of assessments and drafted Rules of Engagement for requested assessments • Worked with ISSOs to design targeted penetration testing based on cyber threat analysis to emulate known threat actors to the systems.• Researched and analyzed known hacker methodology, system exploits and vulnerabilities to support Red Team Assessment activities.• Lead Red Team Assessments to conduct offsite and onsite penetration tests, starting from reconnaissance phases to pivoting to identify weakness in system(s) to exploit.• Performed host, network, and web application penetration tests.• Conducted vulnerability security assessment interviews.• Crafted and conducted phishing campaigns to compromise targeted users within scope of ROE• Conducted vulnerability and compliance check to provide additional recommendations for post assessment review.• Created written reports, detailing assessment findings and recommendations.• Provided oral briefings to leadership and technical staff, as necessary.

Senior Security Malware Analyst

• Dec 2010 - Jul 2011

Provided insight on network intrusion detection for junior analysts.Analyzed suspicious software to identify malicious files and associated command and control hostnames and IP addresses. Provided trending reports in relation to on-going malware campaigns and bad actors’ latest tactics, techniques, and procedures specific to software packing methods.Created IDS signatures to match newly discovered techniques employed by the malicious actors.Monitored IDS logs for rule tuning and incident reporting.

Network Engineer

• Sep 2009 - Dec 2010

Managed firewalls and routers. Implemented changes to ensure a good balance between security and availability for network resources.Planned and executed network migration for extranet sites. Managed firewalls and routers. Implemented changes to ensure a good balance between security and availability for network resources.Planned and executed network migration for extranet sites.

Digital Media Analyst

• Mar 2009 - Sep 2009

Trended targeted phishing campaigns to help identify and implement protective measures against malicious actors.Analyzed suspicious software to identify malware and associated command and control hostnames and IP addresses. Provided trending regarding on-going malware campaign and bad actors’ latest techniques and packaging methods. Trended targeted phishing campaigns to help identify and implement protective measures against malicious actors.Analyzed suspicious software to identify malware and associated command and control hostnames and IP addresses. Provided trending regarding on-going malware campaign and bad actors’ latest techniques and packaging methods.

sergeant

• Jul 2000 - May 2009