Information Security Analyst and Researcher
Computer & Network Security | Washington D.C. Metro Area, US
I am a full time Technical Lead in the Mantech Security Operations Center. I act as a subject matter expert on network security monitoring, incident response, and threat intelligence.
I am also completing my degree at Penn State University majoring in Information Science and Technology with a focus on System Design and Development with an Information Assurance option, completing my degree part time through independent research.
Specialties: Network security, Unix Client Security, Unix Server Security, Windows Client Security, Active Directory, Group Policy, Vulnerablity Assessments, Network Auditing, Host Auditing, Wireless Auditing.
2010 - Present
SOC Technical Lead / ManTech International
Jun
2008 -
Mar
2010
Security Consultant / Mandiant
Jan
2007 -
Jun
2008
Threat Analyst: Managed Security Services / Symantec
- Conducting threat analysis for Symantec global Managed Security Services three primary teams, spanning 450+ enterprise customers, spread over four contents, ranging from Financial Services to National Infrastructure.
- Providing documentation, research analysis, handling instructions, as well as customer facing reports and analysis.
- Functional conduit between regional analysis teams and Symantec’s world wide information security intelligence group, Deepsight, conducting specific customer and industry analysis to support Deepsight research and findings.
- Architecting redesign of the Security Operations Center Technology Platform, including key initiatives, in support of creating a new world class analysis console and back end.
- Leading the effort to redevelop six week security analyst training curriculum to develop trainee analysts to deal with cutting edge threats.
Apr
2006 -
Jan
2007
Security Analyst: Managed Security Services / Symantec
- Performed advanced network threat analysis, validating attacks and accessing impact for Fortune 500 and private enterprise clients of various industries.
- Provided appropriate tactical and strategic recommendations to clients for incident remediation and proactively preventing future attacks.
- Collaborated with client security teams, third party consultants, and Symantec in-house engineering to implement recommended security countermeasures.
- Researched current vulnerabilities, attacks, and appropriate countermeasures, as well as producing internal documents to educate other analysts.
Oct
2004 -
Apr
2006
Curriculum Designer / Penn State University's NSA Center for Information Assurance Excellence
- Created teaching materials, focused on hand on laboratory exercises, to be used in Information Security classes under a grant from the National Science Foundation.
- Proctored lab sessions using these exercise, providing guidance and extending the educational experience for students.
- Completed multiple accepted, juried research papers submitted to various Academic Information Security Conferences.
Jun
2005 -
Aug
2005
Network Security Intern / The Hershey Company
This was my third summer with Hershey and a very different experince from the previous two. This summer I spent much of my time working more as a Security Architect than a Security Analyst, focusing my time on writing new policies, evaluating new technologies, and helping to prepare Hershey for current and upcoming threats. I also worked on increasing our utilization of current investments and auditing our current technologies and practices.
May
2004 -
Aug
2004
Intern Information Security Analyst / Hershey Foods Corporation
Focused primarily on desktop specific issues. Extensive time spent on systems auditing and hardening, policy compliance, investigations and forensics, wireless exposure testing, and technology evaluation. Also deeply involved in document creation, creating security summaries, position papers, threat analyses for executive management, and other technical writing tasks.
-
2011
-
2012
Penn State University
BS
in
Information Science & Technology
-
2004
-
2006
Penn State University
B.S.
in
Information Science and Technology: System Design and Development
-
2003
-
2003
University of Maryland Baltimore County
BS
in
Computer Science
-
2002
-
2003
Shippensburg University of Pennsylvania
BS
in
Computer Science
Activities: Student Researcher in collaboration with facility, Programming Team member
-
Websites:
-
Honors:
•GIAC Certified Incident Handler (GCIH)
•Holder of the DoD NSTISSI No. 4011: Information Systems Security Professional Certification.
•Paper Review Committee Member - 10th & 11th Colloquium for Information System Security Education.
-
Interests:
Cyber Threat Intelligence, Intelligence Driven Network Security Monitoring, Exploit Techniques and Defense, Information Assurance Teaching and Training, Information Warfare & Espionage