SUMMARY

• Highly self motivated Network and Intelligence Engineer, possesses over 20 years of experience, leadership and managerial expertise in all network security operation environments.
• Well diverse in both network and Sigint Intelligence analysis; able to use and implement the OSI model, TCP/IP, ArcSight, Snort, Splunk, Sourcefire, OSSEC, and various other monitoring and trouble  shooting tools on a daily basis.
• The ability to analyze Signal Intelligence collection, dataflow, scripting, counter terrorism, target analysis, Satellite communication, regional and site development, and cable installation. Implement Standard Operating Procedures for a variety of operating system equipment such as servers, routers, modems, and other related hardware use to getting the mission done in a timely manner.

TECHNICAL SKILLS

HARDWARE:  Installation, configuration and maintenance of PC, LAN/WAN components on Sun,TCP/IP, Microsoft Network Servers, Unix Servers, Crypto machines, Cisco servers, HVAC, ATM systems, Xkeyscore, Pinwale, Cisco Switches and routers, Tivoli Access Manager (TAM), Tivoli ID Manager (TIM), Sinegar Radio

SOFTWARE: Lotus Notes, Jira, SharePoint, remedy ticket, Adobe Frame maker, Red hat Linux, all Microsoft Windows O/S, NT, UNIX, Confidential Open view, MS Office Suite, Confidential Sm7, Solaris, Red Hat, Linux, Netbotz, Maxview,  ArcSight, Splunk, Lotus notes, Naurus Insight, OSSEC, Source fire, Wireshark.

PROFESSIONAL EXPERIENCE

Confidential

Senior Network Engineer

• Use various tools such as ArcSight, Sourcefire, Splunk, Snort, and Wireshark to respond security events and incidents from various NOC and SOC locations around the world that has lost data, potential virus infections, and intrusion alerts within 30 minutes of receipt of event/incident modification.
• Monitor the security of critical systems and changes to highly sensitive computer security controls to ensure appropriate system administrative actions, investigate and report on noted irregularities
• Developed and reviewed candidate technology packages for the Technical Insertion (TI) process.
• Researches and develops incident reports and tippers for collaboration with analysts.
• Provided understanding of how US-CERT conducts network analysis and network intelligence analysis for NCPS to develop E3A architecture and mission critical tools.
• Developed and reviewed candidate technology packages for the Technical Insertion (TI) process.

Confidential

Information Security Analyst

• Program Lead with a team of analysts on a year-long disruptive technology threat study.
• Able to document and present after action reports to management. Conducts demos for a variety of audiences ranging from technical analysts to technical and non-technical SESes.
• Develops daily, weekly, and monthly reports and metrics for delivery to SES audiences.
• Performs functional analysis, timeline analysis, detail requirements that are allocated for customer requirements then translated into hardware and software specifications. Pioneered quality assurance on contract deliverables, monthly status reports, and task closeout procedures.

Senior Network Engineer

• Assisted in development of timing and in-line network encryptor security mechanisms in Block Three architecture based on background knowledge of High Assurance Internet Protocol Encryptors (HAIPEs).
• Provided understanding of the network analyst and network intelligence analyst tactical, operational, and strategic duties and responsibilities to facilitate US-CERT reorganization.
• Evaluated unclassified target networks at the classified level to pinpoint vulnerabilities and develop attack plans, targeting methodologies with impact and feasibility risk calculations, evaluated system architectures, and crafted personnel, resources, knowledge, cost, and timeline estimates for an attack
• Conducted research, shaped team and technical whitepaper clients via direct interaction with clients, and served as a subject matter expert for military-related scenarios.
• Assisted with program management and oversight as part of the engineering team on variety of network assessments and documentation.
• Conducted traceroutes to discover access routers to name server, mail server, and web host locations.
• Provided Technical Support on Engineering, Installation, Operations and Maintenance of GSM Systems (Global System for Mobile Communications)

Confidential

Senior Network Engineer

• Technical liaison between NSA and the HAIPE stakeholder community (vendors, coalition partners, and other agencies) for all formal and informal communication including information sharing, data calls, and facilitating and presenting at working group meetings.
• Provide rapid response in the event of a security incident. Damage assessed and contained quickly; customer data protected; the root cause found, accurate record of events and losses generated.  High profile responsibility, involves the cooperation of several different work areas.
• Intrusion detection, virus protection, and other investigative responsibilities, such as forensics, data analysis, customer follow-up, and briefings area and essential elements of securing the enterprise-computing environment. 
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools
• Maintained Visual Source Safe database for version control of both the unclassified and classified HAIPE Interoperability Specification (HAIPE IS).

Network Operation Team Lead

• Managed, monitored, and operated a 24x7 Operation Watch Floor where I maintain control and set priorities on over 30 different Systems and programs  using dataflow charts, SONET, Maxview, SDH, Netbotz, Confidential Openview, Satellite identification, TDM/PCM, Cisco routers and Crypto encryption machines.
• Prepared briefings including target information and key findings for Government client.
• Researched and performed network intelligence analysis with a combination of network analysis tools, open source information, and hypothetical examples of classified information to conduct targeted searches against nation-state, organized crime, and terrorist organization threat actors for the purposes of attribution.
• Researched and performed email analysis. Performed open source Google hacking analysis with targeted open source web browser and metadata searches.

Sigint Analyst Mission Manager

• Monitored and reported on international information through various channels of communication and exploits which were used for determining foreign military capabilities. Reviewed and wrote Mission Control Notes (MCN) and SOP’s.
• Manage and monitor collection, analysis, and reporting of Critical Information that was used to report to Executive management and Confidential . Performed quality control, equipment maintenance and performance reports, and personnel award programs. Helped and assisted in relieving demodulating, visually displaying, and formatting of non-morse data transmissions on a day to day basis.
• Planned, Directed and Coordinated On the job training used to support the Watch floor and fulfill customer(s) different guidelines Sop’s and directives. .