TECHNICAL SKILLS:

Computer Forensics Network traffic Analyzers Vulnerability Scanners: FTK Wireshark Nessus, EnCase Nmap

Web Scanners Exploitation Memory Analysis Tools : Nikto Metasploit Volatility - Redline

PROFESSIONAL EXPERIENCE:

Cyber Counterintelligence Threat Analyst

Confidential, Fort Belvoir, VA

Responsibilities:

• Cyber Counterintelligence Analyst assigned to the DTRA Counterintelligence and Analysis Branch
• Provides analytical reports, products and briefings to DTRA leadership and personnel regarding CI support to Cyber Operations
• Utilize data correlation tools to formulate appropriate queries, conduct data mining, and to analyze collected network data.
• Conduct investigations into computer network intrusions into DTRA government and public assets
• Conducted computer forensic examinations and produced analytical reports on findings.
• Conducted dynamic malware analysis and identification and produced analytical reports on findings.
• Identifying opportunities to identify and characterizing threat actors
• Collaborate with the DTRA Network Cybersecurity Service Provider in the planning, and implementing projects to improve overall DTRA network security
• Provides analysis and support to Cyber Counterintelligence investigations and activities
• DTRA Cyber CI representative to the National Cyber Investigative Joint Task Force (NCIJTF)
• Collaborate with NCIJTF partner organizations to identify and characterize threat actors
• Conduct analysis of network traffic through the use of specialized tools at the NCIJTF to characterize and identify the tools, tactics, and procedures utilized by CNE actors.

Senior Cyber Intelligence Analyst

Confidential, Chantilly, VA

Responsibilities:

• Assigned as NCIS’s Liaison Officer (LNO) to the National Cyber Investigative Joint Task Force (NCIJTF). Responsible for the coordination and deconfliction of NCIS investigations, operations and intrusion responses with NCIJTF’s partner agencies from the DOD, Intelligence Community, Federal Law Enforcement, other US government agencies and FVEY partners.
• Manage the activities of NCIS Intelligence analysis and other Navy/Marine Corps personnel while assigned to the NCIJTF. Coordinate the production of joint intelligence products with the NCIJTF.
• Coordinate NCIS participation in national/international campaigns to prevent and disrupt computer intrusions into U.S. government and Cleared Defense Contractors (CDC) networks.
• Represent NCIS at meeting held with partner agencies, the Executive Branch, FVEY partners and public sector.
• Assist in coordinating NCIS Cyber Field Office (CBFO) CNE investigations with the FBI, Air Force Office of Special Investigations (AFOSI), DSS and Army Counterintelligence.
• Assist in coordinating NCIS CBFO’s participation in incident responses of Navy/Marine Corps and CDC networks with the FBI and DSS to include the passage of forensic and or investigative finds
• Ensure that NCIS leaders are kept apprised of emerging Cyber threats, trends, and evolving national policy as it relates to Cyber threats against the US
• Assist in writing and critiquing operational plans, briefs, and assessments, as they relate to NCIS Cyberspace operations
• Conduct analysis of network traffic through the use of specialized tools at the NCIJTF to characterize and identify the tools, tactics, and procedures utilized by CNE actors. Determine the extent of a network compromise, identify the type, and amount of military and export controlled data covertly exfiltrated from CDC Networks

Cyber Counterintelligence Analyst

Confidential, Bethesda, MD

Responsibilities:

• Assigned to the Office of the National Counterintelligence Executive (NCIX), Technical Counterintelligence and Cyber Threat Directorate (TCIC), Interagency Cyber Counterintelligence Coordination Cell (IC4).
• IC4 detailee to the FBI Counterintelligence Division, Joint Targeting Intelligence Group (JTIG) to program manage an IC4 sponsored program. Coordinate and conduct analysis of reports of investigation and intelligence community reporting on computer network attacks to determine tactics, techniques, and procedures (TTP) of foreign intelligence services cyber actors. Assist in developing countermeasures to identify, prevent and disrupt computer intrusions into U.S. government and Cleared Defense Contractors (CDC) networks.
• Conduct analysis of network traffic via packet captures through the use of specialized tools at the National Cyber Investigative Joint Task Force - Information Operations Group (NCIJTF-IOG) to characterize the extent, type, and amount of military and export controlled data covertly exfiltrated. Utilizes OSINT techniques to investigate threat activity, write analytical reports on findings.

Cyber Intelligence Analyst June

Confidential, Chantilly, VA

Responsibilities:

• Assigned to the NCIJTF-Information Operations Group (IOG) to support its multiple national-level agencies. Conducted analysis of network traffic to identify military and export controlled data covertly exfiltrated from U.S. government, CDC, and other U.S. based business networks. Conduct information analyses and characterization to determine the extent, type, and amount of military and export controlled data covertly exfiltrated out of these networks. Utilized OSINT techniques to investigate threat activity, wrote analytical reports on findings.
• Analyzed computer network traffic via packet captures through the use of specialized tools to discover cyber attackers’ TTPs. Produced analytical reports on findings.
• Conducted dynamic malware analysis and identification. Produced analytical reports on findings.
• Member of NCIJTF - IOG Threat Focus Cells. Assisted in countermeasure development to prevent and disrupt foreign intelligence services cyber actor’s computer intrusions into U.S. government and CDC networks.

National Program Manager

Confidential, Washington, DC

Responsibilities:

• Coordinate the activities of twenty (20) HSI computer forensics agents’ located across the US involved in digital media exploitation of digital media storage devices and cellular telephones of persons of national security interest.
• HSI and/or DHS representative to international and domestic meetings concerning terrorist use of the Internet. Assisted DHS International Affairs in writing responses and or proposals to international initiatives to combat extremist/terrorist use of the Internet. HSI and/or DHS representative to Executive Branch working group responsible for the development of the US national policy to combat terrorist and/or insurgent use of the Internet.

Senior Special Agent

Confidential

Responsibilities:

• Primary HSI representative to the National Cyber Response Coordination Group (NCRCG) NCRCG
• Managed Jihadist Web Investigation Cell, utilizing Open Source Intelligence Techniques (OSINT) techniques to monitor and investigate Jihadist web activity.
• Assigned responsibility of conducting a security review of all Customs/HSI undercover websites
• Participated in conducting security review of C3 undercover network and hosts
• C3’s COMSEC custodian
• HSI SME on Wi-Fi investigations; conducted the first successful Wi-Fi criminal investigations.
• Conduct evaluation of Wi-Fi Intrusion Detection Systems (WIDS). Develop WIDS training