Yyyyyy x. yyyyyy

0000 xxxxxx xxxx , xxxx , xxxxx 00000 xxx-xxx-xxxx ● abc@xyz.com

Insider Threats ~ Malware ~ Reverse Engineering ~ Information Assurance

         Substantial experience in network security including threat and vulnerability analysis, malware & intrusion detection and prevention, code review, IT infrastructure controls, risk management, and security strategy.

         Proficiency in meticulously monitoring logs for unusual or suspicious activity encompassing servers, workstations, firewalls, intrusion detection systems, and anti-virus/malware programs. 

         Exceptional talents in identifying malicious code and traffic through traffic analysis, threat vectoring, honeypot traps, and classified means.

         Highly skilled in applying and enforcing disaster recovery strategies and contingency plans to defend and preserve business-critical and extremely sensitive information.

         Adept at collecting intelligence on pending attacks, and well-versed in attack countermeasures.

         Possess an active DoD Secret Security Clearance, and capable of renewing prior DoJ Public Trust and NACI clearances.

         Multilingual (English, Spanish, Chinese Mandarin, Chinese Taiwanese) with outstanding analytical, problem solving, root cause analysis, troubleshooting, and critical thinking skills.

CACI International, Inc., 2016 to Present

Senior Security Engineer / PenTester

         Perform automated and manual interception of traffic using Burp Suite at Mark Center (Pentagon).

         Leverage SQL injections to uncover possible internal information, closely examine traffic payload, simulate response/attack on client, and research broad-based exploits to detect vulnerabilities.

         Conduct compliance checks at Taylor Building (Pentagon) in tandem with multiple departments to obtain compliance score cards for weekly, monthly, and annual report.

         Execute automated tests in IBM AppScan and manually intercept traffic using Burp Suite through proxy to loopback address (local machine).

         Investigate and justify non-compliance incidents, document findings, test multiple Hacked the Pentagon projects, and repeat PenTest manually.

ManTech International Corporation, Inc., Washington, DC, 2016

Senior Cyber Threat Analyst

         Administered Mission Cyber & Intelligence Solutions for Consumer Financial Protection Bureau.

         Analyzed signatures in Cisco SourceFire and FireSIGHT to verify alignment with payload in Security Operations Center environment, monitored sensors, validated alerts, and collected threat intelligence.

CACI International, Inc., Washington, DC, 2015

Information Assurance Specialist III

         Methodically conducted network traffic analysis for Department of Commerce International Trade Administration in a Security Operations Center environment.

         Verified alerts were true positive and ensured legitimize traffic remained unblocked using Carbon Black (formerly known as bit9) and Palo Alto Networks.

         Joined forces with Department of Commerce Computer Emergency Response Team (CERT) and US-CERT on latest cyber threats, and performed intelligence & threat gathering.

         Performed Splunk searches on logs to reveal source IP addresses, Indicator of Compromise (IOC), and/or Pattern of Attacks (POAs).

Continued ►

Yyyyyy x. yyyyyy Page 2 of 3

APEX Systems, Inc., Fort Meade, MD, 2014 to 2015

Information Assurance Engineer / Security Engineer

         Supported Lockheed Martin Corporation/Defense Information School by performing malware analysis, monitoring network, investigating threats, installing security software, and examining daily scan results.

Experis, Bethesda, MD, 2014

Information Assurance Engineer

         Supported SpecPro / Walter Reed Team at National Medical Center by identifying potential malware threats on network, inspecting logs daily (FireEye, Splunk, Encase, ArcSight) for malicious activity, and scrutinizing spam/proxy to administer deny or accept traffic.

         Authorized or denied traffic at firewall and on SYSLOG, scanned computers via SCAP method to ensure compliance, and leveraged McAfee IntruShield IPS to determine source, destination, and country of origin.

The Goal Inc., Dulles, VA, 2013

Information Assurance Specialist / Intel Analyst

         Provided comprehensive IA security expertise to Booz Allen Hamilton/Drug Enforcement Administration/FBI Cyber Operation Response Center.

         Assessed potential security threats through intelligence gathering, collaborative monitoring with other law enforcement agencies, and hardening of systems through best practices.

         Scanned operating systems, patched application vulnerabilities, and created shell script to protect systems from known exploits.

McKean Defense Group (Convergez LLC), Washington, DC, 2012 to 2013

Desktop Scan and Remediation Expert / IA Analyst / Vulnerability Scanner

         Supported Naval Surface Warfare Center/Naval Surface Area US Navy Tiger Team by conducting in-depth scans, identifying exposures via Retina Vulnerability Scanner, and remediating servers and workstations running Windows O/S.

Enterprise Business Solutions, Falls Church, VA, 2011 to 2012

Information Assurance Engineer

         Protected Defense Information Systems Agency s information systems by performing ST&Es and upgrades on equipment, hardening Windows O/S, testing video teleconferencing connections for stability and security, and performing pen testing on laptops and workstations.

         Strategically drafted network diagrams to streamline and standardize configuration, racking, and stacking of servers, firewalls, routers, and switches.

Booz Allen Hamilton, Annapolis Junction, MD, 2010 to 2011

Senior Consultant / Cyber Network Analyst

         Supported National Security Agency by analyzing network packets to identify abnormal traffic, and collaboratively preparing information assurance proposal to enhance firm s competitive positioning.

SRA International, Inc., (acquired by Computer Sciences Government Services), Fairfax, VA, 2010

Cyber Security / Network Intrusion Analyst

         Significantly reduced vulnerabilities on FAA network through analysis and detection of perceived threats, predicting and mitigating attacks, tracking malicious behavior, and tracing traffic patterns to source IP.

Tenable Network Security, Columbia, MD, 2008 to 2009

QA / Network / Security Engineer

         Systematically reinforced availability, performance, and security of clients networks through traffic monitoring, penetration testing, analysis/reporting/documentation of findings, and QA testing.

Prior Background:

Network Engineer II / Security Engineer II, CACI International, Arlington, VA, 2007 to 2008

IT Support Associate, University of Maryland University College, Adelphi, MD, 1999 to 2007

Continued ►

Yyyyyy x. yyyyyy Page 3 of 3

Master of Science, Computer Systems Management & Information Assurance

University of Maryland University College, 2009

Bachelor of Science, Information Systems Management

University of Maryland University College, 2004

Linux Forensics Toolkit (FTK by AccessData), 2016

Firewall Administration Concepts, Linux Administration, TCP/IP, Network Security, Computer Forensics, Internet Security, Brainbench certifications, 2016

SANS 610 Reverse Engineering Malware, 2015

TrainACE CISSP Training, 2014

SANS Cyber Threat Intelligence Summit, 2014

Certified Ethical Hacker, EC-Council, 2011

Network+ and Security+ certifications, CompTIA, 2011

Master s Certification in Information Assurance,

Center of Academic Excellence in Information Assurance, 2009

Information Management Certification, University of Maryland University College, 2004

Project Management Certification, University of Maryland University College, 2004

Networking & Protocols: TCP/IP, Ethernet, IPSEC, DES/3DES, SSH, OSPF, IPtables, Kerberos, NAT, Radius, Asymmetrical PKI, Certificate Authorities, Layer 2 (Arping, Arp Watching, Port Stealing), Layer 3 (Pf, Fragtest, traceroute, Sing, LFT, Etrace, Firewalk), Layer 4 (TCP fragroute), OWASP, BGP, EIGRP, Cisco 2600 Series Routers, Cisco 2600 Series Firewalls, Cisco ASA Firewall, Cisco PIX 500 Series Firewalls

Security Tools: Nmap, Retina Security Scanner, Superscan, Basic Analysis and Security Engine (BASE), SGUIL, SSA Ticketing System (CAPRS), Tenable Network Security Ticketing System (Mantis), Track-it, Nessus, Enterasys Dragon IDS, ArcSight ESM Logger/Console, Keystroke Logger, Encase, Forensic Toolkit, Backtrack/Auditor Security

Auditing Tools: Handy PRO, Maltego, Airodump, Airmon-ng, shodan, Cisco FireSIGHT, Cisco AMP, Burp Suite

Network Tools: Kismet, netcat, netcraft, hping, windump/tcpdump, netstat, WireShark/Ethereal

OS & Virtualization: Windows, Linux (Red Hat, Fedora, Ubuntu, Debian), OSX, VMware, Dameware

Languages: C++, Perl, Snort, PCRE, XHTML/HTML/CSS, SQL, PL/SQL, Python, Shell scripting, PowerShell, scapy

Enterprise Software: Microsoft Systems Management Server, Oracle Database, Microsoft Office Suite