SlideShare a Scribd company logo

Updated Senior Cyber Intel security analyst

Download as DOC, PDF
T
Tiffany Doby
1 of 8
Tiffany Dawn Doby 7603 Sam Hall Road Oxford, N.C. 27565 Telephone: (919) 892-4846 E-mail: alchemy2588@gmail.com Summary of Qualifications Senior Information Technology, Network Security/Information System Security Specialist, Intel, and Cyber Threat with progressively responsible experience in: Security Clearance: Secret Professional Experience Centers for Medicare & Medicaid Services with 1901 Group LLC. (Prior Company Triple-I), Columbia, Maryland September 2014 – Present • Information Assurance Technologies • Information Assurance Assessments and Methodology • Computer Information Customer Service • Enterprise Installation and Upgrades • Computer Hardware and Software Maint., Support • Network Architecture and Fundamentals • UNIX, WIN NT, 2K, XP, Vista TCPIP • Network Security and traffic Analysis • Forensics Investigations and Analysis • Daily network security traffic Analysis • Team Lead in providing recommendations for all Cyber Threat Incident Handling and Incident Response. • Government Sales /Logistics Distribution • Excellent Interpersonal Communications and Team Building Skills • Intelligence gathering to conduct further Analysis • Senior Administrative support to include phone, presentation, and correspondence • Vulnerability Scanning (NIKTO, NESSUS, NMAP, PERL, NCircle) • Packet Analyzing (Net Witness, Wireshark, Etheral, IDS, IPS) • Foundstone Administrator • Websense Administrator • Symantec Information Manager Console + NAC experience • Incident reporting, response, Incident analysis, and Incident management as well as Severity management • Sustainment of the Enterprise • Detect activities on or against the Enterprise • Procedures for creating and disturbing warnings for threats and intrusions from DoD and Intelligence community organization on a need-to-know basis • Arcsight, Sourcefire, and Solera SME • AvayaGov Team Lead in construction and development of U.S. Senate Sergeant At Arms Vulnerability Analysis program. • Protect the Enterprise • Vulnerability assessment and management, and Vulnerability assessments to include red and blue team assessments and as a part of C&A preparation • Network engineering monitoring and mitigation of enterprise network device issues • Attack Sensing and Warning (AS&W) • Monitoring of web sites of DoD and commercial cyber security centers and of non-government websites for information on known and potential threats to ensure a proactive approach to CND
Incident Management Respondent / Senior Cyber Threat Analyst ● Lead security communication and coordination in support of Healthcare.gov at the eXchange Operations Center (XOC). ● Ensured that critical security weaknesses are addressed in a timely manner according CMS information security guidance. ● Led the effort to reduced Heathcare.gov infrastructure DHS Cyber Hygiene findings by 77%. ● Developed reporting process with Marketplace datacenters and entities to ensure proper communication to senior leadership. ● Reduced coordination times by an average of 3 hours by developing a list of security POCs to contact during incidents. ● Closed 100+ Department level RiskVision tickets for Marketplace incidents in 60 days. ● Streamlined processes to reduced reporting and alerting efforts by an average of 4 hours during major incidents. ● Provided a daily executive brief to CMS leadership in regards to the security status of the XOC, Healthcare.gov, and supporting infrastructure. ● Detects and Continuously Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks. Detect and Continuously Correlate actionable security events from various sources, including Security Information Management System (SIMS) data. ● Coordinated with HHS, DHS, CMS SOC, States, and datacenters to ensure pertinent information is shared and exceeding all requirements. ● Managed projects including an Open Source Intelligence, Data Analytics, and Database migration projects. ● Lead Incident Management meeting in the event of security investigations, maintains a written summary of actions items, and findings. ● Created a relationship between the XOC team and the Office of Communications to share security information with consumers. ● Implemented new and innovative ideas to improve the security posture of the Healthcare.gov environment. February 2013 – Lead Cyber Intelligence Analyst . with Lockheed Martin for Defense Threat Reduction Agency • Continuously Detect and Employ advanced forensic tools and techniques for network attack reconstruction. • Successful and performed outstanding in the DISA ESM Audit process and was directly involved in the main Work Instructions and Live demonstration on all required CNDSP DETECT Controls. • Detects and Continuously Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks. Detect and Continuously Correlate actionable security events from various sources, including Security Information Management System (SIMS) data and develop unique correlation techniques. Detect and Continuously Utilize knowledge of attack signatures, tactics, techniques and procedures to aid in the detection of Zero-Day attacks. • Detects and Participates in the coordination of resources during enterprise incident response efforts. Interface with external entities including law enforcement organizations, intelligence community organizations and other government agencies, e.g., the Department of Defense. • Reviews threat data from various sources and aid in the development of custom signatures for Open Source and COTs IDS. Responsible for maintaining the integrity and security of enterprise- wide cyber systems and networks.
• Supports daily cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Coordinates daily resources during enterprise incident response efforts, driving incidents to timely and complete resolution. • Employs advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis. • Daily performs network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks. Reviews threat data from various sources and develops custom signatures for Open Source IDS or other custom detection capabilities. • Correlates actionable security events from various sources including Security Information Management System (SIMS) data and develops unique correlation techniques. Utilizes understanding of attack signatures, tactics, techniques and procedures associated with advanced threats. • Continuously conducts malware analysis and is aware of the latest attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols. Interfaces with external entities including law enforcement organizations, intelligence community organizations and other government agencies such as the Department of Defense. September 2011-February 2013 – Senior Security Specialist for Department of Defense Office of the Inspector General • Responsible Websense administration of all policies and filters. • Airtight monitoring of rogue machines that communicate with private access point. • NIKSUN : Analyzing packets within packet captures. Monitor and monitor excellent communication with end users when troubleshooting network connectivity issues related to Network Security. • Responsible for all Incident Response on all PENTCIRT alerts and reporting or all malicious activity. • Conduct incident response and follow through for threat mitigation on all hosts and devices. • In charge of Incident Response- Incident handling. • Receive and analyze network alerts from various sources and determine possible causes of such alerts. • Perform analysis of log files from a variety of sources with the network environment or enclave, • to include individual host logs, network traffic logs, firewall logs, and intrusion detection system logs. • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources. • Monitor external data sources to maintain currency of CND threat condition and determine which security issues may have an impact on the environment or enclave. Assist in the construction of signatures which can be implemented on CND network tools in response to new or observed threats within the environment or enclave. Perform event correlation using information gathered from a variety of sources with the environment or • enclave to gain situational awareness and determine the effectiveness of an observed attack. Notify CND managers, CND incident responders, and other CND-SP team members of suspected CND incidents and articulate the event’s history, status, and potential impact for further action. • Significant knowledge of particular CND tools, tactics, techniques, and procedures which support the tracking, management, analysis, and resolution of incidents. Works under supervision and typically reports to CND-SPM. Actions are usually authorized and controlled by policies and established procedures. • Certification required within 6 months of assignment to position and mandatory for unsupervised access.
• Collect and analyze intrusion artifacts (e.g., source code, malware, and Trojans) and use discovered data to enable mitigation potential CND incidents within the enclave. Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enclave systems. Coordinate with and provide expert technical support to enclave CND technicians to resolve CND incidents. Track and document CND incidents from initial detection through final resolution. Perform CND incident triage to include determining scope, urgency, and potential impact; identify the specific vulnerability and make recommendations which enable expeditious remediation. Correlate incident data and perform CND trend analysis and reporting. Coordinate with intelligence analysts data and perform CND trend analysis and reporting. • Coordinate with intelligence analysts to correlate threat assessment data. • Perform real-time CND Incident Handling (e.g., forensic collections. Intrusion correlation/tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRT). Maintain deployable CND toolkit (e.g., specialized CND software/hardware) to support IRT missions. Write and publish CND guidance and reports on incident findings to appropriate constituencies. October 2008 – September 2011 Watch Officer for Primary Security Operations Center/ Vulnerability Analysis Lead for Avaya Government Solutions - U.S. Senate Sergeant At Arms program / Senior Network Security System Analyst for Avaya Government Solutions Senior Cyber Intelligence Analyst for US Senate Sergeant at Arms. • Conduct preliminary investigations of incidents and accurately document and report them to the Sergeant at Arms for the US Senate. • Leads a team of three Cyber Security Analysts in analyzing and investigating suspicious network trends in Arcsight Enterprise Security 4.0 and McAfee Intrushield Alert Manager for the U.S. Senate. • Creates filters and monitors active channels in Arcsight on hostile intelligence threats network, and communications vulnerabilities. • Identifies the immediate action needed and recommends viable countermeasures and corrective actions to the Watch Standers regarding vulnerabilities, malicious code and attacks. • Authors, proofreads, edits and disseminates daily and time sensitive incident reports; synthesizes, organizes, and analyzes information under tight deadlines with no impact on quality while staying up to date with the latest activity and status updates. • Supervises/Mentors and assists in the training of junior analysts and newly hire personnel. • Participates in Daily Tag up with Senate Watch Standers. • Configures nCircle scan profiles and prepares monthly Vulnerability Assessment documents • Attends weekly and monthly Classified Cyber Security meetings with numerous agencies to include DHS, JTF-GNO, and US Cert to collect, and gather intelligence on the latest malicious threats. • Pass on all intelligence gathered to use for further analysis to the US Senate SAA IT Security Staff, and within our Security Operation Centers to prevent, analyze, and mitigate the latest emerging threats and suspicious activity from all Classifed meetings conducted by DHS, US Cert, and Cyber Command. • Continuously gather open source intelligence from sources such as Malware Domain List, Malware URL, Trusted Source, Threat Expert and Zeus tracker. • Monitor real time network traffic, discovered security events and vulnerabilities, analyze the event, and provide recommendations to the US Senate SAA Staff on how the Incident Response should be conducted with recommendations. • Conduct event correlation and analysis for events of interest using tools such as Arcsight,
Intrushield, Wireshark, CISCO IDS Sensors, SNORT, and NetWitness. • Complete Investigative alert reports on machines that could potentially become infected, or is actually infected with malware, hack tools, and vulnerabilities that are used to compromise machines that can infect the US Senate network. • Conduct daily meetings with the SAA in support of the US Senate with the daily incident reports that are pending, and the latest emerging threats. • In charge of the Avaya Government Solutions Vulnerability Assessment team, created and developed all Standard Operating Procedures for this program and all vulnerability scan’s reports that are performed along with the analysis report generation within The U.S. Senate network. Also performing Quality Assurance process on all scans conducted by the Avaya Government Solutions Vulnerability Assessment team/Vulnerability Management team before they are delivered to the US Senate Sergeant At Arms Vulnerability Management team. • Conduct, and Configure Vulnerability Scans that are conducted using NCircle. • Utilize Symantec Security Information Manager, Symantec Reporting System, and Symantec System Center Console to investigate and analyze any activity of suspicion on internal hosts to include the best remediation procedure if needed. • I was in Charge and successfully maintained the entire U. S. Senate Sergeant At Arms Vulnerability Analysis program while instructing the Avaya Government Solutions Vulnerability Analysis Team and working in communication directly with the U. S. Senate Security Staff on all requests and recommendations. August 2007 – October 2008 Forensics and Incident Management Analyst/Incident Handling Analyst Northrup Grumman at Marine Corps Network Operations and Security Center (MCNOSC) • Performed network analysis at the MCNOSC that entailed providing to senior management detailed reports on the traffic analysis and traffic flow for the entire Marine Corp grid • Conducted in-depth forensic analysis on DoD systems to determine the extent of intrusion related damage • Provided detailed forensic analysis reports on intrusion related hosts to senior management • Conducted forensic investigations that included multiple workstations • Using state-of-art forensic analysis tools to analyze incidents pertaining to network intrusions, insider threats, and misuse of government information systems. • Conduct preliminary investigations of incidents and accurately document and report them in the Marine Corps. Computer Emergency Response team (MARCERT) Collection Database which is directly reported to the (JTF-GNO).. • Provide around the clock support for all subscriber networks pertaining to network defense matters. Provide the detection portion of the MarCERT mission by providing 24x7 monitoring of the MCEN. • Conduct event correlation and analysis for events of interest, which may lead to a reportable incident through Sitepro IDS, Intrushield IPS, and Arcsight. • Provided Infrastructure support assistance with the IDS Sensors, and consoles which use signature based network intrusion detection system. • Work extensively with the Network Operations Center and the JTF-GNO to provide global network operations and computer network systems in support of Marine and Joint forces operating worldwide.. • Complete investigations on machines that are infected with many different types of malware, hack tools, and vulnerabilities that are used to compromise machines that can infect the enterprise network. • Work constantly with IAMs that are responsible for hosts USMC Worldwide to make sure all threats are scanned , and cleaned and to submit reports on the cause of the infection and the incident.
• Work extensively with running vulnerability scans with network tools such as NIKTO, Retina, Nessus, NMAP • Analyze Packet captures, Retina scans, First Response Data, and RIPPER Scan results. • Analyze network traffic from Cyberguard firewalls, and Secure Shell. Sept.2005-Aug.2007 Aviation Info.SystemSecurity Specialist/ Customer Service Manager • Orchestrated the movement of over $500 thousand dollars in computer assets transported forward to achieve mission requirements that supported heavy helicopter squadrons’ forward operations. • Administered over 1,000 Naval Tactical Command Support System (NTCSS) user accounts aboard MAG 24. • Assisted in diagnosing internal and external server connectivity for MAG 24. • Managed Helpdesk which was critical first echelon problem solver for countless trouble calls for the MAG 24. • Managed 4 Marines on a daily basis to fulfill assigned tasks issued by the Department Chief in a timely manner. • Maintained the Information Assurance Program For the Marine Corps. Regarding the overall functions and responsibilities to include IA inspections. • Design and manipulate database systems and generate reports as necessary. • Order, track, and manage replacement parts and necessary supplies for computer suites within the unit. • Complete assigning administrative assignment letters, and correspondence for the entire unit to include EDS, Navy Marine Corps Intranet assets. • Receive and effectively managed over 3,500 trouble calls for the entire Marine Aircraft Group which include over 1300 users and 2,500 workstations. • Provide outstanding customer service which directly impacted the operational readiness of the command. Inventoried over 3000 assets with 100% accountability for 3 years. • Received 2,500 assets from EDS, NMCI and coordinated the deployment of assets with minimal downtime to users. • Responsible for the receipt, inventory, management and issue of all Information Technology (IT) assets. • Trained on all EDS, NMCI aspects such as the Navy Marine Corps Intranet Project, Base CTR, and Information System coordinator. • Trained in Analyst, Information System Coordinators (ISC), new user account setup, Service Request forms, Information Awareness training. • Responsible for Government sales purchases for different units through Supply, and other civilian contracts. USMC Marine Aviation Air Group 24 Marine Corps. Base Hawaii • Achieved network connectivity for two civilian contracted teams that are aboard MAG 24 to support OMA level squadron requirements. Nov. 2003-Sept. 2005Aviation Info.System SpecialistMaintenance Support Manager USMC Marine Aviation Logistics Squadron-24 Marine Corps. Base Hawaii • Responsible for a broad spectrum of digital network and information systems operation, installation, and maintenance in support of Marine Corps and Naval Aviation. • Assisted in preparing network integration of three external Squadron Warehouse facilities and the MALS Van complex that supported base operations.
• Accountable for the deployment of tactical local and wide area networks to any theater of operation; from company headquarters to shipboard to forward deployed joint-service environments. • Maintain and repair data communication links, fiber-optic and tactical fiber-optic cabling. • Support a myriad of computer and network operating systems including UNIX, WINDOWS NT, WIINDOWS 2000, WINDOWS XP, and TCP/IP. • Transitioned 1300 Unit users from legacy network to Navy and Marine Corps. Intranet, and assisted in cutover of 2,500 computer assets. • Performed Object Creation Module (OCM) Data call for 1300 MAG-24 users • Use applications and software programs to access and manage data stored in the computer’s memory and database files. Nov.2002-Oct. 2003 Aviation Logistics Tactical Info. System Rep. USMC Aviation Info. System Training Athens, GA • Learn to provide technical, operational, and logistical support for all aviation information systems within the Mag-24. June 2002-Oct. 2002 USMC Marine Training Basic TrainingMarine Combat Traning Parris Island S.C. Camp Lejeune, N.C. Marine Information Technology Network Operations Center - Quantico, Virginia • Learn Martial arts training, Land Navigation, Basic Warrior training, rifle Training, and discipline. • Learn Basic skills of being a Marine • Learn field operations, while accomplishing the mission in an accurate and precise manner. • Learn different types of weapons such as grenades, rifles, and military artillery. Education Computer Programming for Business Applications B.S.B.A. Bachelor Of Science Business Administration; Major: Computer Information Systems 1164 Bishop St, Suite 911, Honolulu, Hawaii 96813 (808) 544-0200 High School Diploma JF WEBB High School, Oxford, North Carolina Professional Certifications • Class leader within the training Aviation Logistics Tactical Systems • Learn to provide Maintenance support for Mals-24 supply and maintenance departments by supporting NTCSS platforms.
Personal Awards • Security Plus Certified 2008 • GCIA Trained • Defense Threat Reduction Agency Lead Cyber Intel Certified • MCNOSC MarCERT Intrusion Analyst Certified • CEH Certified 2012 • Department of Defense Office of the Inspector General Network Security Engineer Certified • U. S. Marine Sergeant • Meritorious Service Medal • Good Conduct Medal • Navy Achievement Medal • Global War on Terrorism Medal

Recommended

RonaldG.MillerCISSPv2
RonaldG.MillerCISSPv2RonaldG.MillerCISSPv2
RonaldG.MillerCISSPv2Ron Miller
 
Highly Adaptive Cybersecurity Services (HACS) -- Cyber Hunt
Highly Adaptive Cybersecurity Services (HACS) -- Cyber HuntHighly Adaptive Cybersecurity Services (HACS) -- Cyber Hunt
Highly Adaptive Cybersecurity Services (HACS) -- Cyber HuntDavid Sweigert
 
How To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceHow To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceResilient Systems
 
Martin_Leroux_2014
Martin_Leroux_2014Martin_Leroux_2014
Martin_Leroux_2014Martin Leroux
 
Cyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationCyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationInfocyte
 
Herklotz - Information Operations and Security - Spring Review 2013
Herklotz - Information Operations and Security - Spring Review 2013Herklotz - Information Operations and Security - Spring Review 2013
Herklotz - Information Operations and Security - Spring Review 2013The Air Force Office of Scientific Research
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentDavid Sweigert
 
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...North Texas Chapter of the ISSA
 

Recommended

RonaldG.MillerCISSPv2
RonaldG.MillerCISSPv2RonaldG.MillerCISSPv2
RonaldG.MillerCISSPv2Ron Miller
 
Highly Adaptive Cybersecurity Services (HACS) -- Cyber Hunt
Highly Adaptive Cybersecurity Services (HACS) -- Cyber HuntHighly Adaptive Cybersecurity Services (HACS) -- Cyber Hunt
Highly Adaptive Cybersecurity Services (HACS) -- Cyber HuntDavid Sweigert
 
How To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceHow To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceResilient Systems
 
Martin_Leroux_2014
Martin_Leroux_2014Martin_Leroux_2014
Martin_Leroux_2014Martin Leroux
 
Cyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationCyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationInfocyte
 
Herklotz - Information Operations and Security - Spring Review 2013
Herklotz - Information Operations and Security - Spring Review 2013Herklotz - Information Operations and Security - Spring Review 2013
Herklotz - Information Operations and Security - Spring Review 2013The Air Force Office of Scientific Research
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentDavid Sweigert
 
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...North Texas Chapter of the ISSA
 
Jim Geovedi - Machine Learning for Cybersecurity
Jim Geovedi - Machine Learning for CybersecurityJim Geovedi - Machine Learning for Cybersecurity
Jim Geovedi - Machine Learning for Cybersecurityidsecconf
 
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...Cristian Driga
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisIJERD Editor
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
NIST Supply Chain Risk publication 800-161
NIST Supply Chain Risk publication 800-161NIST Supply Chain Risk publication 800-161
NIST Supply Chain Risk publication 800-161David Sweigert
 
The Economics of Cyber Security
The Economics of Cyber SecurityThe Economics of Cyber Security
The Economics of Cyber SecurityJohn Gilligan
 
Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?John Gilligan
 
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera... SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...AlienVault
 
Top Level Cyber Security Strategy
Top Level Cyber Security Strategy Top Level Cyber Security Strategy
Top Level Cyber Security Strategy John Gilligan
 
Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationSurfWatch Labs
 
Cyber Security Case Studies
Cyber Security Case Studies Cyber Security Case Studies
Cyber Security Case Studies Moksha Kalyan Ram Abhiramula
 
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Cybersecurity Education and Research Centre
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksTripwire
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
Neil Bailey Resume 2016 (1)
Neil Bailey Resume 2016 (1)Neil Bailey Resume 2016 (1)
Neil Bailey Resume 2016 (1)Neil K. Bailey
 
Federal Cybersecurity: The latest challenges, initiatives and best practices
Federal Cybersecurity: The latest challenges, initiatives and best practicesFederal Cybersecurity: The latest challenges, initiatives and best practices
Federal Cybersecurity: The latest challenges, initiatives and best practicesJohn Gilligan
 
Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting David Sweigert
 
Jenkins_ Carlasha 2016 v1
Jenkins_ Carlasha 2016 v1Jenkins_ Carlasha 2016 v1
Jenkins_ Carlasha 2016 v1Carlasha Jenkins
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchMcKonly & Asbury, LLP
 
Cyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDICyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDIDavid Sweigert
 
power point for Special Kids
power point for Special Kidspower point for Special Kids
power point for Special KidsHUMERA ALI
 
Anywhere media
Anywhere mediaAnywhere media
Anywhere mediaMadhur Falodia
 

More Related Content

What's hot

Jim Geovedi - Machine Learning for Cybersecurity
Jim Geovedi - Machine Learning for CybersecurityJim Geovedi - Machine Learning for Cybersecurity
Jim Geovedi - Machine Learning for Cybersecurityidsecconf
 
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...Cristian Driga
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisIJERD Editor
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
NIST Supply Chain Risk publication 800-161
NIST Supply Chain Risk publication 800-161NIST Supply Chain Risk publication 800-161
NIST Supply Chain Risk publication 800-161David Sweigert
 
The Economics of Cyber Security
The Economics of Cyber SecurityThe Economics of Cyber Security
The Economics of Cyber SecurityJohn Gilligan
 
Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?John Gilligan
 
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera... SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...AlienVault
 
Top Level Cyber Security Strategy
Top Level Cyber Security Strategy Top Level Cyber Security Strategy
Top Level Cyber Security Strategy John Gilligan
 
Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationSurfWatch Labs
 
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Cybersecurity Education and Research Centre
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksTripwire
 
Neil Bailey Resume 2016 (1)
Neil Bailey Resume 2016 (1)Neil Bailey Resume 2016 (1)
Neil Bailey Resume 2016 (1)Neil K. Bailey
 
Federal Cybersecurity: The latest challenges, initiatives and best practices
Federal Cybersecurity: The latest challenges, initiatives and best practicesFederal Cybersecurity: The latest challenges, initiatives and best practices
Federal Cybersecurity: The latest challenges, initiatives and best practicesJohn Gilligan
 
Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting David Sweigert
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchMcKonly & Asbury, LLP
 
Cyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDICyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDIDavid Sweigert
 

What's hot (20)

Jim Geovedi - Machine Learning for Cybersecurity
Jim Geovedi - Machine Learning for CybersecurityJim Geovedi - Machine Learning for Cybersecurity
Jim Geovedi - Machine Learning for Cybersecurity
 
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network Analysis
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
 
NIST Supply Chain Risk publication 800-161
NIST Supply Chain Risk publication 800-161NIST Supply Chain Risk publication 800-161
NIST Supply Chain Risk publication 800-161
 
The Economics of Cyber Security
The Economics of Cyber SecurityThe Economics of Cyber Security
The Economics of Cyber Security
 
Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?
 
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera... SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
 
Top Level Cyber Security Strategy
Top Level Cyber Security Strategy Top Level Cyber Security Strategy
Top Level Cyber Security Strategy
 
Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution Demonstration
 
Cyber Security Case Studies
Cyber Security Case Studies Cyber Security Case Studies
Cyber Security Case Studies
 
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security Attacks
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Neil Bailey Resume 2016 (1)
Neil Bailey Resume 2016 (1)Neil Bailey Resume 2016 (1)
Neil Bailey Resume 2016 (1)
 
Federal Cybersecurity: The latest challenges, initiatives and best practices
Federal Cybersecurity: The latest challenges, initiatives and best practicesFederal Cybersecurity: The latest challenges, initiatives and best practices
Federal Cybersecurity: The latest challenges, initiatives and best practices
 
Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting
 
Jenkins_ Carlasha 2016 v1
Jenkins_ Carlasha 2016 v1Jenkins_ Carlasha 2016 v1
Jenkins_ Carlasha 2016 v1
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect Match
 
Cyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDICyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDI
 

Viewers also liked

power point for Special Kids
power point for Special Kidspower point for Special Kids
power point for Special KidsHUMERA ALI
 
Behaviour Intervention
Behaviour InterventionBehaviour Intervention
Behaviour InterventionHUMERA ALI
 
ACA's 1st Annual Celebration Dinner, Raffle & Auction on Feb. 25, 2017
ACA's 1st Annual Celebration Dinner, Raffle & Auction on Feb. 25, 2017ACA's 1st Annual Celebration Dinner, Raffle & Auction on Feb. 25, 2017
ACA's 1st Annual Celebration Dinner, Raffle & Auction on Feb. 25, 2017lisaflournoy
 
Conocimiento axiologico
Conocimiento axiologicoConocimiento axiologico
Conocimiento axiologicoLEONCADEVILLA
 
Como elaborar planes de curso
Como elaborar planes de cursoComo elaborar planes de curso
Como elaborar planes de cursoLuis Leon
 
Игра-конференция «Звёздный час» для учащихся 8–9 классов
Игра-конференция «Звёздный час» для учащихся 8–9 классовИгра-конференция «Звёздный час» для учащихся 8–9 классов
Игра-конференция «Звёздный час» для учащихся 8–9 классовDROFA-VENTANA
 
Homework Tips for Parents
Homework Tips for ParentsHomework Tips for Parents
Homework Tips for ParentsHUMERA ALI
 
Regione Marche - Richiesta integrazioni e chiarimenti AIA CementirSacci Caste...
Regione Marche - Richiesta integrazioni e chiarimenti AIA CementirSacci Caste...Regione Marche - Richiesta integrazioni e chiarimenti AIA CementirSacci Caste...
Regione Marche - Richiesta integrazioni e chiarimenti AIA CementirSacci Caste...Daniele Antonozzi
 
Mission-Based Experience Strategy
Mission-Based Experience StrategyMission-Based Experience Strategy
Mission-Based Experience Strategyuxpin
 
ENC Times- February 16,2017
ENC Times- February 16,2017ENC Times- February 16,2017
ENC Times- February 16,2017ENC
 
Designing Meaningful Data Products
Designing Meaningful Data ProductsDesigning Meaningful Data Products
Designing Meaningful Data Productsuxpin
 
Enterprise Usability: The Olive Garden Principle
Enterprise Usability: The Olive Garden PrincipleEnterprise Usability: The Olive Garden Principle
Enterprise Usability: The Olive Garden PrincipleDylan Wilbanks
 
Construcciones geometricas parte1
Construcciones geometricas parte1Construcciones geometricas parte1
Construcciones geometricas parte1UNELLEZ
 
SOLAR ENERGY PPT FOR PROJECT
SOLAR ENERGY PPT FOR PROJECTSOLAR ENERGY PPT FOR PROJECT
SOLAR ENERGY PPT FOR PROJECTHUMERA ALI
 
Beautiful Seams: The Intuit Design System
Beautiful Seams: The Intuit Design SystemBeautiful Seams: The Intuit Design System
Beautiful Seams: The Intuit Design Systemuxpin
 
Creating and Scaling an Enterprise Design System
Creating and Scaling an Enterprise Design SystemCreating and Scaling an Enterprise Design System
Creating and Scaling an Enterprise Design Systemuxpin
 

Viewers also liked (20)

power point for Special Kids
power point for Special Kidspower point for Special Kids
power point for Special Kids
 
Anywhere media
Anywhere mediaAnywhere media
Anywhere media
 
Behaviour Intervention
Behaviour InterventionBehaviour Intervention
Behaviour Intervention
 
Output
OutputOutput
Output
 
Wedding Bouquets
Wedding BouquetsWedding Bouquets
Wedding Bouquets
 
ACA's 1st Annual Celebration Dinner, Raffle & Auction on Feb. 25, 2017
ACA's 1st Annual Celebration Dinner, Raffle & Auction on Feb. 25, 2017ACA's 1st Annual Celebration Dinner, Raffle & Auction on Feb. 25, 2017
ACA's 1st Annual Celebration Dinner, Raffle & Auction on Feb. 25, 2017
 
Conocimiento axiologico
Conocimiento axiologicoConocimiento axiologico
Conocimiento axiologico
 
Carreteras
CarreterasCarreteras
Carreteras
 
Como elaborar planes de curso
Como elaborar planes de cursoComo elaborar planes de curso
Como elaborar planes de curso
 
Игра-конференция «Звёздный час» для учащихся 8–9 классов
Игра-конференция «Звёздный час» для учащихся 8–9 классовИгра-конференция «Звёздный час» для учащихся 8–9 классов
Игра-конференция «Звёздный час» для учащихся 8–9 классов
 
Homework Tips for Parents
Homework Tips for ParentsHomework Tips for Parents
Homework Tips for Parents
 
Regione Marche - Richiesta integrazioni e chiarimenti AIA CementirSacci Caste...
Regione Marche - Richiesta integrazioni e chiarimenti AIA CementirSacci Caste...Regione Marche - Richiesta integrazioni e chiarimenti AIA CementirSacci Caste...
Regione Marche - Richiesta integrazioni e chiarimenti AIA CementirSacci Caste...
 
Mission-Based Experience Strategy
Mission-Based Experience StrategyMission-Based Experience Strategy
Mission-Based Experience Strategy
 
ENC Times- February 16,2017
ENC Times- February 16,2017ENC Times- February 16,2017
ENC Times- February 16,2017
 
Designing Meaningful Data Products
Designing Meaningful Data ProductsDesigning Meaningful Data Products
Designing Meaningful Data Products
 
Enterprise Usability: The Olive Garden Principle
Enterprise Usability: The Olive Garden PrincipleEnterprise Usability: The Olive Garden Principle
Enterprise Usability: The Olive Garden Principle
 
Construcciones geometricas parte1
Construcciones geometricas parte1Construcciones geometricas parte1
Construcciones geometricas parte1
 
SOLAR ENERGY PPT FOR PROJECT
SOLAR ENERGY PPT FOR PROJECTSOLAR ENERGY PPT FOR PROJECT
SOLAR ENERGY PPT FOR PROJECT
 
Beautiful Seams: The Intuit Design System
Beautiful Seams: The Intuit Design SystemBeautiful Seams: The Intuit Design System
Beautiful Seams: The Intuit Design System
 
Creating and Scaling an Enterprise Design System
Creating and Scaling an Enterprise Design SystemCreating and Scaling an Enterprise Design System
Creating and Scaling an Enterprise Design System
 

Similar to Updated Senior Cyber Intel security analyst

Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey Smith
 
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxC4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxbakhtinasiriav
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management ProgramTripwire
 
Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Netpluz Asia Pte Ltd
 
A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015Scott Van Valkenburgh
 
Why the DoD Uses Advanced Network-traffic Analytics to Secure its Network
Why the DoD Uses Advanced Network-traffic Analytics to Secure its NetworkWhy the DoD Uses Advanced Network-traffic Analytics to Secure its Network
Why the DoD Uses Advanced Network-traffic Analytics to Secure its NetworkNovetta
 
Albert G Info systems resume
Albert G Info systems resumeAlbert G Info systems resume
Albert G Info systems resumeAlbert Gonzales
 
08252016 John D Resume ITIL PMP CISSP CSM CISA1
08252016 John D Resume ITIL PMP CISSP CSM CISA108252016 John D Resume ITIL PMP CISSP CSM CISA1
08252016 John D Resume ITIL PMP CISSP CSM CISA1jjdoylecomcast
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligenceMarlabs
 
Tech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingTech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingJisc
 
Best Practices to Cybersecurity Vulnerability Management,.pdf
Best Practices to Cybersecurity Vulnerability Management,.pdfBest Practices to Cybersecurity Vulnerability Management,.pdf
Best Practices to Cybersecurity Vulnerability Management,.pdfTuan Yang
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
 
Information Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfInformation Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfforladies
 
Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Stephen Abram
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkJack Shaffer
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)PECB
 

Similar to Updated Senior Cyber Intel security analyst (20)

Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016
 
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxC4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
 
Tyler Technology Expo
Tyler Technology ExpoTyler Technology Expo
Tyler Technology Expo
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program
 
Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service
 
A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015
 
Why the DoD Uses Advanced Network-traffic Analytics to Secure its Network
Why the DoD Uses Advanced Network-traffic Analytics to Secure its NetworkWhy the DoD Uses Advanced Network-traffic Analytics to Secure its Network
Why the DoD Uses Advanced Network-traffic Analytics to Secure its Network
 
Albert G Info systems resume
Albert G Info systems resumeAlbert G Info systems resume
Albert G Info systems resume
 
08252016 John D Resume ITIL PMP CISSP CSM CISA1
08252016 John D Resume ITIL PMP CISSP CSM CISA108252016 John D Resume ITIL PMP CISSP CSM CISA1
08252016 John D Resume ITIL PMP CISSP CSM CISA1
 
Internet safety and security strategies for building an internet safety wall
Internet safety and security strategies for building an internet safety wallInternet safety and security strategies for building an internet safety wall
Internet safety and security strategies for building an internet safety wall
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Tech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingTech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharing
 
Best Practices to Cybersecurity Vulnerability Management,.pdf
Best Practices to Cybersecurity Vulnerability Management,.pdfBest Practices to Cybersecurity Vulnerability Management,.pdf
Best Practices to Cybersecurity Vulnerability Management,.pdf
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
 
M1_Introduction_IPS.pptx
M1_Introduction_IPS.pptxM1_Introduction_IPS.pptx
M1_Introduction_IPS.pptx
 
Information Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfInformation Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdf
 
Security and Control.ppt
Security and Control.pptSecurity and Control.ppt
Security and Control.ppt
 
Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
 

Updated Senior Cyber Intel security analyst

  • 1. Tiffany Dawn Doby 7603 Sam Hall Road Oxford, N.C. 27565 Telephone: (919) 892-4846 E-mail: alchemy2588@gmail.com Summary of Qualifications Senior Information Technology, Network Security/Information System Security Specialist, Intel, and Cyber Threat with progressively responsible experience in: Security Clearance: Secret Professional Experience Centers for Medicare & Medicaid Services with 1901 Group LLC. (Prior Company Triple-I), Columbia, Maryland September 2014 – Present • Information Assurance Technologies • Information Assurance Assessments and Methodology • Computer Information Customer Service • Enterprise Installation and Upgrades • Computer Hardware and Software Maint., Support • Network Architecture and Fundamentals • UNIX, WIN NT, 2K, XP, Vista TCPIP • Network Security and traffic Analysis • Forensics Investigations and Analysis • Daily network security traffic Analysis • Team Lead in providing recommendations for all Cyber Threat Incident Handling and Incident Response. • Government Sales /Logistics Distribution • Excellent Interpersonal Communications and Team Building Skills • Intelligence gathering to conduct further Analysis • Senior Administrative support to include phone, presentation, and correspondence • Vulnerability Scanning (NIKTO, NESSUS, NMAP, PERL, NCircle) • Packet Analyzing (Net Witness, Wireshark, Etheral, IDS, IPS) • Foundstone Administrator • Websense Administrator • Symantec Information Manager Console + NAC experience • Incident reporting, response, Incident analysis, and Incident management as well as Severity management • Sustainment of the Enterprise • Detect activities on or against the Enterprise • Procedures for creating and disturbing warnings for threats and intrusions from DoD and Intelligence community organization on a need-to-know basis • Arcsight, Sourcefire, and Solera SME • AvayaGov Team Lead in construction and development of U.S. Senate Sergeant At Arms Vulnerability Analysis program. • Protect the Enterprise • Vulnerability assessment and management, and Vulnerability assessments to include red and blue team assessments and as a part of C&A preparation • Network engineering monitoring and mitigation of enterprise network device issues • Attack Sensing and Warning (AS&W) • Monitoring of web sites of DoD and commercial cyber security centers and of non-government websites for information on known and potential threats to ensure a proactive approach to CND
  • 2. Incident Management Respondent / Senior Cyber Threat Analyst ● Lead security communication and coordination in support of Healthcare.gov at the eXchange Operations Center (XOC). ● Ensured that critical security weaknesses are addressed in a timely manner according CMS information security guidance. ● Led the effort to reduced Heathcare.gov infrastructure DHS Cyber Hygiene findings by 77%. ● Developed reporting process with Marketplace datacenters and entities to ensure proper communication to senior leadership. ● Reduced coordination times by an average of 3 hours by developing a list of security POCs to contact during incidents. ● Closed 100+ Department level RiskVision tickets for Marketplace incidents in 60 days. ● Streamlined processes to reduced reporting and alerting efforts by an average of 4 hours during major incidents. ● Provided a daily executive brief to CMS leadership in regards to the security status of the XOC, Healthcare.gov, and supporting infrastructure. ● Detects and Continuously Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks. Detect and Continuously Correlate actionable security events from various sources, including Security Information Management System (SIMS) data. ● Coordinated with HHS, DHS, CMS SOC, States, and datacenters to ensure pertinent information is shared and exceeding all requirements. ● Managed projects including an Open Source Intelligence, Data Analytics, and Database migration projects. ● Lead Incident Management meeting in the event of security investigations, maintains a written summary of actions items, and findings. ● Created a relationship between the XOC team and the Office of Communications to share security information with consumers. ● Implemented new and innovative ideas to improve the security posture of the Healthcare.gov environment. February 2013 – Lead Cyber Intelligence Analyst . with Lockheed Martin for Defense Threat Reduction Agency • Continuously Detect and Employ advanced forensic tools and techniques for network attack reconstruction. • Successful and performed outstanding in the DISA ESM Audit process and was directly involved in the main Work Instructions and Live demonstration on all required CNDSP DETECT Controls. • Detects and Continuously Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks. Detect and Continuously Correlate actionable security events from various sources, including Security Information Management System (SIMS) data and develop unique correlation techniques. Detect and Continuously Utilize knowledge of attack signatures, tactics, techniques and procedures to aid in the detection of Zero-Day attacks. • Detects and Participates in the coordination of resources during enterprise incident response efforts. Interface with external entities including law enforcement organizations, intelligence community organizations and other government agencies, e.g., the Department of Defense. • Reviews threat data from various sources and aid in the development of custom signatures for Open Source and COTs IDS. Responsible for maintaining the integrity and security of enterprise- wide cyber systems and networks.
  • 3. • Supports daily cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Coordinates daily resources during enterprise incident response efforts, driving incidents to timely and complete resolution. • Employs advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis. • Daily performs network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks. Reviews threat data from various sources and develops custom signatures for Open Source IDS or other custom detection capabilities. • Correlates actionable security events from various sources including Security Information Management System (SIMS) data and develops unique correlation techniques. Utilizes understanding of attack signatures, tactics, techniques and procedures associated with advanced threats. • Continuously conducts malware analysis and is aware of the latest attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols. Interfaces with external entities including law enforcement organizations, intelligence community organizations and other government agencies such as the Department of Defense. September 2011-February 2013 – Senior Security Specialist for Department of Defense Office of the Inspector General • Responsible Websense administration of all policies and filters. • Airtight monitoring of rogue machines that communicate with private access point. • NIKSUN : Analyzing packets within packet captures. Monitor and monitor excellent communication with end users when troubleshooting network connectivity issues related to Network Security. • Responsible for all Incident Response on all PENTCIRT alerts and reporting or all malicious activity. • Conduct incident response and follow through for threat mitigation on all hosts and devices. • In charge of Incident Response- Incident handling. • Receive and analyze network alerts from various sources and determine possible causes of such alerts. • Perform analysis of log files from a variety of sources with the network environment or enclave, • to include individual host logs, network traffic logs, firewall logs, and intrusion detection system logs. • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources. • Monitor external data sources to maintain currency of CND threat condition and determine which security issues may have an impact on the environment or enclave. Assist in the construction of signatures which can be implemented on CND network tools in response to new or observed threats within the environment or enclave. Perform event correlation using information gathered from a variety of sources with the environment or • enclave to gain situational awareness and determine the effectiveness of an observed attack. Notify CND managers, CND incident responders, and other CND-SP team members of suspected CND incidents and articulate the event’s history, status, and potential impact for further action. • Significant knowledge of particular CND tools, tactics, techniques, and procedures which support the tracking, management, analysis, and resolution of incidents. Works under supervision and typically reports to CND-SPM. Actions are usually authorized and controlled by policies and established procedures. • Certification required within 6 months of assignment to position and mandatory for unsupervised access.
  • 4. • Collect and analyze intrusion artifacts (e.g., source code, malware, and Trojans) and use discovered data to enable mitigation potential CND incidents within the enclave. Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enclave systems. Coordinate with and provide expert technical support to enclave CND technicians to resolve CND incidents. Track and document CND incidents from initial detection through final resolution. Perform CND incident triage to include determining scope, urgency, and potential impact; identify the specific vulnerability and make recommendations which enable expeditious remediation. Correlate incident data and perform CND trend analysis and reporting. Coordinate with intelligence analysts data and perform CND trend analysis and reporting. • Coordinate with intelligence analysts to correlate threat assessment data. • Perform real-time CND Incident Handling (e.g., forensic collections. Intrusion correlation/tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRT). Maintain deployable CND toolkit (e.g., specialized CND software/hardware) to support IRT missions. Write and publish CND guidance and reports on incident findings to appropriate constituencies. October 2008 – September 2011 Watch Officer for Primary Security Operations Center/ Vulnerability Analysis Lead for Avaya Government Solutions - U.S. Senate Sergeant At Arms program / Senior Network Security System Analyst for Avaya Government Solutions Senior Cyber Intelligence Analyst for US Senate Sergeant at Arms. • Conduct preliminary investigations of incidents and accurately document and report them to the Sergeant at Arms for the US Senate. • Leads a team of three Cyber Security Analysts in analyzing and investigating suspicious network trends in Arcsight Enterprise Security 4.0 and McAfee Intrushield Alert Manager for the U.S. Senate. • Creates filters and monitors active channels in Arcsight on hostile intelligence threats network, and communications vulnerabilities. • Identifies the immediate action needed and recommends viable countermeasures and corrective actions to the Watch Standers regarding vulnerabilities, malicious code and attacks. • Authors, proofreads, edits and disseminates daily and time sensitive incident reports; synthesizes, organizes, and analyzes information under tight deadlines with no impact on quality while staying up to date with the latest activity and status updates. • Supervises/Mentors and assists in the training of junior analysts and newly hire personnel. • Participates in Daily Tag up with Senate Watch Standers. • Configures nCircle scan profiles and prepares monthly Vulnerability Assessment documents • Attends weekly and monthly Classified Cyber Security meetings with numerous agencies to include DHS, JTF-GNO, and US Cert to collect, and gather intelligence on the latest malicious threats. • Pass on all intelligence gathered to use for further analysis to the US Senate SAA IT Security Staff, and within our Security Operation Centers to prevent, analyze, and mitigate the latest emerging threats and suspicious activity from all Classifed meetings conducted by DHS, US Cert, and Cyber Command. • Continuously gather open source intelligence from sources such as Malware Domain List, Malware URL, Trusted Source, Threat Expert and Zeus tracker. • Monitor real time network traffic, discovered security events and vulnerabilities, analyze the event, and provide recommendations to the US Senate SAA Staff on how the Incident Response should be conducted with recommendations. • Conduct event correlation and analysis for events of interest using tools such as Arcsight,
  • 5. Intrushield, Wireshark, CISCO IDS Sensors, SNORT, and NetWitness. • Complete Investigative alert reports on machines that could potentially become infected, or is actually infected with malware, hack tools, and vulnerabilities that are used to compromise machines that can infect the US Senate network. • Conduct daily meetings with the SAA in support of the US Senate with the daily incident reports that are pending, and the latest emerging threats. • In charge of the Avaya Government Solutions Vulnerability Assessment team, created and developed all Standard Operating Procedures for this program and all vulnerability scan’s reports that are performed along with the analysis report generation within The U.S. Senate network. Also performing Quality Assurance process on all scans conducted by the Avaya Government Solutions Vulnerability Assessment team/Vulnerability Management team before they are delivered to the US Senate Sergeant At Arms Vulnerability Management team. • Conduct, and Configure Vulnerability Scans that are conducted using NCircle. • Utilize Symantec Security Information Manager, Symantec Reporting System, and Symantec System Center Console to investigate and analyze any activity of suspicion on internal hosts to include the best remediation procedure if needed. • I was in Charge and successfully maintained the entire U. S. Senate Sergeant At Arms Vulnerability Analysis program while instructing the Avaya Government Solutions Vulnerability Analysis Team and working in communication directly with the U. S. Senate Security Staff on all requests and recommendations. August 2007 – October 2008 Forensics and Incident Management Analyst/Incident Handling Analyst Northrup Grumman at Marine Corps Network Operations and Security Center (MCNOSC) • Performed network analysis at the MCNOSC that entailed providing to senior management detailed reports on the traffic analysis and traffic flow for the entire Marine Corp grid • Conducted in-depth forensic analysis on DoD systems to determine the extent of intrusion related damage • Provided detailed forensic analysis reports on intrusion related hosts to senior management • Conducted forensic investigations that included multiple workstations • Using state-of-art forensic analysis tools to analyze incidents pertaining to network intrusions, insider threats, and misuse of government information systems. • Conduct preliminary investigations of incidents and accurately document and report them in the Marine Corps. Computer Emergency Response team (MARCERT) Collection Database which is directly reported to the (JTF-GNO).. • Provide around the clock support for all subscriber networks pertaining to network defense matters. Provide the detection portion of the MarCERT mission by providing 24x7 monitoring of the MCEN. • Conduct event correlation and analysis for events of interest, which may lead to a reportable incident through Sitepro IDS, Intrushield IPS, and Arcsight. • Provided Infrastructure support assistance with the IDS Sensors, and consoles which use signature based network intrusion detection system. • Work extensively with the Network Operations Center and the JTF-GNO to provide global network operations and computer network systems in support of Marine and Joint forces operating worldwide.. • Complete investigations on machines that are infected with many different types of malware, hack tools, and vulnerabilities that are used to compromise machines that can infect the enterprise network. • Work constantly with IAMs that are responsible for hosts USMC Worldwide to make sure all threats are scanned , and cleaned and to submit reports on the cause of the infection and the incident.
  • 6. • Work extensively with running vulnerability scans with network tools such as NIKTO, Retina, Nessus, NMAP • Analyze Packet captures, Retina scans, First Response Data, and RIPPER Scan results. • Analyze network traffic from Cyberguard firewalls, and Secure Shell. Sept.2005-Aug.2007 Aviation Info.SystemSecurity Specialist/ Customer Service Manager • Orchestrated the movement of over $500 thousand dollars in computer assets transported forward to achieve mission requirements that supported heavy helicopter squadrons’ forward operations. • Administered over 1,000 Naval Tactical Command Support System (NTCSS) user accounts aboard MAG 24. • Assisted in diagnosing internal and external server connectivity for MAG 24. • Managed Helpdesk which was critical first echelon problem solver for countless trouble calls for the MAG 24. • Managed 4 Marines on a daily basis to fulfill assigned tasks issued by the Department Chief in a timely manner. • Maintained the Information Assurance Program For the Marine Corps. Regarding the overall functions and responsibilities to include IA inspections. • Design and manipulate database systems and generate reports as necessary. • Order, track, and manage replacement parts and necessary supplies for computer suites within the unit. • Complete assigning administrative assignment letters, and correspondence for the entire unit to include EDS, Navy Marine Corps Intranet assets. • Receive and effectively managed over 3,500 trouble calls for the entire Marine Aircraft Group which include over 1300 users and 2,500 workstations. • Provide outstanding customer service which directly impacted the operational readiness of the command. Inventoried over 3000 assets with 100% accountability for 3 years. • Received 2,500 assets from EDS, NMCI and coordinated the deployment of assets with minimal downtime to users. • Responsible for the receipt, inventory, management and issue of all Information Technology (IT) assets. • Trained on all EDS, NMCI aspects such as the Navy Marine Corps Intranet Project, Base CTR, and Information System coordinator. • Trained in Analyst, Information System Coordinators (ISC), new user account setup, Service Request forms, Information Awareness training. • Responsible for Government sales purchases for different units through Supply, and other civilian contracts. USMC Marine Aviation Air Group 24 Marine Corps. Base Hawaii • Achieved network connectivity for two civilian contracted teams that are aboard MAG 24 to support OMA level squadron requirements. Nov. 2003-Sept. 2005Aviation Info.System SpecialistMaintenance Support Manager USMC Marine Aviation Logistics Squadron-24 Marine Corps. Base Hawaii • Responsible for a broad spectrum of digital network and information systems operation, installation, and maintenance in support of Marine Corps and Naval Aviation. • Assisted in preparing network integration of three external Squadron Warehouse facilities and the MALS Van complex that supported base operations.
  • 7. • Accountable for the deployment of tactical local and wide area networks to any theater of operation; from company headquarters to shipboard to forward deployed joint-service environments. • Maintain and repair data communication links, fiber-optic and tactical fiber-optic cabling. • Support a myriad of computer and network operating systems including UNIX, WINDOWS NT, WIINDOWS 2000, WINDOWS XP, and TCP/IP. • Transitioned 1300 Unit users from legacy network to Navy and Marine Corps. Intranet, and assisted in cutover of 2,500 computer assets. • Performed Object Creation Module (OCM) Data call for 1300 MAG-24 users • Use applications and software programs to access and manage data stored in the computer’s memory and database files. Nov.2002-Oct. 2003 Aviation Logistics Tactical Info. System Rep. USMC Aviation Info. System Training Athens, GA • Learn to provide technical, operational, and logistical support for all aviation information systems within the Mag-24. June 2002-Oct. 2002 USMC Marine Training Basic TrainingMarine Combat Traning Parris Island S.C. Camp Lejeune, N.C. Marine Information Technology Network Operations Center - Quantico, Virginia • Learn Martial arts training, Land Navigation, Basic Warrior training, rifle Training, and discipline. • Learn Basic skills of being a Marine • Learn field operations, while accomplishing the mission in an accurate and precise manner. • Learn different types of weapons such as grenades, rifles, and military artillery. Education Computer Programming for Business Applications B.S.B.A. Bachelor Of Science Business Administration; Major: Computer Information Systems 1164 Bishop St, Suite 911, Honolulu, Hawaii 96813 (808) 544-0200 High School Diploma JF WEBB High School, Oxford, North Carolina Professional Certifications • Class leader within the training Aviation Logistics Tactical Systems • Learn to provide Maintenance support for Mals-24 supply and maintenance departments by supporting NTCSS platforms.
  • 8. Personal Awards • Security Plus Certified 2008 • GCIA Trained • Defense Threat Reduction Agency Lead Cyber Intel Certified • MCNOSC MarCERT Intrusion Analyst Certified • CEH Certified 2012 • Department of Defense Office of the Inspector General Network Security Engineer Certified • U. S. Marine Sergeant • Meritorious Service Medal • Good Conduct Medal • Navy Achievement Medal • Global War on Terrorism Medal