Information Security Risk Management
Resume:
Robert L. Smith Jr.
***** *** **** ** *** *** Herndon Va 20171
ad5rbz@r.postjobfree.com
CORE STRENGTHS
●Top Secret/SCI full scope poly full
●Veteran - US Navy Intelligence (15 yrs.)
●Proven field intelligence support
(Afghanistan 2012-14)
●Counter Narcotic/Proliferation Operations
●Intelligence Support to Operations Planning
●Intelligence Support to SOF & COIN operations
●Intelligence Mentoring
●Non-Kinetic Operations
●Information Operations
●Social Media Exploitation & Intrusion Detection
●Social and network analysis
●Proficient in Spanish language - DLPT 3/3/3
EXPERIENCE
Cyber Analyst
Oracle; Herndon/ Virginia
Develops and executes programs and processes to reduce information security risk and strengthen Oracle’s security posture. Supports the strengthening of Oracle’s security posture, focusing on the following: incident response; threat and vulnerability management; risk management; security policy development and enforcement; and digital forensics Incident Management and response: Responds to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks.Threat and Vulnerability Management: Research, evaluate, track, and manage information security threats and vulnerabilities in situations where analysis of well-understood information is required. Risk Management: Assesses the information security risk associated with existing and proposed business operational programs, systems, applications, practices, and procedures in complex, business-critical environments. Conduct and document complex information security risk assessments. Assist in the creation and implementation of security solutions and programs. Digital Forensics: Conduct data collection, preservation, and forensic analysis of digital media independently.
Cyber Intelligence Analyst (TS/SCI) October 2012 – 2021
Cambridge International Systems; Afghanistan/Washington, DC
Actively investigated security vulnerabilities to define countermeasures for proactive prevention or reactive mitigation of the threats to the system. Conducted network risk management analysis and threat risk modeling to preemptively identify defensive detection and deterrence procedures and establish adequate defensive response protocols. Worked across functional lines to fuse intelligence information to identify and communicate threat trends and indicators of compromise. Produce in-depth, all-source analysis on Foreign Intelligence and Security Service (FISS) and their use of technology when targeting, exploiting, and assessing DOD capabilities, information, information systems, networks, personnel, and operations. Analyze FISS technology to determine key areas of exploitation, targeting, or collection analysis and assemble Intelligence and Counterintelligence (CI) reports for tactical and strategic level decision makers. Examine the use of foreign intelligence technology leveraged against US assets to provide pivotal options for DOD entities to deny, degrade, or defeat foreign intelligence collection capabilities and operations. Participate in counter FISS capabilities (HUMINT, IMINT, MASINT, OSINT, and SIGINT), countermeasures, and operations. Manage DOD intelligence collection efforts and operations utilized in HUMINT defense, offensive counter-intelligence (OFCO) operations, and DIA/DOD Insider Threat /counter-espionage efforts. FISS technical assessments may include exploitation of foreign Computer Network Operations (CNO) and cyber/digital capabilities, biometric and identity intelligence technologies (DNA, mobile phones, location services, RFID, smart card technologies). Provide ad hoc support to Supply Chain Risk Management, Defense Critical Infrastructure Protection (DCIP), and research technology protection efforts. Perform daily Intrusion Detection Sensor (IDS) monitoring to ensure that all sensors are active. Review the Security Information Management (SIM) tool interface, as the tool correlates and aggregates alert data from multiple IDS sensor types and additional security devices. Alerts and packet-level data are collected from sensors on a daily basis and report findings to the government Watch Officer (WO). Provide incident response functions when appropriate and coordinate activities with field site personnel when directed by the government WO. Support the government WO in publishing incidents, alerts, advisories, and bulletins as required. Conduct research pertaining to the latest viruses, worms, etc., and the latest technological advances in combating unauthorized access to information. Submit an End-of-shift Report summarizing activities for each shift.
Defensive Cyber Operations (DCO) analyst (TS/SCI) March 2007 - October 2012
MaCaulay Brown Inc.; San Antonio, TX
Conducted defensive cyber operations (DCO) monitoring and intrusion detection analysis to defend Air Force networks against real-time and zero-day exploits. Performed database queries and submitted block requests against offending foreign IP addresses or subnets through coordination with CYBERCOM, DISA, and Air Force Network Operations and Security Centers (NOSC). Validated authorized and unauthorized activity on AF NIPR/SIPR networks. Tracked trends of authorized and unauthorized activity. Provided and confirmed historical records of protected network utilization. Validated unusual authorized network activity unique to major commands (MAJCOMs), geographic regions, or specialized sensor platforms. Noted waivers from standard network configuration and resolved technical deviations with network customers to ensure net integrity. Conduct vulnerability/compliance assessments, including analysis, on AF/DoD systems, Performed duties as the cell lead and ensured the analysts were prepared to accomplish mission requirements and task qualifications while conducting network monitoring and intrusion detection analysis using ArcSight and activities related to Air Force Network Operations Center (AFNOC) mission execution. Defend the AF networks against attempted intrusions in real-time while performing network monitoring of AF systems worldwide, validated authorized and unauthorized activities utilizing the AF intrusion detection tools (ArcSight, Wireshark, PCAP, and the NIKSUN). Implemented immediate actions against suspicious Internet Protocol (IP) attacks and performed incident responses and vulnerability assessments of Air Force automated information systems. Conduct database queries and submit threat requests against offending foreign IP addresses. Provided historical records of protected network utilization and correlated activity across the AF and coordinated actions with AFNOC and the Major Command Network Operations and Security Centers (MAJCOM NOSCs). Provided global security for AF and Central Command (CENTCOM) of classified and unclassified networks ensuring uninterrupted network integrity, reliability, availability, and confidentiality.- Supported and assisted in the development, test, and implementation IDT on AF networks as required, to include both NIPRNET and SIPRNET monitored network operations in the AFNOC NSD. Actively investigated security vulnerabilities to define countermeasures for proactive prevention or reactive mitigation of the threats to the system. Conducted network risk management analysis and threat risk modeling to preemptively identify defensive detection and deterrence procedures and establish adequate defensive response protocols. Worked across functional lines to fuse intelligence information to identify and communicate threat trends and indicators of compromise.
TECHNICAL EXPERTISE
Expert in Microsoft Office, Analyst Notebook, ARCGIS, Palantir, M3, Pathfinder, TIDE BIIR, DCGS, BATS/HIDE, ArcSight, Niksun; Snort intrusion, Source fire, P-Cap, Sime tools, Intrusion malware experience with Warlord Notebook, Wireshark, Splunk, Source Onion, firetruck, Voltron and tone loc, cloud guard, griffin
Certification
CYSA+
EDUCATION
Defense Language Institute (DLI)- Monterey, CA (April 1995); USN 9203- Spanish linguist ( DLPT 3/3/3)
Goodfellow AFB, San Angelo, TX (May 1999); USN 9138- Intelligence analyst (Journeyman)
Intrusion Detection and Analysis (Jan 2008) Associate degree In Information Assurance Cyber Security From the Palo Alto College in San Antonio TX. CST certified.
Contact this candidate