Information Security
Resume:
Brandy Lee Hinton
Grovetown, Ga
**************@*****.***
TS SCI/W Poly
Education:
BS Networking and Cyber Security
UMUC, 12/2016
BSQA-Quality Assurance
Hawaii Pacific University 2004
MBA
Webster University, St. Louis, MO 2006
DBA-Management
Argosy University, Atlanta, GA 2015
Relevant Experience:
Tier III SOC Analyst for HHS (Health and Human Services)
MERLIN, Int
May 2017- Present
Monitors client networks for security events and alerts HHS customers (EX. CDC, FDA, ETC) clients to potential (or active) threats, intrusions, and/or compromises
Responsible for understanding the global threat landscape and tracking changes in this area, as well as understanding the direct or indirect impact to the HHS customer base.
Conducts research on and maps out response to emerging threats, including understanding the level of impact and exposure to the HHS customers, proactively communicating to internal staff and customers on a regular basis updates on emerging threats, and ensuring HHS has thorough detection capabilities in place for emerging threats.
Performs triage of service requests from internal teams; act as a subject matter expert for advanced technology, architecture and threat-related questions from internal staff.
Work experience with the following Tools/Databases: HP ArcSight, McAfee ePO, RSA, SPLUNK, IDA PRO.
Cyber Intelligence Analyst
SAIC
October 2016-Present
Serves as the Subject Matter Expert and advisor to the Cyber Protection Team Lead and staff regarding the employment of Defensive Cyber Operations (DCO) technology and personnel. Direct, plan, administer, manage, integrate and assess cyberspace operations. Prepare and present oral and written briefings/reports to senior leadership on complex network operations, information assurance and cyber defense issues.
Assist with staff studies on networking and information security (INFOSEC). Develops, creates and writes scripts for new and/or modified existing computer applications, software and specialized utility programs.
Conducts network terrain audits, penetration testing, basic digital forensics data analysis, and software threat analysis.
Information Assurance Analyst (INFOSEC)
Department of Homeland Security (GS13)
January 2015-April 2017
Performs threat intelligence activities to proactively detect, identify, respond to, and defeat advanced persistent threats (APTs)
Analyzes reconnaissance and intrusions attempts utilizing raw technical data.
Reconstructs intrusion tactics, techniques, and procedures to identify potential threat actors and nation-state organizations
Identifies, extracts, and leverages intelligence from known or suspected APT intrusions
Builds profiles of both current and potential adversary groups
Utilizes intelligence to proactively defend against and respond to potential and future intrusions
Collaborates with third parties on cyber intelligence matters
Analyzes, identifies, and extracts information from spear-phishing emails
Analyzes, identifies, and extracts information from malicious PDF attachments
Analyzes, identifies, and extracts information from malware
Analyzes, identifies, and extracts information from malicious source code and scripts
Identifies and builds profiles of adversary reconnaissance and exploitation techniques, tactics, and procedures (TTPs)
Analyzes and determines technical indicators of compromise (IOC's)
Collects information from low-level technical sources (ex. packet captures, TCP/UDP traffic flows, firewall or proxy logs,
Specifies and authors IDS signatures (ex. Snort), proxy or firewall rulesets, anti-virus settings, email filter configurations, and other defensive solutions
Conducts analysis of network and host data in support of intrusion analysis or enterprise level information security operations.
Cyber Information Assurance Manager
Shearon Harris Nuclear Plant
September 2014-January 2016
Review/Perform Cyber assessments as required by the NRC/FERC/NERC cyber security programs
Conducts log analysis to identify malicious activity and anomalous behavior.
Reviews security events that are populated in a Security Information and Event Management (SIEM) system.
Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident. Responsible for building a layered approach to all plant security systems and prioritizing efforts.
Windows and UNIX/Linux Operating Systems knowledge
Responsible for the development of periodic scanning reports, risk assessments, vulnerability assessment reports and/or standards and policies across multiple IT platforms, including: Mainframe, Client Server, and Web-based systems
Responsible for Plant IT infrastructure designing from the processes, hardware, software, networks, vendors, to the customer interfaces. Integrate and interface with site major projects organization to ensure compliance with site procedures and processes
Information Assurance Program Analyst-PM
Landmark Technology (LMT)
August 2013-Septemeber 2014
Monitors and analyzes network traffic and IDS alerts
Trains users and promote security awareness to ensure system security and to improve server and network efficiency.
Coordinates implementation of computer system plan with establishment personnel and outside vendors.
Monitors use of data files and regulate access to safeguard information in computer files.
Performs risk assessments and execute tests of data processing system to ensure functioning of data processing activities and security measures.
Encrypts data transmissions and erect firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers.
Reviews violations of computer security procedures and discuss procedures with violators to ensure violations are not repeated.
Maintains permanent fleet cryptologic and carry-on direct support systems required in special land, sea surface and subsurface operations
Intelligence/ Signal Officer (Army Officer)
June 1992 – July 2013
US Army Several Oconus and Conus installations
Afghanistan 2011-2012- Research relevant sources for information on foreign intelligence targets; developed query strategies to obtain relevant information; analyzed foreign target intelligence; assessed validity and relevance of foreign intelligence; profiled foreign targets and their activities; produced intelligence reports that address customer information needs; performed target discovery by developing strategies to obtain new information and sources for intelligence; and/or monitored target data for changes or anomalies.
Schofield Barracks Hawaii 2009-2011- Collected operational intelligence reports from various agencies recommend approval/disapproval regarding the dissemination of operational intelligence information, analyze raw, primary and secondary data from various sources such as databases, intelligence reports, communications, case files and other sources
Assessed and provided analysis of technologies and solutions, provides analysis recommendations, researches and builds technical papers, and supports INSCOM and NSA analysis operations
Fort Drum New York 2003-2005- Conducted research and analysis of counterintelligence, counter-terrorism or foreign military forces, operations, capabilities and trends to support all source intelligence and threat production.
Iraq 2005-2006- Provided analysis and research for industry, infrastructure, technology, country, geographic area, biographic and targeted vulnerability
Prepared assessments of current events based on the sophisticated collection, research and analysis of classified and open source information
Fort Gordon Ga 2006-2009 (Commander D 369)- Company Commander and Manager for over 545 Initial Entry Soldiers and 10 Cadre Members.
Prior to 2003 I was an Army Flight Medic from June 1992 until I went to Officer Candidate School in January 2003.
Professional Licenses/ certifications:
Undergraduate Certificate in Computer Networking
Masters Cyber Security Policy Certificate- UMUC
Project Management- Tidewater Community
Certified Ethical Hacker (CEH)
TEACHING AND TRAINING EXPERIENCE:
University of Phoenix, Columbia, SC 2006-2010
Axia University Online-2010-2011
Colorado Technical University Online 2009-Present:
Developed and designed instructional and training material for newly offered Homeland Security courses
Contact this candidate