Director of Forensics

Email: *********@*****.***

DIRECTOR

Area of Focus: Information Security

Information and Security Management Risk Assessment Computer Security and Networking Program Development

Network Forensics Threat Intelligence Digital Investigation Project Management

QUALIFICATIONS PROFILE

Innovative and highly focused professional, equipped with broad knowledge of information security and technology development

strategies; combined with proven ability in designing and implementing complex information systems and network security controls.

Recognized as a team player and strategic thinker, with excellent communication, interpersonal, and organizational qualities.

Bilingual in English and Spanish.

RELEVANT EXPERIENCE

Confidential

Confidential 2012 –Present

Spearhead investigations on security incidents in corporate network

Serve as a program lead and architect for information security case management system and cyber threat intelligence solutions, as

well as primary technical contact for eDiscovery

Collaborate with internal customers regarding information on security and investigative matters

Use early data assessment methodologies to collect ESI from internal network

Offer consultation to the Legal Department and other internal groups on agency-wide information governance, data retention, and

eDiscovery initiatives

Generate standard operating procedures (SOP) for internal forensic investigations

Career Highlights

Spearheaded key effort in the purchase and development of Information Security Case Management system, which replaced the old

ticketing system agency-wide

Successfully produced a series of cyber threat intelligence capabilities including OSINT monitoring and unified threat platform for

detection of malicious activity

Led the procurement, architecture, and deployment of endpoint detection and response technology to the entire enterprise

Established new workflows and business processes to collaborate with stakeholders on digital investigative support

Obtained multiple Mission Achievement Awards for significant contributions in improvement of FDIC’s forensic collection and analysis

capability in 2013; establishment and enhancement of a new capability for detecting, tracking and recovering FDIC assets using

advanced forensic techniques in 2014; research, planning, participation, and support on digital investigative services submission in

2015; as well as for successful proposal for the FDIC EGRC system

Driven, Inc., Falls Church, VA

Forensic Operations Manager 2011–2012

Functioned as head of forensic capabilities for a national eDiscovery company, supervising a small team of forensic analysts

Planned and executed forensic architecture for processing incoming data

Created department strategy, planned forensic initiatives, and performed detailed forensic investigations

Architected and utilized open source case management solution to track forensic workload and work product separate from billable

sales

Career Highlights

Conceptualized and implemented case management solution for tracking projects which included status, metrics, and process notes

Made innovative technical solutions for the department of forensics

Streamlined the customer engagement and consulting business process at the beginning of customer contact to discuss technical

implications of the project as it related to computer forensics

ManTech International Corporation, Falls Church, VA

Lead Forensic Engineer 2010–2011

Spearheaded the Advance Cyber Threat Unit to investigate intrusions into company network from criminal organizations, independent

hackers, and foreign governments as well as delivered detailed reports to the company and the United States government

Oversaw computer network investigations, as well as regular activities of a small team of highly technical employees

Employed keen attention to detail in the development of tactics, technics, and procedures to oppose Advance Persistent Threat (APT)

intrusions

Prepared report documents, workflow guides, and Standard Operating Procedures (SOP)

Performed a wide array of tasks, including designing system architecture for forensic labs and building, as well as upgrading and

customizing personal computers for analysis as the technical subject matter expert (SME) for company-wide forensics

Steered efforts in conducting basic malware analysis and reverse engineering

Worked collaboratively with U.S. Government intelligence agencies and defense industrial-base partners regarding threats to national

security using cyber threat intelligence analysis

Coached new forensic personnel

Career Highlights

Produced Wiki based cyber threat intelligence tracking platform to collect information regarding advanced attackers activity against

corporate network; applied coordinated intelligence reporting approach to relay information with stakeholders and Federal Bureau of

Investigations (FBI) Cyber Counterintelligence

Utilized a combination of Mac OSX, Windows, and Linux machines to provide out-of-band, off-network investigative solutions for all

components for a separate cyber-threat research network

Designed various processes and incorporated new tools and procedures for the investigation of advanced persistent threat (APT)

activity

ManTech International Corporation, Falls Church, VA

Program Manager 2007–2010

Executed program management responsibilities for deployed computer forensic contracts valued at $5.7M annually, in support of

military intelligence operations abroad

Worked as a SME for forensic training and deployed operational forensics for USG intelligence agencies

Rendered assistance with budget planning and contract re-bid financial build-outs

Served as a focal point of contact for personnel issues of 23 personnel deployed to Iraq

Strategically hired, trained, and deployed more than 35 media exploitation analysts

Career Highlights

Took charge of hiring and training more than 35 new forensics personnel for the successful implementation of computer forensics

intelligence support for the US military

Developed new hiring and processing process to decrease the gap time in backfilling unexpected manpower losses by 50%.

Provided training to government and contract staff of two other US intelligence agencies in the area of computer forensics by

extending internally developed training curriculum

ManTech International Corporation, Falls Church, VA

Media Exploitation Analyst 2006–2007

Piloted computer forensic media exploitation in Iraq for military intelligence in support of counter intelligence (CI), counter

insurgency (COIN), and counter terrorism (CT)

Expertly conducted analysis regarding hundreds of pieces of media, which included hard drives, thumb drives, CD’s, floppy disks, and

video cassettes, as well as data recovery and analysis using EnCase, FTK, Adobe Premiere, Audacity, and Adobe Photoshop

Formulated recommendations for new policies for theater-wide mission and produced detailed reports and briefing to a variety of

customers

Career Highlights

Delivered critical business, process, and stakeholders information on new contract which allowed company to change the hiring,

training, and management process

Served as a driving force behind the elimination of a high-value target in Iraq by reconstructing video artifacts that identified an

enemy staging location

DeKalb County District Attorney’s Office, Decatur, GA

Criminal Investigator, Technology Operations 2001–2006

Implemented the proposed technology operations special investigator position

Handled operations for all computer crimes and hi-tech elements of other criminal investigations

Focused on performing computer analysis on computers, cellphones, and thumb drives for major felony cases which included homicides,

drug cases, intrusions, missing persons, and robberies

Drove project for managing and implementing agency-wide wireless telecomm plan and infrastructure, which included tech support for

BlackBerry devices, deal and contract negotiation, budgeting, billing, and planning

Identified projects for operations improvement such as evidence room expansion and build out, press officer multi-channel DVR for

news recording, courtroom presentation media lab, and digital cameras for investigations

Worked as a technical expert for search warrants and court orders

Career Highlight

Successfully created technology operations criminal investigator position for digital investigative support services for the agency

and served as the jurisdiction-wide SME for digital evidence, cybercrime criminal procedure, and computer forensic investigations

Earned the Special Recognition Award in 2005 for dedication and loyalty to the Decatur community

Minimized case reporting time by 75% and led the custom development of case management application that included into other county

criminal justice information systems

OTHER EXPERIENCE

City of Decatur Police Department, Decatur, GA

Police Officer and Police Corporal

EDUCATION

Master of Science in Management of Information Technology, 2011

University of Virginia, Charlottesville, VA

Bachelor of Arts in Criminal Justice

University of Georgia, Athens, GA

PROFESSIONAL AFFILIATIONS

ISC2 Hi Tech Crime Consortium (HTCC)

CERTIFICATIONS

Certified Information Systems Security Professional (CISSP) 2011

Project Management Professional (PMP) Certification 2010

EnCase Certified Examiner, Guidance Software 2008

Contact this candidate