Contact Information:
Bradley “Brad” E Roberson
US Citizen
Professional Summary
Experienced Network Security Analyst with 10+ year background in network security. Adept at utilizing network monitoring tools such as SNORT, Various SIEM appliances, Imperva Web Application Firewall, and TrendMicro Intrusion Prevention System in order to isolate network security deficiencies and creating comprehensive reports of network issues. Experienced in leading a team of cyber security engineers in monitoring live traffic, identifying malicious activity, and implementing countermeasures. Strong knowledge of incident response, documenting, and change management. Proficient in SNORT rule writing/implementing and implementing other countermeasures as needed. Experienced using Wireshark for deep packet analysis and network troubleshooting. Some experience with malware analysis in a sandbox environment.
Core Qualifications
• Comprehensive intrusion analysis/mitigation and incident response skills
• Strong Analytical Skills
• Problem Solver
• Information Security
• Computer Forensics
• Proficient with VMWare
• Network Configuration & troubleshooting
• Information Assurance
• Experience with enterprise security tools
Experience
Wipro Limited 08/04/2021 to 06/07/2023
Senior Security Engineer Dallas, TX
• Monitor, Defend, and maintain multiple customer networks using a variety of SIEM tools for each entity.
• Works as part of a team of 8 analysts to ensuring Wipro systems are being protected from known and emerging threats outside of normal working hours.
• Knowledge and use of PaloAlto Panorama, IBM QRadar, CrowdStrike and other network security tools.
• Utilized Demisto & ServiceNOW for ticket management.
• Provides oversight, direction, and expertise to analysts. Work with multiple entities to ensure security SLAs are met and clients are satisfied with work being done.
Zensar Technologies, Inc
City of San Diego (Remote) 06/19/2019 to AUG21
SOC Analyst Dallas, TX
• Monitor, Defend, and maintain the City network using a variety of network tools.
• Monitor network traffic for DLP incidents and determine the validity. Report and take action as required by severity of incident.
• Works as part of a team of 4 analysts to ensure the City and subsidiaries 'systems are being protected from known and emerging threats outside of normal working hours.
• Provides analysis, documentation, personnel assistance and guidance to city users.
• Knowledge and use of PaloAlto Panorama, SumoLogic, JASK, CrowdStrike, and Netskope network security tools.
• Utilized Demisto for ticket management.
• Provides oversight, direction, and expertise to analysts. Work with multiple entities to ensure security SLAs are met and clients are satisfied with work being done.
Use open source tools and research (OSINT) to determine severity and validity of threats.
Cloudious
Contactor at AmerisourceBergen 10/23/2018 to 12/28/2018
L3 Intrusion Response Analyst Frisco, TX
• Monitor, Defend, and maintain the corporate network using various McAfee Security tools.
• Monitor network traffic for DLP incidents and determine the validity. Report and take action as required by severity of incident.
• Works as part of a team of three L3 senior analysts to ensure the company and subsidiaries 'systems are being protected from known and emerging threats.
• Provides analysis, documentation, personnel assistance and guidance to bank users.
• Knowledge and use of SNYPR network security tools.
• Provides oversight, direction, and expertise to analysts. Work with multiple entities to ensure security SLAs are met and clients are satisfied with work being done.
Lewis & James Professionals
Contractor at Texas Capital Bank 6/20/2018 to 10/05/2018
Security Analyst - Security Operations Center (SOC) Richardson, TX
• Monitor, Defend, and maintain the corporate network using various McAfee Security tools.
• Works as part of a team of three to ensure the bank systems are being protected from known and emerging threats.
• Performs research to stay on top of new threats.
• Provides oversight, direction, and expertise to analysts. Works with multiple delivery teams to ensure security policy is met and users are able to perform uninterrupted work.
• Periodically review suspected phishing/spam emails and handle them accordingly.
• Educate users on best practices and ensure they understand corporate security policy.
• Provides analysis, documentation, personnel assistance and guidance to bank users.
• Knowledge and use of McAfee network security tools.
CGI Federal Inc. 10/26/15 to 5/15/2018
Security Operations Center (SOC) San Antonio, TX
• Stood up 24/7 security monitoring capabilities. Currently working night shift in support of 24/7 SOC operations.
• Works as part of a small team to ensure customer’s systems are being protected from known and emerging threats.
• Provides oversight, direction, and expertise to analysts. Work with multiple entities to ensure security SLAs are met and clients are satisfied with work being done.
• Provides analysis, documentation, personnel assistance and guidance to customers.
• Knowledge and use of well-known network security tools.
US Navy - National Security Agency 11/19/09 to 11/04/2015
National Threat Operations Center (NTOC) San Antonio, TX
Jobs
• Cyber Security Information Analyst (Deep Packet Inspection) for two years.
• Senior Cyber Manager (Mission Manager) for two years.
• Senior Collection and Execution Cell (SCEO) for six months
• Cyber Security Intelligence Analyst (CSIA) for five years
• Tactical Data Triage Analyst (Malware Analyst) for one year.
• Senior Cyber Manager (SCM): Directs and manages all Operations Center activities, numerous multi-service and contracting personnel an operational priorities to current cyber events, making decisions on behalf of the Director of NTOC-T to maximize resources as well as support and enabling capabilities as an SCM.
• Cyber Security Tasking Officer (CTO): Leads a multi-member, multi-service personnel and contractor team in monitoring and tasking new and deployed threat detection signatures on defense system allowing focused real time monitoring to the operations center as the CTO team lead.
• Senior Collection and Execution Cell (SCEO): Serves as a key team lead within the Collection and Execution Cell, providing both leadership and technical expertise in the development of collection strategies to support NTOC missions 24/7 as a SCEO.
• Cyber Security Intelligence Analyst (CSIA): Provides in-depth analysis and monitoring of adversary intrusions sets in support of worldwide Computer Network Defense.
• Tactical Data Triage Analyst (Malware Analyst): Leads a team of multi-service personnel in the analysis of possible malicious malware, provides customers with detailed reports, collection, and countermeasure suggestions as the Tactical Data Triage Analyst (TDTA) Team Lead.
Technical Capabilities
Windows NT – Windows 10 proficient
Microsoft Office 2010
Read and program router/switch configurations
Deep packet analysis
Basic Malware analysis
Intrusion analysis
Network Configuration
Network troubleshooting
Routers
Firewalls
Snort rule writing
Snort Implementation
Active Directory
Countermeasure implementation
Analyze C++
Analyze Perl
Unix
Linux
Trend Micro
Virtual Private Network
Intrusion Detection Systems (IDS)
Intrusion Prevention Systems (IPS)
McAfee ESM
McAfee ATD
McAfee Web Gateway
McAfee ePO
Avecto
Proofpoint Enterprise
SourceFire
Arcsight
Imperva
Extreme Networks
Nmap
Education
Stephen F. Austin State University – August 2004 to December 2006
Cisco Certified Enterprise Network Technician, June 2014 (CISCO-ID: CSCO12638668)
Cisco Certified Network Associate, June 2014 (CISCO-ID: CSCO12638668)
Cisco Certified Network Professional, April 2015 (CISCO-ID: CSCO12638668)
U.S Navy Joint Cyber Analysis Course Graduate, June 2011.
NSA/CSS Certified Global Network Analyst, July 2011.
NSA/CSS Certified Cyber Security Intelligence Analyst, Jan 2012.
NSA/CSS Certified Tactical Data Triage Analyst, Jan 2012.
NSA/CSS Certified Senior Collections Officer, Oct 2013.
NSA/CSS Certified Cyber Security Tasking Officer, March 2013.
U.S Navy Qualified Enlisted Information Dominance Warfare Specialist, Sept 2013.
NSA/CSS Certified Senior Cyber mission Manager, Feb 2014.
OSINT Experience