FRANCIS L. YOUNG III

Santa Clara, CA

650-***-**** ad1g1t@r.postjobfree.com

https://www.linkedin.com/in/francis-young-715878177/ COMPETENCIES

Linux System Administration Threat Hunting Automotive Security

Cyber Threat Intelligence Controls Auditing Security Policy Writing

Automation / Orchestration Leadership/Coaching Customer Relations/Outreach PROFESSIONAL EXPERIENCE

NEXTGEN, ADOBE SAN JOSE MARCH 2023 – JUNE 2023 Insider Threat Analyst 2023

Investigated file activity alerts tuned for data loss prevention (DLP) of intellectual property.

Coordinated with vendors to use APIs for data collection and case generation.

Performed analytics on past cases to enhance detection rules. XORIANT, LUCID MOTORS NEWARK MAY 2022 – DECEMBER 2022 Security Specialist 2022

Provided analysis and feedback on false positives and process management.

Monitored connected car fleet for security incidents.

Researched use cases for automotive network intrusion.

Collaborated with data science team to build in-house threat detection system.

Collected and shared threat intel and industry news with product and enterprise security team.

Assisted compliance specialist with UN R155/R156 audit of the Lucid Air Sedan

Audited Telemetry Control Unit (TCU) for security and quality. KYNDRYL SECURITY OPERATIONS, CSIRT REMOTE SEPTEMBER 2021 – APRIL 2022 SOC Analyst, Incident Response 2021 - 2022

Reviewed and investigated incident response cold cases to resolution.

Assisted in writing of RCAs (Root Cause Analyses) and case summaries.

Coordinated with multiple teams to standardize IAM (Identity Access Management) and security research practices.

Updated security and incident response playbooks to reflect the environment of Kyndryl post-IBM split. NASA SECURITY OPERATIONS CENTER MOUNTAIN VIEW, CA 2019 - 2020 SOC Senior Analyst (Monitoring and Detection) 2019 - 2020

Monitored diverse network types nationwide across NASA’s flight and research centers as well as Russian Services in Moscow.

Provided enhanced insider threat analysis which improved improper usage mitigation and reporting whose metrics became the basis for a Forbes article, “NASA Hit By 366% Rise In Cybersecurity Incidents After Budget Cuts.”

Reverse engineered and improved in-house python2-based legacy packet capture code by writing a cross-distribution Bash wrapper to download and extract network packet traffic, vastly reducing time and effort taken for analysts to multitask incidents.

Hunted L3/L4 egress session traffic to identify C2 activity by stacking network metadata such as IPs, port numbers, and session length/duration and correlating against OSINT (Open Source Intelligence) and TIPs (Threat Intelligence Platform) for enrichment while conducting regular reviews and skilled maintenance of security.

Investigated potential IP blocks and triaged false positives and using Fortinet Fortigate logs in conjunction with Arcsight and Splunk ES bringing higher efficiency to team focus.

Leveraged threat intelligence gathered through OSINT or TIPs, analyzing threat data and enriching with context to enable mitigating actions, and develop and implement crucial security concepts.

Analyzed encrypted network traffic at a high level and using FireEyeHX ETDR (Endpoint Threat Detection and Response) solution to provide corresponding low-level contextual information to support investigations and monitor Distributed Denial of Service attacks against E-Root DNS.

NASA ADVANCED SUPERCOMPUTING DIVISION MOUNTAIN VIEW, CA 2015-201 8 Lead Control Room Analyst (Site Reliability Engineering) 2015-2018

Served as leader for several initiatives including leading a customer-oriented team of engineers and system administrators to deliver 24/7 support of Pleiades and Electra for approximately 1,500 Scientists, Researchers world-wide.

Supported the recruitment, selection, training, and development of junior analysts while monitoring for top productivity and efficiency as the a root level Linux administrator on the 13th world’s fastest TOP500 supercomputer.

Conducted in-depth system problem analysis, including initial analysis of network and system problems escalating to reboots of high-performance supercomputers, dumps, and kernel debugging.

Managed user and group access controls using PKI, RSA Archer, UNIX/Linux ACLs, and LDAP across SUSE cluster environment and Redhat enterprise environment.

Wrote helper scripts including SOAP-based interactive CLI tool to automate ticket submission to hardware vendor’s trouble ticket system, vastly reducing the time and effort needed to coordinate with datacenter technicians.

Recommended improvements in security systems and procedures to improve efficiency and effectiveness of team members by overseeing metrics while constantly pushing for goal-oriented growth and tracking.

Coordinated disaster and facility-wide shutdown recovery between all teams during several major facility crises.

Revised and updated emergency response procedures, resulting in improved clarity during crisis situations such as fire, power loss, and cooling failures.

Designed network layout and participated in local/international tech outreach events and conferences.

Led team to receive NASA Ames Contactor Award for Excellence by obtaining a record breaking 97% satisfaction rating and received an Acknowledgment of Excellence by the Chief of our Division in support of our mission. Network Engineer (Enterprise and Data Center) 2017-2018

Worked in conjunction with representatives from the Department of Homeland Security to harden datacenter and enterprise networks to comply with Enterprise External Border Protection (EBPro) initiative.

Continuously expanded and performed break-fix support of networks that supported critical NASA missions, Pleiades, Kepler space simulation, International Space Station. Quantum Artificial Intelligence Laboratory (QuAIL)

Updated and revised network security controls, control compliance, and mission-critical exemptions in allignment with NIST 800-53 guidelines.

Provided on-call support to the 24x7 operation of the NASA Advanced Supercomputing facility.

Developed working relation with engineers at universities, NREN partners, and other NASA facilities to improve operational efficiency (Glenn, Goddard, JPL, Johnson Space Center)

Continuosly managed and implemented Access Control Lists (ACL) on Cisco IOS routers and switches to allign with security controls and block requests.

Replaced existing outdated and proprietary host IP registry automation with simplified Bash and reverse-engineered Perl scripts thus closing security gaps and allowing facility to comply with security controls.

Responded to and investigated port security violations in collaboration with onsite security team when unauthorized equipment was attempting to be connected to the secured enterprise network. PROJECTS

Insec_Govpress: 2020-2021

Twitter bot that leverages the WPScan tool and WpvulnDB to provide the public with vulnerable .gov wordpress sites. http://www.twitter.com/insec_govpress

Project on hiatus/cancelled

EDUCATION

Palo Alto University (Pacific Graduate School of Psychology), Palo Alto, CA: 2015 Bachelor of Science – Psychology and Social Action ADDITIONAL CREDENTIALS

TECHNICAL SKILLS Burp Suite, Splunk SPL, Deep Packet Analysis, Nmap, Masscan, Amass, dirb, Gobuster, Shodan API, OSInt, Aircrack-NG, Bash, Python, Scalpel, Wireshark, tcpdump, Cisco IOS, Redhat, Ubuntu, Archlinux, SUSE, Docker, AWS, Linode, ArcSight CLEARANCE Secret (Expired May 2022, awarded May 2019) HONORS & AWARDS Certificate of Excellence, NASA Ames Contractor Council CERTIFICATIONS &

TRAININGS

Offensive Security Certified Professional (OSCP – In Progress) INTERESTS Fishing, Classic Cars, Electronic Music Production

***DETAILED REFERENCES AVAILABLE ON REQUEST***

Contact this candidate