Post Job Free


Sign in

EOC Incident Manager - Duty Officer Lead

Falls Church, VA
April 01, 2024

Contact this candidate


Tin Banh 321-***-**** Fairfax, VA *2030


Dependable professional with exceptional insight regarding cyber threats, and ways to detect, isolate, and respond to intrusions within systems and networks. Utilizing my flexible and innovative skills and abilities to achieve the successful protection, detection, and resolution of security outcomes.


•Microsoft Windows 9x, 2000, XP, Vista, 7, 8.1 and 10

•Mac OS Monterey, Big Sur, Catalina, Mojave, High Sierra, Sierra, El Captain, Yosemite, Mavericks, Mountain Lion, Lion, Snow Leopard, Leopard.

•MDM for Windows, Mac, and smart devices such as phones, tablets.

•MS Office 2010, MS Office 365.

•LANs, WANs, WLAN’s, VPNs, Routers, Firewalls, TCP/IP


•Network setup and security

•Computer configuration and maintenance

•Experience utilizing ticketing systems.

•Cloud computing

•Service desk support

•Data backups and recovery

•Telephone etiquette

•Hardware/Software Troubleshooting, Diagnose, and Repair

•Problem-solving orientation


•Attention to details

•Technical skills

•Customer service training and customer facing skills

•System Performance Assessment

•Analytical and Methodical

•Highly Professional

•Time management

•Willingness to learn and adapt to new ideas and initiatives presented by others.

•Ability and willingness to work non-traditional work hours, including nights, weekends, and holidays.

Professional Experience

IT Technical Support L3

Collins Aerospace Corp - Raytheon., Melbourne, FL

January 2018 - August 2020

•Created and maintained a central repository for technical advice and solutions for various IT systems and services

•Utilized ServiceNow to document and track user issues from creation to resolution

•Performed complex problem analysis and provided corrective solutions for customers

•Prepared new computers and mobile devices per standardized processes

•Collaborated with network teams to ensure efficient desktop environment

•Administered end-user workstation software products, resolving issues

•Maintained accurate documentation of all assigned incident tickets

•Analyzed, identified, and resolved issues with VPN, Outlook, network access

•Managed users' accounts and devices using various platforms

•Streamlined incident response procedures, reducing resolution time by 25% and costs by 10%

•Assisted Desktop and Endpoint Teams with customer interactions

•Monitored tickets to ensure support team met performance metrics

•Provided incident escalation support and management reporting

•Delivered IT and security training to new hires

•Managing incidents by working with the rest of the IT operational organization, handling escalations, and generating reports for management review

•Coordinates and provides strong IT / Security training to new hires

•Updated and published all training records and plans weekly

•Acted as escalation point for all requests and incidents

•Reviewed feedback to improve services, tools, and support

•Cross-trained teams to enable 24/7 support coverage

Junior Systems Administrator

Buchanan Ingersoll & Rooney PC., Alexandria, VA

January 2021 – March 2022

•Configured various devices from personal phones, laptops, desktops, and IOTs for various LAN/WAN configurations to include Remote Access, proxy configurations, internal and external email, and various software configurations

•Prepared new computers and mobile devices according to internal policies on standardized software and security deployments

•Provided computer training to end-users whenever new software or hardware was introduced

•Collaborated with HR department to design standardized onboarding processes and training assets

•Project management coordinating for special projects dealing with upgrades, maintenance of servers, and special requests made by end-users for workflow homepage configuration for state regulation and budget proposals

•Documented transactions and support interactions in the system for future reference and addition to the knowledge base

•Travel to various offices for troubleshooting, installing, and maintaining various work-related projects

•Apply periodic updates and security patches as needed

•Resolved a diverse range of technical issues across multiple systems and applications for end-users across various time zones

•Implement network solutions in line with company rules and standards

•Collaborated with supervisors to escalate and address end-users inquiries or technical issues

•Perform necessary VPN troubleshooting, monitoring, deployment, and administration activities

•Assist with special projects including preparing/deploying computers, and equipment over 15 offices

•Maintain accurate hardware and software inventory records

•Installed and configured multiple workstations including laptops, desktops, tablets, printers, and Cisco VOIP phones for end-users

•Maintained and operated AV equipment for use during internal presentations and events

•Setup computer workstations, purchase computer equipment, and software, and ensure user training when requested

•Implement a Backup and Recovery Plan.

Incident Responder / SOC Analyst

Nexien – Contractor with WMATA., Washington, DC

January 2022 – June 2022

•Conducted monitoring, investigation, and mitigation of incidents

•Evaluated events and incidents to determine response

•Analyzed security event data from various sources

•Performed malware analysis in isolated environments

•Utilized Splunk for log analysis

•Provided single point of contact during incident lifecycle

•Correlating incident data to identify specific trends in reported incidents

•Identified incident trends through data correlation

•Recommended defense principles and practices

•Performed triage to determine scope, impact of incidents

•Identified vulnerabilities and recommended remediation

•Coordinated response activities to address threats

•Updated playbooks to improve information sharing

•Shared knowledge and mentored junior team members

•Provided subject matter expertise for investigations

Senior Watch Officer

Administrative Office of Pennsylvania Courts - Harrisburg, PA

June 2022 – June 2023

•Monitored emergency situations and developing hazards to maintain constant situational awareness and provide early warning for stakeholders

•Managed EOC team to ensure proper staffing, coordination, and performance across all active operational periods

•Conducted problem resolution and provided subject matter expertise in best practices for security investigations

•Collected, analyzed, and correlated security events to enable recommendation of mitigation for potential incidents

•Identified events posing threats to the confidentiality, availability, or integrity of systems and information

•Ensured accuracy, consistency, and reliability of security event data in tickets and reports

•Performed incident triage including determining accuracy, scope, urgency, and impact

•Provided incident coordination and updates to response teams and stakeholders

•Notified management of suspected incidents and potential impacts

•Tracked security events and incidents with ticketing systems

•Developed operational and executive reporting on security events and incidents

•Responded to verified incidents using tools to mitigate active threats

•Updated Standard Operating Procedures (SOPs) based on response activities

•Conducted research, analysis, and correlation across data to identify indicators and warnings

•Developed content for CSIRT tools including dashboards, rules, and reference sets

•Documented and escalated security incidents

•Maintained and followed CSIRT incident response procedures

•Acted as escalation point for incident requests

Senior Information Technology Project Consultant

Network Right – Contractor with Arcadia., Washington, DC

January 2022 – February 2024

•Innovatively led the implementation of Okta app integrations, optimizing user experience with a focus on secure access and authentication

•Proactively executed initiatives to implement and enhance security policies and features across diverse platforms and applications. This encompassed user-friendly services such as Cloudfare, Barracuda, and Sentinel One, contributing to an elevated level of digital security

•Stepped into the pivotal role of a project manager, overseeing the planning and execution of client-centric projects. This multifaceted responsibility involved the strategic rollout of projects, including but not limited to Mobile Device Management (MDM) utilizing cutting-edge tools like Kandji, Intune, Sentinel One, Mosyle, and Single Sign-On (SSO) solutions like Okta and Microsoft Entra

•Functioned as a trusted advisor, providing insightful guidance to clients by elucidating the advantages and disadvantages of different Mobile Device Management (MDM) systems, Password Managers, and Single Sign-On (SSO) services. Tailored recommendations were crafted to align seamlessly with client-specific needs and budget considerations

•Demonstrated effective cross-departmental collaboration to ensure clients met rigorous security standards, including NIST, SOC1, SOC2, and SOC3 compliance. This involved active coordination and communication to guarantee the implementation of robust security measures throughout the organization

•Established a comprehensive framework for evaluating and optimizing security protocols, ensuring that clients were not only meeting regulatory compliance but also benefiting from the latest advancements in cybersecurity

•Acted as a liaison between technical and non-technical stakeholders, translating complex security concepts into understandable terms for various departments and clients

•Regularly conducted training sessions and workshops for clients, promoting awareness and understanding of cybersecurity best practices and the importance of adhering to industry standards

•Maintained a keen awareness of emerging technologies and industry trends, continuously seeking opportunities to enhance and future-proof the security infrastructure for clients

EOC Incident Manager - Duty Officer Lead

ASM Research - DHS / CBP., Ashburn, VA

October 2023 – Present

•Produced and distributed routine situation status reports to brief government officials, partners, and statewide emergency managers

•Notified and collaborated with SOC, NOC, and other teams when incidents were identified

•Coordinated information sharing and resource allocation between 20+ agencies during EOC activations for multi-day severe weather events

•Developed EOC action plans detailing objectives, strategies, and resource assignments for each 12-hour shift

•Conducted emergency communication and notification protocols to activate EOC staff and alert alert collaborating emergency services

•Controlled access to EOC facility, verified credentials, and maintained personnel accountability

•Maintained EOC systems readiness through rigorous testing and exercises involving dozens of agencies

•Oversaw development and dissemination of incident action plans and situation status reports to stakeholders

•Provided training and mentoring to develop next generation of EOC Watch Officer staff

•Managed complex, multi-day EOC activations involving hundreds of personnel from dozens of agencies for major disasters

•Briefed Mayor, City Council, and department heads on incident status and resource needs during EOC activations

•Conducted after action reviews of EOC performance and recommended procedural enhancements to EOC Director

•Ensured effective coordination and communication across all EOC sections and external partners

•Evaluated Watch Officer staff performance, coached development, and provided input on personnel decisions


Eastern Florida State College Cocoa, FL 01/2020

Associate of Arts

Pursuing BS in Cyber Security University of Maryland College Park, Maryland


•English - Fluent

•Vietnamese - Native


•CompTIA Security + 601

Credential ID: COMP001021837649

Obtained on 06/2021

•CompTIA CySA+ CS0-002


References Available Upon Request

Contact this candidate