Richard Wheeless Baltimore/DC ****************@*****.***
443-***-**** linkedin.com/maxwheeless Digital Forensics Education
MS: Cyber Investigations
Univ. of Baltimore: 05/2021
GPA: 3.97/4.0
Relevant Coursework
Cyber Investigation/Procedure
Log Analysis, BASH, Python
Digital & Mobile Forensics
Windows & OS Forensics
Registry & Network Forensics
Malware Analysis
Certifications
Security+: 9/17/2019
Online Competitions
National Cyber League
Fall 2019 Rankings
Univ. of Baltimore: 1/8
Bronze Bracket: 67/2092
Key Skills
Registry & Disk Forensics
Browser & Email Forensics
Memory & Image Forensics
Network/Mobile Forensics
Database Forensics, Log
Data Recovery, VMs, Oral
Evidence, Kali, Imaging
Operating and File Systems
VirtualBox, Written, Python
Cybersecurity with BASH
Windows Tools
FTK • EnCase • ParabenE3
Cellebrite • Autopsy • X-Ways
Linux Tools
Sleuthkit • RegRipper
LogFileParser • andriller
Winevt • Analyze-mft • aleapp
andriller • Aleapp • Binwalk
Volatility • libimobiledevice
Browser Forensics
libesedb • pasco • SQLite3
Key Projects
Automating APT Detection with STIX2.1 Knowledge Graph July 2020
15 pages on forming STIX2.1 Knowledge Graph automating APT Detection GITHUB.COM/FRANKWXU/DIGITAL-FORENSICS-LAB Sept 2020
Coauthored Cyber Investigation tutorials for Justice Dept. Contract Experience
Mobile Forensics Specialist (20 hours/week)
University of Baltimore, Baltimore MD June 2021–Present
Gauged xfer effect on 4 file type’s hashes to 10 Android, iOS, Windows phones
Loaded transfer apps and sent files; relocated files within architecture for detection
Engaged X-ways and paraben forensics to hash images, generated reports + analyzed
Utilized Tools to acquire forensic images & investigate with methods like decompiling Freelance Digital Forensics Examiner (22 hours/week) Self Employed, Baltimore Sept 2020 – Present
Produced Forensic Images of media, performed technical analyses involving collection, processing, preservation, analysis, and presenting computer evidence
Captured, recorded, monitored, analyzed computer network and traffic for analysis
Recovered damaged or deleted content from flash drives, hard drives, memory cards
Collected/analyzed web browser artifacts: history/cookies, user info, prefetch, RAM Digital Forensic Specialist (20 hours/week)
US Justice Department, Baltimore MD Sept 2020 – May 2021
Imaged digital media; examined for evidence of file access/movement, data destruction, USB use, internet data, etc. through parsing windows registry files and other means
Completed 10+ investigations with 6 PowerPoint Tutorials to analyze OSs/hidden files; identified network intrusion w/ log analysis; detected anomalies w/ back-end analysis
Provide detailed forensic analysis and reporting on packet captures, filesystems, host-based application and security logs, networking, and security devices Graduate Assistant (20 hours/week)
University of Baltimore, Baltimore, MD Jan 2019- May 2021 Malware Forensics Specialist (40 hours/week)
Dept of Homeland Security, Baltimore MD May 2020 – July 2020
Explored attack aftermath, rebuilt event, identified intrusions w/ IOCs
Extracted/analyzed CTIs, identified Threat Actor Tactics, Techniques and Procedures
(TTP)s, and formalized data into machine readable STIX2.1
Created 2-month framework to detect APTs w/ Knowledge Graph in STIX2.1 with application of 12+ advanced forensic tools, 10+ ML & NLP Python libraries
Leveraged individual and group research to produce 15-page paper Richard Wheeless Baltimore/DC ****************@*****.*** 443-***-**** linkedin.com/maxwheeless Digital Forensics Richard Wheeless Baltimore/DC ****************@*****.*** 443-***-**** linkedin.com/maxwheeless Digital Forensics