Cyber Threat Intelligence Analyst with ICS Expertise
Resume:
Travis L. McChristian
Yulee, FL ***** 847-***-**** *.***********@**********.***
PROFESSIONAL SUMMARY
Cybersecurity professional with 7+ years of experience in cyber threat intelligence, threat and vulnerability management, risk assessments, and regulated critical infrastructure environments. Proven ability to research and analyze emerging cyber threats and vulnerabilities, including ICS-related environments, track cyber threat actors, campaigns, and tactics, techniques, and procedures (TTPs), and deliver written intelligence analysis and ad-hoc reporting. Experienced in monitoring open source, deep and dark web intelligence, leveraging government and third-party feeds, supporting NERC CIP compliance activities, and improving threat and vulnerability management processes, metrics, and KPIs. Strong communicator with hands-on experience using enterprise vulnerability assessment tools, scripting, and security operations platforms.
CORE SKILLS / ATS KEYWORDS
Cyber Threat Intelligence & Analysis
Cyber Threat Intelligence (CTI), Threat Actor Analysis, Campaign Tracking, TTP Analysis, MITRE ATT&CK, Cyber Kill Chain, Intelligence Disciplines, OSINT, Deep Web Monitoring, Dark Web Monitoring, Government Intelligence Feeds, Third-Party Intelligence, Open Source Monitoring, Hostile Intent Detection, Threat Disposition Analysis, Ad-Hoc Threat Research, Written Threat Analysis, Intelligence Reporting, Early Warning Indicators, Cyber Operations Warning Problem Sets
Threat & Vulnerability Management
Threat and Vulnerability Management, Vulnerability Scanning, Vulnerability Assessment, Risk Assessment, Technical Risk Assessment, Non-Technical Risk Assessment, Vulnerability Prioritization, Risk Scoring, Risk Mitigation Strategies, Remediation Tracking, Patch Management, Configuration Monitoring, Root Cause Analysis, Metrics and KPIs, Program Maturity Improvement
ICS, Critical Infrastructure & Compliance
Industrial Control Systems (ICS), Operational Technology (OT), Critical Infrastructure Security, NERC CIP, Regulatory Compliance, NIST 800-53, NIST RMF, NIST 800-171, ISO 27001, SOC 2, PCI DSS, CIS Controls, ITGC, FISMA
Security Tools & Technologies
Nessus, Tenable, Rapid7, Qualys, Tripwire, Splunk, Wazuh, SIEM, SOAR, Anomali, ServiceNow, IDS/IPS, EDR, Palo Alto, Cisco Firewalls, Vulnerability Scanners, Configuration Monitoring Tools
Technical Skills
Windows, UNIX/Linux, TCP/IP, DNS, HTTP, SMB, Networking Fundamentals, Python, PowerShell, Bash, Command Line Scripting, GitHub, GitHub Advanced Security
Professional Competencies
Threat Research, Data Collection, Intelligence Analysis, Technical Writing, Executive Briefings, Cross-Functional Collaboration, Problem Solving, Analytical Skills, Process Improvement, Documentation Development, Incident Response Support, After-Hours Response
PROFESSIONAL EXPERIENCE
Wawa, Inc. Remote
Technology Security, Risk & Compliance Analyst Aug 2021 – Present
Thoroughly research and analyze emerging cyber threats and vulnerabilities, including risks relevant to ICS and critical infrastructure environments, distributing intelligence to impacted business areas to improve prevention and response capabilities.
Track cyber threat actors, campaigns, and TTPs using technical analysis derived from government intelligence feeds, open source, and third-party intelligence sources.
Prepare written cyber threat analysis reports on threat actors, campaigns, and associated tactics, techniques, and procedures.
Respond to ad-hoc intelligence reporting and research requests related to cyber threat actors, campaigns, and vulnerabilities.
Provide subject matter expertise for cyber operations-specific indicators, supporting detection and response efforts.
Monitor and report on threat activities, threat disposition changes, adversary capabilities, objectives, and tactics aligned with cyber operations warning problem sets.
Perform open source, deep web, and dark web monitoring for threats impacting organizational assets and partner interests.
Deliver timely notice of hostile or imminent cyber activity impacting enterprise objectives, resources, or capabilities.
Utilize enterprise vulnerability scanning tools (Nessus, Qualys, Rapid7) to evaluate security posture of systems and applications.
Assist with risk assessments of identified vulnerabilities, determining appropriate response actions based on assessed threat level.
Develop and recommend risk mitigation strategies, security configuration changes, and remediation actions.
Request, track, and validate mitigations to address cyber threats using ServiceNow workflows.
Participate in incident response efforts, including after-hours events, providing real-time threat and vulnerability analysis.
Support exercises, planning activities, and time-sensitive operations with cyber threat intelligence and risk analysis.
Develop and improve threat & vulnerability management processes, metrics, and KPIs to advance program maturity.
InCharge Institute of America Remote
IT Security Analyst (Contract) May 2020 – Jun 2021
Performed technical and non-technical vulnerability and risk assessments across cloud, network, and application environments.
Utilized off-the-shelf and open-source vulnerability scanning technologies to assess security posture.
Assisted with developing risk mitigation strategies and communicating remediation requirements.
Supported SIEM/SOAR operations, vulnerability remediation tracking, and automation scripting.
ISYS Technologies (USAF)
Network Security Administrator (Contract)
Conducted ACAS vulnerability scanning, STIG compliance reviews, and configuration monitoring.
Provided technical support for vulnerability analysis tools, including troubleshooting, patching, and upgrades.
Developed and maintained technical, administrative, and compliance documentation.
U.S. Army
Intelligence & Electronic Warfare Technician May 2017 – Mar 2019
Performed multi-discipline intelligence analysis, researching threat capabilities, objectives, and tactics.
Utilized multiple intelligence sources to anticipate and emulate adversary actions.
Prepared written intelligence reports and operational briefings for leadership.
LS Technologies (FAA) Remote
Security Analyst Sep 2015 – Apr 2017
Supported risk assessments, vulnerability testing, and defensive security analysis in regulated environments.
Assisted with process improvement, documentation development, and compliance reviews.
EDUCATION
Master of Science, Informatics – Kingston University
Bachelor of Liberal Arts – University of Illinois
Associate of Science, Network Technology – Cochise College
CERTIFICATIONS
CISSP Security+ CE Splunk SOAR Certified MITRE ATT&CK SOC Certified
MILITARY SERVICE
Veteran
Contact this candidate