Dedicated cybersecurity professional with a proven record of proactively detecting, analyzing, and mitigating complex threats across enterprise, cloud, and hybrid environments. Skilled in cloud security engineering, threat intelligence, and security operations. Experienced in developing custom detection capabilities, automating workflows, and driving threat-informed defense initiatives. Seeking to advance into security engineering, cloud security, or threat intelligence roles.
EXPERIENCE
Leidos, Huntsville, AL -- Network Threat Discovery Analyst
October 2023 - PRESENT
- Lead analyst for NASA's Network Anomaly Research Cell (NARC), performing proactive threat hunting and research to detect advanced threats across a large enterprise.
- Developed and maintained custom detection logic leveraging commercial, government, and open-source intelligence sources using tools such as Cisco SNAM, SentinelOne EDR, and Protective DNS.
- Built and optimized Splunk dashboards and queries to accelerate investigations and improve visibility into network anomalies.
- Delivered rapid incident analysis and remediation guidance to Network Operations and executive leadership, reducing mean time to respond (MTTR) and enterprise threat exposure.
- Leveraged frameworks and tools including MITRE ATT&CK, Shodan, Maltego, Silobreaker, and OSINT platforms to perform targeted threat hunts and support threat intelligence workflows.
- Automated IP enrichment and repetitive threat analysis tasks using Python to streamline threat research.
- Conducted external attack surface analysis and produced PIR-driven threat hunting reports using open-source intelligence techniques.
- Created operational and strategic cyber threat intelligence reports on emerging threats, malware campaigns, and adversary tactics to inform leadership and enable defensive prioritization.
GDIT, Huntsville, AL -- Cybersecurity Analyst Associate
June 2022 - October 2023
- Triaged and reported security alerts across the internal enterprise and 60 K-12 public school networks. Conducted daily proactive threat hunts using open-source and government threat intelligence, Microsoft Sentinel, and IBM QRadar.
- Performed internal and external vulnerability assessments weekly using Nessus, and delivered findings to stakeholders.
- Managed SCCM security meetings and coordinated with system administrators to remediate vulnerabilities, update configurations, and remove unauthorized software.
- Presented SOC capabilities, metrics, and key findings to Alabama state government representatives to demonstrate value and compliance.
- Evaluated cybersecurity policies and performed security configuration reviews using CIS benchmarks and STIGs.
- Developed and tuned SIEM detection rules using Atomic Red Team and threat intelligence.
- Applied OSINT techniques and threat hunting methodologies to detect and investigate evolving threats.
- Worked with Azure Purview to configure DLP policies, create custom alerts, and triage incidents related to sensitive data access.
DTC Communications, Smithville, TN -- Network Technician
December 2021 - July 2022
- Installed, configured, and monitored central office switching systems (Calix), transport equipment, PBX platforms (Metaswitch), and VoIP infrastructure (Sangoma).
- Maintained Fujitsu transport systems supporting telecom interconnectivity.
- Supported network infrastructure upgrades and preventive maintenance across the service area.
- Operated in a 24/7 on-call rotation to troubleshoot and resolve critical network issues impacting customers and enterprise services.
Old Hickory Buildings, Murfreesboro, TN -- Information Technology Support Specialist
September 2021 - December 2021
- Provided hardware, software, and network troubleshooting for internal users.
- Assisted with equipment setup and basic system administration.
Wiser Imager, Murfreesboro, TN -- Geospatial Analyst
April 2021 - September 2021
- Collected, analyzed, and interpreted geospatial data for NGA-related digital mapping projects.
- Produced analytical reports and mapping products under tight deadlines.
SKILLS
Threat Intelligence: Yara, MITRE ATT&CK, Threat Hunting, OSINT, Basic Static & Dynamic Malware Analysis, Python, Linux, Sigma Rules
Tools: Splunk, Nessus, Azure, Silobreaker, Cisco SNAM, Shodan, Wireshark, Maltego, Atomic Red Team
Security Assessments: Network Scanning, Security Configuration Reviews (STIGS/SCCM), Firewall Rule Optimization, SIEM Detection Rule Development
EDUCATION
Post Graduate Certification in Cybersecurity: University of Essex Online, United Kingdom | June 2021 - September 2022
Bachelors of Science in Geosciences: Tennessee Technological University, Cookeville, Tennessee | January 2015 - May 2020
CERTIFICATIONS
- TCM Security: Practical Junior Penetration Tester
- arcX: Advanced Cyber Threat Intelligence Analyst
- KCNA: Kubernetes Cloud Native Associate
- AZ 500: Microsoft Security Engineer Associate
- AZ 104: Microsoft Azure Administrator Associate
- SC 300: Identity and Access Administrator Associate
- CCSK: Cloud Certificate of Security Knowledge
- CCNA: Cisco Certified Network Associate
- CompTIA CySA+
- CompTIA Security+
PROFESSIONAL DEVELOPMENT
Zero Trust Azure Homelab -- Implemented Azure services and apps with Privileged Identity Management (PIM) and least-privilege access controls to enforce Zero Trust principles.
Hybrid Cloud Defense Lab -- Built an on-prem/Azure hybrid lab (Active Directory, PKI, Splunk, Kubernetes) to simulate attack detection, logging (AWS/Azure ingestion), and defensive hardening.