ryan f

Led incident response and digital forensics activities, serving as a primary analyst. Maintained key security appliances like Endace and Corelight, and trained junior team members. Engineered KAPE sniper integration for real-time response and evaluated new forensic software.

Served as a Senior Cyber Security Analyst, leading case reviews and incident response efforts. Spearheaded the IDS/IPS rollout for the Cyber Defense Center, collaborating across teams to minimize business impact. Developed a DFIR framework, created IR best practices, and built AIE rules for the SIEM platform.

Functioned as a Security Analyst, triaging and correlating security events from SIEM, DLP, and suspicious emails. Escalated identified events of interest as necessary.

Monitored the Arcsight ESM SIEM and developed indicator of compromise content. Reported suspicious events and drafted documentation to improve work efficiency. Led privileged account audits and revamped documentation processes for better usability.

Performed security monitoring and analysis on customer networks, adhering to predefined service level agreements. Conducted proactive malware hunting using both sourced intelligence feeds and open-source information.

Monitored, analyzed, and reported on customer data streams via SIEM (Arcsight ESM) to meet SLAs. Developed SIEM content, performed customer turn-ups, and built reports. Provided consulting expertise on Point of Sale security controls and created a threat matrix for security operations.

Handled Incident Handling and Response duties for the NOAA Computer Incident Response Team (NCIRT). Led the proof-of-concept deployment for Netwitness Investigator and conducted root-cause investigations. Performed system and network forensics, and consulted on APT malware lifecycles.

Supported mission-critical functions for the ICE Security Operations Center. Key responsibilities included vulnerability scanning, intrusion detection monitoring and response, and patch analysis. Managed risk assessment and remediation within the enterprise environment.

Supported mission-critical functions for the ICE Security Operations Center. Responsibilities included vulnerability scanning, intrusion detection monitoring and response, and patch analysis. Managed risk assessment and remediation within the enterprise environment.

Led the Help Desk team, overseeing desktop administration for 400 clients. Managed GPO changes, Windows security patching (WSUS), and provided break/fix support. Administered Cisco IPCC systems and documented procedures.

Administered web sites for the Commodities Maintenance wing at Warner Robins Air Logistic Center. Managed Windows 2003 web server security (PKI/CRL) and SharePoint for the operations center. Designed web applications, created troubleshooting guides, and researched Bluetooth vulnerabilities.

Focused on practical skills in network administration and information technology. Covered topics such as network infrastructure, security, and data management.

Studied principles of hospitality management, including operations, finance, and marketing. Gained knowledge in managing hotel and restaurant services.