Jul 2025 – Sep 2025 · 2 mos · Fort Belvoir, Virginia, United States · On-site

• Assisted potential red team operator candidates in preparing to take the DTRA DCART operator aptitude exam.

Dec 2021 – Jun 2025 · 3 yrs 6 mos · Huntsville, Alabama, United States

• Provided Red Team support to PEO STRI’s Threat Systems Management Office (TSMO), leading Persistent Cyber Operations (PCO), long-term Red Team operations, focused on external/internal web/cloud (AWS) testing. Led PCO operations using Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTPs), focusing on stealth and mission objective execution, operating within strict Rules of Engagement (ROE). Led training exercises using various APT TTPs to ensure realistic adversary emulation focused on allowing the Blue Team to learn and enhance their skills in detecting adversarial threats. Led short-term Red Team operations focused on completing specific mission objectives while operating under an ROE. Led phishing campaigns for "click" count and/or initial access. Participated in Red Team assessments using a wide variety of offensive security tools to include Cobalt Strike, Kali Linux, Burp Suite, Nmap, Dirbuster and in-house developed Red Team tools. Trained and mentored personnel from both internal and external organizations, ensuring proficiency in adversarial tactics, operational security, cyber threat emulation, logging, and other daily PCO-specific requirements. Created and maintained Red Team cloud-based infrastructure (redirectors) registering domain names, creating web page content, ensuring site categorization, and using iptables or cloud provider-based security controls to limit access to the infrastructure. Managed and maintained Battlegrounds for k>fivefour to support training of cyber security professionals across both commercial and DoD sectors. Created several scenarios from k>fivefour for use inside Battlegrounds that were focused on specific TTPs.

Jul 2021 – Dec 2021 · 5 mos

• Provided Threat and Vulnerability Analysis support to the Cybersecurity & Infrastructure Security Agency (CISA).

May 2021 – Jul 2021 · 2 mos · Huntsville, Alabama, United States

• Provided support for MDA's GMD Program as part of Northrop Grumman's Program Protection & Security (PP&S) program.

Apr 2019 – Jul 2019 · 3 mos · Huntsville, Alabama Area

• Acted as lead penetration tester for the Cyber Warrior Training Capability (CWTC) program. Led penetration tests against real and virtualized systems.

Jul 2018 – Apr 2021 · 2 yrs 9 mos · Huntsville, Alabama Area

• Provided Red Team infrastructure support for PEO STRI’s Threat Systems Management Office (TSMO). Created and maintained Red Team cloud-based infrastructure (redirectors) registering domain names, creating web page content, ensuring site categorization, and using iptables or cloud provider-based security controls to limit access to the infrastructure. Participated in phishing campaigns for "click" count and/or initial access. Participated in Red Team assessments using a wide variety of offensive security tools including Cobalt Strike, Kali Linux, Burp Suite, Nmap, Dirbuster and in-house developed Red Team tools.

Jul 2018 – Apr 2019 · 9 mos · Huntsville, Alabama Area

• Performed adversarial assessments as part of a Red Team supporting PEO STRI’s Threat Systems Management Office (TSMO). Participated in Red Team assessments using a wide variety of offensive security tools including Cobalt Strike, Kali Linux, Burp Suite, Nmap, Dirbuster and in-house developed Red Team tools.

Jan 2017 – Jul 2018 · 1 yr 6 mos · Huntsville, Alabama Area

• Provided support to the Missile Defense Agency (MDA) Cyber Warrior Training Capability (CWTC) program. Built virtual environments to train students on cyber security topics and test students' understanding. Developed cyber security training class content. Provided support for network engineering, VMware ESXi, vCenter, vCloud, and Microsoft and Linux operating systems.

Jul 2016 – Dec 2016 · 5 mos · Huntsville, Alabama Area

• Provided support to the Missile Defense Agency (MDA) Cyber Warrior Training Capability (CWTC) program. Built virtual environments to train students on cyber security topics and test students' understanding. Developed cyber security training class content. Provided support for network engineering, VMware ESXi, vCenter, vCloud, and Microsoft and Linux operating systems.

Jun 2015 – Jul 2016 · 1 yr 1 mo · Huntsville, Alabama Area

• Provided network engineering and troubleshooting support to the Huntsville Operations Support Center (HOSC) at NASA's Marshall Space Flight Center (MSFC). Installed and configured Nexus 1000v distributed virtual switches on VMware vSphere 5.5 and 6.0. Experience configuring and troubleshooting VMware ESXi 5.5 and 6.0.

Aug 2004 – Jun 2015 · 10 yrs 10 mos · Huntsville, Alabama Area

• Provided local, campus and wide area network support to the Program Executive Office, Missiles and Space (PEO MS) at Redstone Arsenal which includes four separate networks. Managed over 100 Cisco devices across all four networks to include switches, routers and firewalls. Supported remote locations through dark fiber, Metro Ethernet, DS3 and T1 circuits. Configured and maintained routing using static routes and BGP for both IPv4 and IPv6. Installed, maintained and monitored network intrusion detection devices. Investigated and analyzed network traffic from packet captures using Wireshark, Cisco ASA and Palo Alto firewalls. Provided system administration for Red Hat Enterprise Linux. Mentored and assisted network team members with network processes as well as network management.

Jun 2002 – Apr 2004 · 1 yr 10 mos · Huntsville, Alabama Area

• Provided information assurance support as a member of the U.S. Army Garrison, Redstone DOIM IA Team, Local Computer Incident Response Team Redstone (LCIRT-R). Used commercial, DoD and open source intrusion detection systems to monitor and analyze network traffic for violations of U.S. Army policy as well as unauthorized, suspicious or malicious activity. Thoroughly investigated and analyzed anomalous traffic using several intrusion detection systems. Created incident reports by gathering traffic captures from available intrusion detection systems for escalation to higher level staff and/or other government agencies. Mentored and assisted LCIRT-R team members with intrusion detection processes. Wrote instructions on how to read data from several of the intrusion detection sensors.