From: route@monster.com
Sent: Thursday, November 10, 2016 3:24 PM
To: hg@apeironinc.com
Subject: Please review this candidate for: Network Engineer TS SCI
This resume has been forwarded to
you at the request of Monster User xapeix03
|
|||||||
|
|||||||
|
|
|
||||||
|
||||||
|
Kenneth Trexler 10958 Blake Lane Bealeton VA 22712 trexken@aol.com Education: MS Network Security, Capital
College; BGS Information Systems, William Carey College; AA Communications
Operation Tech, CCAF; AA, Instructor Tech & Military Science, CCAF Current Tools: ArcSight,
Carbon Black, FireEye, RSA Security Analytics, WIreShark, SourceFire Certifications: DoD 8670 IAM Level II
certification: Yes CISSP certification: Since 2011 SANS GCIH certification: Since
2011 Clearance: TS/SCI with CI
Poly Experience: Nov 2013 – Present Sr Incident
Response Analyst/Engineer, Castalia Systems, Springfield, VA Customer: NGA Provide cyber analytical skills
to incident analysis, coordination and response. Handle incidents from
cradle to grave. Run queries based on existing indicators, assess
damage and identify affected systems and provide remediation expertise to
eliminate malicious activity on the enterprise network. Identify
suspicious activity found in SEM logs and packets capture, and investigate
and eradicate malicious activity. Provide intrusion detection signature
development. Use NGA SEM tool and add, remove, or adjust data feeds to
be ingested into SEM for querying. Focus on advanced persistent
threat (APT) and other actors that are skilled at stealth, advanced
techniques, and are otherwise difficult to discover on NGA networks.
Will be dedicated to proactively finding new instantiations of actors and
will be outside of the daily incident handling (Tier 1 & 2). Will
use existing indicators as starting points, but will develop advanced
techniques and creative approaches to discovering threats, as well as
providing advanced remediation and prevention advice to NGA CND and IT
professionals. Will create and run SEM queries, understand regular
expression and other query techniques. Provide scripts; broad and deep
analysis of various types of data (SMTP, HTTP, DNS, full packet
capture). Create specialized scripts and tools to assist in analysis
and detection. Create highly effective, low false positive signatures
and rules for human threat detection on various detection & prevention
tools (snort, IPS, anomaly detectors, SEM correlation rules etc). Serve as
member of CIRT when activated. May 2013 – Nov 2013 Incident
Response Specialist, CompuGroup Technologies, Pittsburgh, PA Customer: PNC Bank Provides planning, operational, analytical,
and technical services to include recommendations the client PNC Bank.
Perform security incident trending and analysis. Develop incident
response policies and procedures and support their enforcement. Working
with FireEye and Symantec SEM to correlate events and incidents. Aug 2011 – May 2013: Incident
Response Specialist, SRA International, Fair Lake, VA Knowledge of CND, with ability to
assess, analyze and provide recommended actions for remediation for the most
complex cyber events and incidents. Works with the client and client
services support organizations to develop a robust and effective incident response
capability. Works closely with the client, partners and teammates to: * Manage the incident response
cycle to include the identification, escalation, containment, eradication,
resolution, and tracking of computer intrusions and other computer security
incidents/events * Perform incident response
activities including investigations, triage, malware analysis, network and
system forensics, attack attribution, information damage analysis/assessment,
and recovery operations * Perform security incident trending
and analysis * Develop incident response
policies and procedures and support their enforcement * Periodically evaluate and
assess incident response policies and procedures * Assist in improving the
capabilities and maturity of their incident response program by identifying
and assessing applicable technologies * Incorporate the incident
response program into a variety of other operational processes such as
security monitoring, vulnerability management, asset management, compliance,
audit, and reporting * Participate in on-site network
and security audits as required * Support monitoring and
detection activities as required * Support forensics and criminal
investigation activities as required June 2009- Aug 2011 Cyber
Intelligence Analyst, Northrop Grumman, Fort Belvoir VA Customer: Army Cyber Operations
Center Performs duties as a threat
analyst assigned to the Cyber Intelligence Center of the Army Cyber
Operations Center, Fort Belvoir, Virginia. Correlates threat data from
various sources to establish the identity and modus operandi of hackers
active in Army networks and posing potential threat to Army networks.
Provides the customer with assessments and reports facilitating situational
awareness and understanding of current cyber threats and adversaries.
Helped in the development of junior analysts. Communicate
with senior management and officers during incidents. Develops cyber
threat profiles based on geographic region, country, group, or individual
actors. Produces cyber threat assessments based on entity threat analysis. Performs short- and long- term
trending & analysis of CND-related data sources and cross-correlate this
with all-source cyber intelligence. Coordinates cyber threat tracking with
sibling U.S. government agencies. Uses appropriate applications to produce
intelligence summaries, reports, and briefings as directed. Frequent
inter-organizational and outside customer contacts. Represents the
organization in providing solutions to difficult technical issues associated
with specific projects. Provides briefings and presentations to customer
leadership supporting Information Assurance and Computer Network Operations
decision making. April 2008 – May 2009 IT
Manager/Cyber Mission Support Advisor Edge Consulting, Chantilly VA Customer: ONCIX Provide support to the analysts
by performing all functions that require application administration on the
Windows systems. Ability to interact with team in a positive, results
oriented, professional fashion. Adhere to documented security policies and
practices as well as demonstrated ability to implement patches and other
security requirements based on defined policies. Responsible for OS
patch installation and management. Demonstrated ability to adhere
to, develop and improve processes. Proven troubleshooting and problem
resolution in a timely manner. Designed and installed network improvements. Advising on cyber incident report
analysis for the Office of the National Counterintelligence Executive
(ONCIX). Led and performed "hands-on" laboratory analyses of
threats, vulnerabilities and risks to systems and networks. Subsequently, he
then has designed and implemented IT systems and security solutions to
mitigate or solve vulnerability issues for U.S. Government customers.
Records and analyzes cyber incidents from NCIJTF data. Provides
consulting advice on incident reporting. Develop and provide analysis
reports. Provide support and reports on all related deliverables.
Initiates and maintains contact with cyber centers. Communicate
findings to all levels. Assisting in setting strategic direction for
NCIX Cyber. Research and analyzing cyber reporting and auditing in
USG. Support development of security policy and requirements.
Organizational, planning, and analytical skills to ensure up-to-date
technical information. 2005-2008 Information Systems
Security Engineer III, Pinnacle CSI, Herndon VA Customer: Work with multiple engineering
teams to design and implement IT systems and security solutions for U.S.
Government customers. Serve as engineer for IT projects and/or teams, with
responsibility for all aspects of project planning and management. Lead technical
efforts to research, evaluate, and integrate new products, solutions, and
technologies to address customer problems. Analyze and decompose customer
needs and requirements to identify appropriate solutions. Develop and deliver
technical white papers and briefings, as requested, to keep management,
customers, and peers abreast of emerging technologies and products. Perform
"hands-on" laboratory analyses, document evaluation findings, and
provide recommendations to corporate management, team members, and customers,
as appropriate. Leverage expertise and findings to design, implement, and
deliver new IT services and systems to address customer requirements. Develop
and coordinate related project lifecycle engineering documentation. Interface
with customers, peers, corporate management, and project stakeholders as
needed to ensure overall project success. 2003-2005 Information Systems
Security Management Analyst, Syracuse Research Corporation Chantilly, VA Customer: Assisting government leadership
in planning, organizing, and implementing IA programs; working with
engineers, program managers, and other security professionals to advise on,
coordinate, and facilitate solutions to system/network vulnerabilities;
review system plans, network architectures and make IA recommendations;
review, interpret, and draft security policies and procedures; and attend
technical exchange meetings, working groups and other forums to present
briefings on vulnerabilities and solutions. Provide analysis of
information assurance (IA) threats, vulnerabilities and risks of systems and
networks. Provides Information Systems Security (INFOSEC) Management
and Information Assurance (IA) Program support to headquarters function at
intelligence community organization. Assisting government leadership in
planning, organizing, implementing, and executing IA/INFOSEC program;
developing policies, procedures, standards, and instructions on IA/INFOSEC
activities. Working with Information Systems Security Officers (ISSO’s)
to advise, coordinate and facilitate resolution of IA/INFOSEC issues;
drafting, reviewing, and/or providing guidance on IA/INFOSEC requirements,
System Security Plans, security architectures and diagrams, test plans and
scripts, Certification and Accreditation packages, etc. 2002-2003 Computer Security Tech
3, Northrop Grumman/TASC Fort Belvoir, VA Customer: US Army 1st Information
Operations Command Works as a member of the Network
Protect Team/IA Analyst to support the detection, monitoring, analysis, and
mitigation of organized cyber threats against Army computer networks.
Member of the Army 1st Information Operations Command (Land) Army CNO Task
Force, works to execute information operations in partnership with JTF-GNO,
Army CNO support forces, and other services and agencies in order to mitigate
organized cyber threats. Analyzes data from various sources to identify
potential cyber threats to US Army networks and recommends appropriate
courses of action to defend against identified threats. Research,
review, and analysis of all-source information to support the Army computer
network defense mission. Provide accurate and timely technical security
recommendations and solutions for system and network protection, incident
handling, investigative support, and malicious logic incidents.
Provides technical solutions to a wide range of problems; solutions are
imaginative, thorough, practicable, and consistent with customer
objectives. Works with the customer and colleagues in a collaborative
fashion regarding all aspects of CNO planning support. Monitors the
intrusion detection system for the CNO ACERT by detecting, correlating,
identifying, and characterizing all unauthorized network activity across the
Army network worldwide. 1999-2002 Chief, Network
Operations National Reconnaissance Office Chantilly, VA Customer: NRO Responsible for configuration
management and one of the focal points for Cisco routers, switches and
gateways. Provide troubleshooting support for the watch office and
remote sites. Develop and maintain network operational procedures and
configuration standards for over 700 technicians throughout the
network. Responsible for IP address management for over 10 WAN
systems. Develop, plan, budget and implement network wide equipment
upgrades and enhancements. Develop and manage a budget of over $20
million dollars for all network hardware and software. Brief management
and technical, funding and operational issues on network status and
performance. Provide direction and guidance to technical working
groups, ensuring compatibility and interoperability with other Government
networks. Design, manage and instruct the Comm101 course instruction in
TCP/IP, Network and Cisco router basics. Manage and oversee the Visio
network drawings and the circuit database for over 4000 circuits. 1994-1999 Master
Instructor/Supervisor, AF Network Support Course, Keesler AFB Biloxi, MS Customer: US Air Force Responsible for planning,
conducting and scheduling the training curriculum for LAN configuration,
network management using HP Openview, configuration of SNMP, TCP/IP, routers
(Cisco), PCs, and network server/workstation software. These courses
consisted on predominantly "hands-on" technical instruction with
minimal lecture. Courses prepped students for Microsoft MCSE and Cisco
CCNA/CCNP certifications and were also required courses for AF Certification.
Trained personnel per year exceeded over 1,000 students per year. 1990-1994 Shift Supervisor,
Communications Systems Operations Center, Cheyenne Mountain Complex Colorado
Springs, CO Customer: US Air Force Manage the availability, status
and processing integrity of missile/space real time and common user circuits
related to the NORAD Command and control system. 1986-1990 Assistant NCOIC, Mobile
Computer Network, Sembach Air Base Germany Customer: US Air Force Responsible for ensuring the
mobile mainframe computer is deployable within eight hours throughout Europe
and the Middle East. Coordinate with sites needing data processing support,
computer upgrades, and equipment installations. Troubleshoot circuit
problems. 1984-1986 Satellite
Communications Supervisor/Operator, Peterson AFB Colorado Customer: US Air Force 1981-1984 Communications Center
Operator, Rhein Main AB Germany Customer: US Air Force Education: Capitol College Master Science
Network Security William Carey College, B.G.S.
Information Systems Community College of the Air
Force, A.S. Communications Operation Technology Community College of the Air
Force, A.S. Instructor of Technology and Military Sciences PROFESSIONAL AWARDS SUMMARY CISSP #303368 - 2011 GCIH #18734 - 2011 Meritorious Service Medal - 2002 USAF Commendation Medal -1986,
1991, 1995, 1999 USAF Achievement Medals-1984,
1987, 1999 Two Monetary Awards (for saving
the USAF over $20,000) 1989 Awarded rank of Senior Airman
(E4) Below the Zone |
|
|
||||||||
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||