I’m a Principal Defensive Cyberspace Operator (DCO) Analyst with 7+ years experience as a cyber professional. My expertise lies in threat hunting, threat intelligence, and incident response. I created this blog to document various efforts such as threat hunting strategies, timelining historical intrusions, and overviews of various APTs.

My career in cyber began in the Air Force where, as a Cyber Warfare Operator, I was assigned to a National Cyberspace Protection Team. During this time, I would engage in threat hunting operations both overseas and via state-side support to assist foreign mission partners in identifying and disrupting adversary activity. While separating from the Air Force, I participated in the DoD SkillBridge program, obtaining an internship position as an analyst on the Falcon Complete team at CrowdStrike. In this role, I responded to active intrusions and took remediation actions in the customer environment. After completing SkillBridge, I joined the OverWatch team as a threat hunter where I hunted eCrime and nation-state actors in both commercial and government environments. I am now back in the government sector as a contractor, currently supporting the US Army as a threat hunting SME.

I possess CISSP, GCFA, CEH, and CompTIA Security+ certification. I have an MS in Cybersecurity from Georgia Tech and a BS in Computer Science.