Will H.

Background

About Will H.

I am a dynamic and resourceful IT professional with 10 years of experience working in cyber security, and 13 years of overall IT experience. I have strong communication and research skills and take pride in providing high-quality technical support and analysis. I have experience working with multiple SIEMs, ticketing systems, and over a dozen different cyber security tools. My areas of expertise include Incident Response and Network Defense, Intrusion Event Analysis, Researching Attacker TTPs, OSINT, Building SOPs, and Improving/Tuning Intrusion Detection Rules.* I'm currently looking for primarily remote work as a Cyber Security Incident Response / Intrusion Detection Analyst, Cyber Defense / Network Defense Analyst, or Cyber Threat Hunter.* I'm open to hybrid schedules with 1 day onsite for locations in the Northern Virginia area. My background and strengths include: • Monitoring and analyzing network traffic, Intrusion Detection System (IDS) alerts, network and system logs, security incident handling, incident reporting, and threat analysis. Suggesting IDS rule tunings within Snort, Yara, Sigma, and vendor-specific rules. Performing threat hunting on high priority events. • Prioritizing and differentiating between potential intrusion attempts and false alarms. • Reviewing and researching emerging threat intelligence (e.g, Indicators of Compromise, rule updates, reported APT associations, TTPs, OSINT) to identify any affected systems and the scope of the attack/s, while collecting relevant information on affected customer systems for further investigation (e.g, pcap, event logs, running processes, configurations/permissions, user/host behavior, possible IOCs). • Bachelor of Science degree in Network Management. • CompTIA Cybersecurity Analyst (CySA+) Certification (DoD 8570 approved at IAT Level II and CSSP).