Federal Cybersecurity, DFIR & Threat Response
I’m a cybersecurity professional focused on incident response, digital forensics, cloud security investigations, and practical threat detection workflows. My work includes documenting response processes aligned with federal cybersecurity standards, NIST frameworks, and CISA incident response playbook guidance.
About
My work focuses on investigating security events, understanding attacker behavior, documenting response actions, and improving security workflows. I built this portfolio to show practical examples of incident response planning, forensic thinking, cloud investigation steps, and documentation aligned with federal cybersecurity expectations, NIST frameworks, and CISA-style response practices.
Incident Response
Detection, triage, containment, recovery, root cause analysis, lessons learned, and reporting aligned with repeatable response workflows.
Cloud Security
AWS and Azure investigation workflows focused on IAM activity, authentication logs, API events, access anomalies, and cloud evidence review.
Federal Documentation
Security documentation, incident reports, SOPs, playbooks, and response procedures aligned with NIST RMF, NIST SP 800-53, and CISA playbook concepts.
Featured Portfolios
Explore my main cybersecurity portfolio and dedicated incident response portfolio.
Incident Response Portfolio
Dedicated DFIR and incident response repository with CSIRT SOPs, playbooks, tabletop exercises, executive reporting, operational workflows, and incident reports.
- CSIRT standard operating procedure
- Incident response playbooks
- Tabletop exercises
- Incident reports and executive reporting
Cybersecurity Portfolio
Main technical portfolio hub with cloud security workflows, digital forensics documentation, resume resources, and selected cybersecurity projects.
- Cloud security investigation workflows
- Digital forensics documentation
- Cybersecurity project examples
- Federal cybersecurity portfolio materials
Project Areas
A collection of projects, workflows, and investigation examples focused on incident response, cloud investigations, digital forensics, federal-style documentation, and operational security improvements.
Incident Response Documentation
Reports and templates designed to show how security incidents are summarized, tracked, documented, and communicated in a federal-style environment.
- Credential harvesting incident report
- Improper usage data spill report
- Incident response playbook
Cloud Security Investigations
Investigation workflows for reviewing cloud activity and identifying suspicious access patterns.
- AWS IAM investigation workflow
- Azure authentication review
- Cloud access anomaly analysis
Federal Cybersecurity Documentation
Documentation focused on repeatable response steps, evidence integrity, federal control alignment, and leadership-ready reporting.
- NIST RMF-aligned documentation examples
- CISA playbook-style incident workflows
- Executive incident reporting examples
Experience
A concise overview of experience relevant to DFIR, incident response, cloud security, and federal cybersecurity operations.
Information Assurance & Network Specialist
Supported enterprise incident response investigations, analyzed security alerts using Splunk and Fidelis, investigated AWS and Azure activity, and contributed to playbooks, SOPs, incident reports, and documentation aligned with federal cybersecurity standards, NIST frameworks, and CISA-style response practices.
Security Coordinator
Worked on cybersecurity investigations involving suspicious authentication activity, identity monitoring, and incident remediation while coordinating with technical teams across the environment.
Graduate Research Assistant
Developed digital forensic methodologies, improved evidence correlation, automated forensic workflows, and produced technical documentation supporting repeatable forensic analysis.
Digital Forensics Intern
Conducted forensic acquisition and analysis, maintained chain-of-custody, supported endpoint, mobile, macOS, and cloud investigations, and documented forensic procedures.
Technical Skills
Security Operations
Incident Response, Alert Triage, Threat Detection, Root Cause Analysis, IOC Identification, Threat Hunting, Incident Reporting
Platforms & Tools
Splunk, Fidelis, Wireshark, FTK, EnCase, Magnet Axiom, Cellebrite, Autopsy
Cloud & Identity
AWS, Azure, Microsoft 365, IAM Analysis, Authentication Monitoring, API Log Review, Access Anomaly Investigation
Frameworks & Methods
NIST RMF, NIST SP 800-53, CISA Incident Response Playbook Concepts, MITRE ATT&CK, Incident Response Lifecycle, Chain of Custody, Evidence Handling
Education
Graduate Education
MS, Digital Forensics and Incident Response | George Mason University
Undergraduate Education
BS, Applied Information Security | George Mason University
Professional Development
Continued learning focused on cloud security, incident response, digital forensics, NIST frameworks, CISA incident response guidance, and threat detection.
Contact
I’m always interested in connecting with teams working in DFIR, incident response, cloud security, and cybersecurity operations.