Brandon Denker

Experience

• 

  Family Morale, Welfare and Recreation

  Jun 2004 - Sept 2010

  Manage a team of 8+ food, bar and proshop employeesManage all food, bar and proshop employeesManage the RecTrac system to include monthly maintenance on the database (MS-SQL) (GIU based)Work with customers for custom orders, club fittings, lessons and product selectionProvide cashier/bartender/cook coverage for food, bar and proshop operations when neededGenerate daily financial reports for bar, food and proshop operations, and ensure all drawers balance upon cash outManage and secure the public Wi-Fi network, and monitor for abuse utilizing router logsPerform a monthly inventory of all products on hand for food, bar and proshop operationsReceive inventory and input the products into the RecTrac database for the sales floor in the proshop, food and bar operationsManage and ensure all vendor accounts are current, by paying invoices and ensuring all products were received and accounted forContribute, on and annual basis, to a finalized budget for the next fiscal yearProvide desktop support for the local facility in coordination with the Ft. Huachuca network teamKey Achievements: Streamlined and automated nearly all processes within RecTrac Set up and trained employees for a wireless handheld POS (Point of Sale) Helped make the Mountain View Proshop one of the most profitable and best stocked shops within Family Morale, Welfare and Recreation / Non-Appropriated Funds (FMWR/NAF) Self taught on the RecTrac system and became the designated trainer for FMWR/NAF prior to the arrival of a certified trainer provided by the vendor (Vermont Systems) Designed and refreshed the outdated Mountain View Golf Course logo to strong customer acceptance, and better sales of logo'd merchandise Show less

  • Proshop Manager (Golf Course)

    Feb 2007 - Sept 2010

  • Proshop Retail Clerk (Golf Course)

    Jun 2004 - Feb 2007
• 

  STG

  Jul 2007 - Sept 2010

  On a daily basis logged into and managed the central reporting server for the all the vulnerability scanning agents across all ARMY networksPerformed daily maintenance of managed scanning machines and the central server they reported toRun high level enterprise scanner reports for senior managementAssist with manual audits, for STIG compliance, of network devices, such as switches, routers and firewalls, on a monthly basisPrimary POC for setting up and managing new vulnerability scanning machines implemented at ARMY CONUS sitesReview and update systems within Vulnerability Management System (VMS) based on scan reports from the central management serverKey Achievements: Assisted the vulnerability scanner team with standing up and managing the central reporting server for all scanning machines throughout ARMY CONUS sites. Obtained and managed first scanning machine specifically for the Security Operations Center at the C-TNOSC Show less Analyze network activity reported in Real-Time, by utilizing a SIEM toolUtilize a ticketing program for case reporting, by filling in case information obtained from the SIEMWork the Regional Computer Emergency Response Team (RCERT-CONUS) to determine if activity observed is authorized, suspicious or maliciousWork with site POCs and the C-TNOSC network team, for network device outages and attempt to restore connectivityWork with upper management to create new processes and SOPsKey Achievements: Streamlined batch reporting in the SIEM, by scheduling and creating new reports for analysts. This saved analysts roughly 3 hours each shift. Suggested many new techniques and processes that were more effective and efficient for completing daily tasks Assisted supervisors with writing and implementing new SOPs, and updating old SOPs Show less

  • Security Analyst/Auditor

    Feb 2010 - Sept 2010

  • Network Security Analyst

    Jul 2007 - Feb 2010
• 

  Sapient Government Services

  Sept 2010 - May 2014

  Key Achievements: Created a continuing education training program for all analysts to teach how to better understand the toolset provided and how these tools can be used for better packet analysis. More specifically I created ngrep, tcpdump and CLI classes to better help with deep diving and manual analysis (a lost art I feel sometimes) Created an Excel spreadsheet, and shell script for automating the updating process, for one of the analysis specialists that provides trending over multiple years of all IDS activity reported to our SIEM, within seconds. Also available in this spreadsheet was the ability to perform long term analysis on country activity to show spikes in conversations with countries, as well as trending down to the interface level of each IDS to detect traffic spikes on specific interfaces or if traffic loads change, among other analysis benefits. The spreadsheets also spawned multiple other excel workbooks for performing daily batch reporting and easily gathering statistical data over a short period of time as well as longer period if the analyst wished. Created multiple bash scripts for analysts to help complete tasks more efficiently. Created a robust IP/Event searching tool, that allowed many options for searching such as regex, CIDR ranges, and starts with/ends with options, to query, within minutes, any IP activity (source or destination) across the Enterprise over a two year period without the need of a structured database such as SQL/Oracle and without the horsepower of a server, but rather with an outdated workstation. Placed 4th and 8th in SANS Netwars Tournaments and qualified for the Tournament of Champions for Netwars in Washington D.C. (was not able to attend) Attended SANS SEC 561 course at SANS Las Vegas and won the final day hands on challenge, obtaining the first challenge coin awarded for the class. Show less Key Achievements: Co-developed a backup application for the primary SIEM for Disaster Recovery (DR) coverage Wrote and worked closely with other analysts to create multiple programs and scripts to automate many manual processes Assisted the SIEM team multiple times in writing correlations, writing scripts for manual processes, setting up zoning for sites and multiple other projects Assisted the SIEM and IDS team in separating and developing processes and correlations for our custom IDS rule sets for easier detection and analysis Assisted Supervisors and other Shift Points with training of new analysts Show less

  • Technical SOC Supervisor

    Feb 2012 - May 2014

  • Senior Real-Time Analyst (Shift Point)

    Jun 2011 - Feb 2012

  • Real-Time Analyst (Network Archaeology)

    Sept 2010 - Jun 2011
• 

  RSA, The Security Division of EMC

  May 2014 - Oct 2014

  Consultant

  Provided Professional Services for Security Analytics product from RSA. Performed various tasks related to Security Analytics, such as installing Security Analytics on new hardware and complete setup of all services, general troubleshooting and content development for Security Analytics.

• 

  Raytheon

  Oct 2014 - Jul 2018

  • V-SOC Technology and Integrations Manager

    Aug 2017 - Jul 2018

  • V-SOC Operations Lead

    Jan 2016 - Aug 2017

  • V-SOC Analyst

    Oct 2014 - Jan 2016
• 

  NBCUniversal Media, LLC

  Jun 2018 - Sept 2019

  Cyber Threat Intelligence Analyst

  Lead intelligence analysis and intake such as processing of soft intelligence, behavioral/tactical Intelligence and IOCsPerform proactive research and analysis of malware/actor infrastructure and brand impersonation Dynamic and static malware analysis to observe changes in TTPs and extract static and behavioral IOCs

• 

  Cyborg Security

  Sept 2019 - May 2024

  Director, Research and Intelligence
• 

  Intel 471

  May 2024 - now

  Director, Threat Hunt Analysis