David Carrion

Experience

• 

  US Army

  Aug 2012 - Mar 2024

  I led a team of 100+ cybersecurity and IT specialists who performed security audits and vulnerability assessments for all 450K+ US Army end-users on the enterprise-wide networks. I oversaw network monitoring, protection, active defense and response operations to external / internal threats.➞ Providing penetration testing oversight, I created standard procedures and reporting templates for pen testing, data collection and reporting. I led a 14-person team that wrote PowerShell queries to identify and mitigate threats. Using WireShark, I analyzed TCP/IP protocols and recorded packet captures (PCAP).➞ Supporting the prevention of data exfiltration, I implemented countermeasures and signature-based protections for critical assets. I addressed Log4j vulnerabilities impacting global networks. ➞ Using Ghidra, Nikto and EnCase forensic analysis tools as well as VirusTotal, McAfee, EDR and SIEM technologies, I analyzed malware and prevented threats. ➞ Serving as project manager, I led a cross-functional project team that predicted and prepared protocol for response to a zero-day incident. Employing YARA rules, I prepared countermeasures for vulnerabilities such as malware. ➞ I created operational protocol that reduced response time by 20%. Serving as a team leader or participant, I implemented countermeasures to protect critical assets, servers, data and networks. I provided status updates to senior leaders. Show less I seamlessly balanced dual responsibilities, offering invaluable expertise in technology while concurrently supporting recruitment efforts. In this hybrid role, I played a pivotal part in identifying and engaging with potential recruits, assessing their technical qualifications, and aligning them with suitable roles within the Army. Beyond traditional recruitment tasks, I assumed a secondary duty of serving as the go-to resource for all technology-related matters within the station. I managed IT security and tech support for 7 locations, 100+ end-users and all devices and endpoint peripherals for a regional US Army recruiting team. Serving as the first line of cybersecurity defense for the team, I ensured a quick response to any issue. ➞ Exceeding monthly recruiting goals by as much as 250%, I was recognized as the #1 of 100 recruiters in the territory and twice recognized as the best recruiter in the western region. I played a key role in the recruiting team meeting their projected goals for the first time in 10 years. ➞ With the ability to build rapport with people from all backgrounds and demographics, I assessed candidates’ needs and objectives and provided information on how an Army career met their goals. Show less I led a 5-person team that provided network security and incident response in support of a Special Forces team. While managing 5K pieces of critical electronic equipment, communications systems and IT infrastructure for both on-site and field operations, I also maintained the accountability of $10M in assets. ➞ Conducting security audits, I ensured both the integrity of information systems as well as compliance with cryptographic communication protocols.➞ I maintained a 99%+ network availability rate, including the management of a classified server, for a team of 20+ Special Forces instructors.➞ Overseeing system administration, I managed Active Directory, both in the facility and out in the field, for a Special Forces training program. Show less While leading a 30-person maintenance team, I established priorities, delegated tasks and oversaw work in-progress that ensured customer needs were met. As part of the leadership team, I participated in strategic operational planning meetings. I managed the response and investigation of critical safety incidents.➞ I oversaw team building, communications and employee relations. Serving as a mentor and guide, I managed career path planning, training and certifications for all employees. ➞ Each year, I gained new knowledge of threats and vulnerabilities by completing an annual information security training. I ensured my team complied with all procedures and guidelines. Show less

  • Senior Defensive Cyber Operations Specialist

    Jan 2021 - Mar 2024

  • Information Security Operations Coordinator / Technical Recruiter

    Sept 2017 - Jan 2021

  • Network Security Supervisor

    Jun 2015 - Sept 2017

  • Operations Manager

    Aug 2012 - Jun 2015