Sean Corbett

Experience

• 

  United States Air Force

  Jun 1994 - Nov 2011

  Security Forces
• 

  Flaherty Technical Services, INC.

  Nov 2011 - Sept 2012

  Police Services Policy and Guidance Analyst

  As the senior analyst, responsible for gathering information, providing advice and drafting Intrusion Detection (IDS) policy and guidance pertaining to Department of Defense and Air Force Operations. Assisted in the research and development of nine Air Force instructions. Developed training procedures for effectively gathering analysis and procedures for reporting to Department of Justice (DOJ) and United States Army Criminal Investigations Laboratory. Conducted cost analysis and market research for products and intrusion detection systems to support the ongoing mission and ensure an effective means to gather electronic data and submit them to the DOJ by incorporating the system into the various government off the shelf systems and databases. Show less

• 

  CSC

  Jan 2013 - Mar 2014

  System Analyst Professional

  Provided technical support as a member of the Air Force Computer Emergency Response Team (AFCERT). Responsible for the review of USAF Base TCP/IP connection logs and transcripts through the use of Windows and UNIX operating systems and commands. Performed analysis on historical and real-time data, identifying suspicious user activity, poor system and/or user security practices, or misconfigured systems which may provide unwanted hacker access to known vulnerabilities. Multi-certified and provided tactical defense of USAF networks using the USAF provided Intrusion Detection System (IDS) to monitor all USAF enterprise networks against intrusion and USAF security boundary protection using the Security Information Manager(SIM)/ArcSight Integrated Management Site (IMS) AF Gateway system for monitoring/controlling the AF Intranet security boundary to include mail relays, web proxies, IDS, hosts vulnerability scanning of traffic analysis and firewalls traffic filtering. Performed liaison duties between the AFCERT, USAF base commanders and the USAF Office of Special Investigations (AFOSI). These duties include identifying and gathering specific data evidence that will assist the OSI identify, locate, track, apprehend and prosecute individuals involved in hacking USAF and some other DoD Automated Information Systems. When unauthorized intrusions occurred ("Hacker Incident"), initiated reporting procedures and correlates data gathered in an attempt to link current activities with past hacker incidents and/or known hacker "modus operandi". Prepared Suspicious Event Reports, Information Protection Bulletins, AFCERT Advisories, Threat Analyses, and policy and procedural documentation. Performed incident information coordination between DISA Assist and the USAF Network Control Center and various Standard Systems groups. Show less

• 

  IPSecure

  Mar 2014 - Mar 2016

  Senior Data Security Analyst

  - Conduct network security monitoring and intrusion detection analysis for the SIPRNet using the AF's selected IDS/IPS toolset- Research SIPR DCO events to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activities.- Enter event data into mission support systems according to 33 NWS operational procedures and reports through the 33 NWS chain.- Record suspicious events, meeting established 33 NWS thresholds, into the operational database for suspicious traffic. Records shall contain sufficient information to stimulate future research of suspicious traffic. The record shall answer the: who, what, where, why and when for this suspicious activity.- Compile suspicious events records and other artifacts as part of its Monthly Operational Report.- Provide computer security-related assistance to Air Force field units (example: the Integrated Network Operations and Security Center (INOSC), Base Information Assurance shop) in countering vulnerabilities, minimizing risk, and improving the security posture of AF computer networks and systems within the scope of 33 NWS operational requirements and mission execution.- Provide focused DCO, tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named DCO operations and exercises. Show less

• 

  22nd Century Technologies Inc.

  Mar 2016 - now

  • Regional Director San Antonio Operations

    May 2018 - now

  • Program Manager

    Mar 2016 - now