Marcus Howard
Baltimore,MD
Summary
I have spearheaded cybersecurity initiatives, enhancing threat detection and compliance through analytical thinking and robust team leadership. My expertise in risk mitigation and regulatory compliance, coupled with a knack for process improvements, significantly bolstered organizational security. I am a detail-oriented individual with exceptional communication and project management skills. Proven ability to handle multiple tasks effectively and efficiently in fast-paced environments. Recognized for taking proactive approach to identifying and addressing issues, with focus on optimizing processes and supporting team objectives.
Overview
12
12
years of professional experience
1
1
Certification
Work History
Principal Threat Detection and Response Analyst
Amtrak, N.R.P.C
06.2021 - 10.2024
- Collaborated with cross-functional teams to identify opportunities for process improvement and increased efficiency.
- Improved internal knowledge sharing by developing comprehensive documentation outlining standard operating procedures for various tasks.
- Enhanced team collaboration by providing clear communication of complex findings through visualizations and reports.
- Increased efficiency by streamlining data analysis processes and implementing automation tools.
- Streamlined reporting procedures by creating user-friendly dashboards for easy access to key performance indicators.
- Developed new analytical models that improved forecasting accuracy and reduced risk exposure.
- Streamlined reporting processes, significantly reducing time required to generate insights.
- Led team in developing predictive model that forecasted trends, informing business decisions.
- Led cross-functional teams in strategic planning sessions, aligning efforts with company goals.
- Streamlined data collection methods to improve speed and accuracy of analysis.
- Generated reports detailing findings and recommendations.
- Collected, arranged, and input information into database system.
- Developed effective improvement plans in alignment with goals and specifications.
- Optimized customer experience by delivering superior services and effectively troubleshooting issues.
- Helped meet changing demands by recommending improvements to business systems or procedures.
- Created and managed project plans, timelines and budgets.
- Educated staff on organizational mission and goals to help employees achieve success.
- Correlate intelligence, to develop deeper understandings of tracked threat activity.
- ·Conduct real-time analysis using the SIEM, Cloud, Endpoint and Network based technologies, and other security analytics tools with a focus on identifying security incidents and false positives.
- Apply threat hunting techniques to pivot for given information to known attack patterns, malicious code families, tracked threat groups and other historical information.
- Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation.
- Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise.
- Develop and document standard operating procedures (SOP).
- Support 24/7 operations of Cyber Fusion Center and Incident Management.
- Conduct vulnerability assessments and create POAMs for their remediation.
Sr Cyber Threat Intelligence Analyst
Exelon
10.2017 - 03.2021
- Supported decision-makers by providing timely, accurate, and relevant assessments of emerging threats.
- Analyzed open-source intelligence data to identify potential threats and vulnerabilities.
- Coordinated with other intelligence agencies to share information and resources.
- Produced multi-source intelligence reports and products for different agency customers.
- Developed standard operating procedures for intelligence operations and activities.
- Reduced knowledge gaps within the organization by creating comprehensive intelligence products tailored to specific audience needs.
- Created useful and timely intelligence products to support field operations.
- Strengthened situational awareness among key stakeholders by delivering concise, actionable intelligence briefings.
- Conducted comprehensive risk assessments to support proactive security measures and contingency planning.
- Enhanced team performance by leading training sessions on advanced analytical techniques and software applications.
- Maintained subject matter expertise in assigned areas of responsibility through ongoing professional development activities.
- Identified potential threats by conducting thorough research on global events and trends.
- Participated in multi-disciplinary teams working on high-priority projects that required rapid response capabilities under tight deadlines.
- Developed recommendations to assist clients and agencies with efforts to advance intelligence gathering and interpretation in multiple theaters of operation.
- Fostered a culture of continuous improvement by encouraging open dialogue and constructive feedback among team members.
- Mitigated risks associated with information security breaches through adherence to established protocols.
- Streamlined data collection methods to ensure accuracy and reliability of intelligence, facilitating more effective strategic planning.
- Improved operational readiness, organizing regular training exercises that simulated realistic threat scenarios.
- Conducted thorough intelligence gathering for early identification of potential threats, contributing to organization's proactive security posture.
- Tailored intelligence products to specific requirements of tactical units, improving effectiveness of field operations.
- Enhanced team's analytical capabilities by developing and implementing advanced training modules on predictive analysis techniques.
- Conducted in-depth research on geopolitical developments, providing senior leadership with insights for informed policy formulation.
- Collaborate with Cyber/Industrial Control System Security Operations Teams to operationalize cyber threat intelligence in support of defending Exelon infrastructure against Advanced Persistent Threats (APTs).
- Map threat actor Tactics, Techniques, and Procedures (TTPs) to current or proposed infrastructure via MITRE attack framework. Support dissemination of collected information to appropriate stakeholders.
- Perform other tier 3 SOC duties including daily Security Information and Event Management (SIEM) queries and account reviews to identify malicious activity not already flagged by our security tools.
Principal Cyber Security Analyst and CIP Cyber Sec
Pepco Holdings
07.2013 - 10.2017
- Collaborated with IT teams to integrate security measures into the development and deployment of new applications.
- Conducted security audits to identify vulnerabilities.
- Analyzed security incidents post-resolution, identifying areas for improvement in both technical controls and incident response processes.
- Reduced risk of cyber attacks by conducting regular vulnerability assessments and penetration testing.
- Improved incident response times by developing and maintaining cybersecurity playbooks for common attack scenarios.
- Performed regular reviews of user access rights, minimizing the risk posed by insider threats or compromised accounts.
- Performed risk analyses to identify appropriate security countermeasures.
- Optimized security monitoring processes by implementing automated tools for real-time threat detection and analysis.
- Ensured compliance with industry regulations by performing comprehensive audits on existing security policies and procedures.
- Enhanced network security by implementing advanced threat detection and prevention systems.
- Customized and managed security information and event management (SIEM) systems for real-time threat detection and analysis.
- Led cybersecurity awareness training sessions, increasing staff vigilance against phishing and social engineering attacks.
- Spearheaded adoption of encryption technologies, safeguarding sensitive information during transmission and storage.
- Played key role in regulatory compliance projects, ensuring adherence to industry standards and legal requirements related to cybersecurity.
- Streamlined user access controls, minimizing risk of unauthorized access to sensitive systems and data.
- Leveraged cutting-edge cybersecurity tools and technologies for continuous monitoring and protection of IT infrastructure.
- Reduced false positive alerts in security monitoring systems by fine-tuning detection parameters, enhancing operational efficiency.
- Collaborate with Cyber/Industrial Control System Security Operations Teams to operationalize cyber threat intelligence in support of defending Pepco Holdings,Inc (PHIs) infrastructure against Advanced Persistent Threats (APTs).
- Design and continually improve IT/OT systems within the business units including Corporate IT, Corporate Security, Substations, and EMS SCADA environments to implement industry as well as CyberSecurity best practices to ensure a secure and NERC Critical Infrastructure Protection (CIP) compliant environment.
- Create and maintain governance programs, policies, procedures, and processes to adhere to regulatory compliance with the Critical Infrastructure Protection (CIP-002-CIP-011). I personally developed the content for the organizations version 5 CIP 008 Incident Response Program. I am also heavily involved in the company wide Incident Response Program (CIP008) and CIP 007, CIP 009, CIP 006 and CIP 003 standards. I also have developed CIP 004 awareness posters and training is support of the other CIP programs.
- Conduct risk assessments and design reviews including assessing vulnerabilities, threats, risks and safeguards/countermeasures for assets as well as systems and sites.
- Participate in commissioning and decommissioning projects to ensure cyber security and compliance prior to commissioning/decommissioning.
- Review compliance evidence for all business units both OT and IT to assure compliance.
- Review and submit comments to Draft NIST documents.
- Represent organization in NATF, E-ISAC and DHS forums that deal with over all Cyber Security best practices.
SOC Security Engineer
SSA
07.2012 - 10.2013
- Collaborated with IT teams to integrate security measures into software development processes, enhancing overall application security.
- Reviewed logs regularly to detect suspicious activity patterns before they escalate into full-blown incidents, enabling rapid response efforts when necessary.
- Manage problem resolution process from initial reporting to resolution.
- Make determinations of the operational impact of a particular threat.
- Respond to new threats; initiate and assist in drafting remediation strategies.
- Monitor Intrusion Detections Systems (IDS) console for active alerts and determine priority of response.
- Develop and document standard operating procedures (SOP).
- Analyze all level of problems and document findings in accordance with procedures.
- Provide ongoing monitoring of intrusion detection systems and newly developed exploits for Windows and UNIX systems.
- Write and apply new intrusion detection signatures.
Education
Bachelor of Science - Network Security And Forensics
Stratford University
Falls Church, VASkills
- Analytical Thinking
- Team Collaboration and Leadership
- Project Management
- Information Gathering
- Data Research and Validation
- Process Improvements
- Continuous Improvement
- Risk Analysis
- Root Cause and Workflow Analysis
- Compliance Analysis
- Regulatory Compliance
- Evidence-Based Decision Making
- Trend Analysis
- Risk Mitigation
- Incident Reporting
- Security solution
- Policy improvements
- Problem-Solving
- Attention to Detail
Certification
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Information System Auditor (CISA)
- Certified Data Privacy Solutions Engineer (CDPSE)
- Certified Cybersecurity Analyst (CySA +)
- Project +
- Security +
- Network +
Timeline
Principal Threat Detection and Response Analyst
Amtrak, N.R.P.C
06.2021 - 10.2024
Sr Cyber Threat Intelligence Analyst
Exelon
10.2017 - 03.2021
Principal Cyber Security Analyst and CIP Cyber Sec
Pepco Holdings
07.2013 - 10.2017
SOC Security Engineer
SSA
07.2012 - 10.2013
Bachelor of Science - Network Security And Forensics
Stratford University
Similar Profiles
Jarwaun TuckerJarwaun Tucker
Customer Service Representative at Amtrak, N.R.P.CCustomer Service Representative at Amtrak, N.R.P.C
Maurice M RobinsonMaurice M Robinson
Track Supervisor at Amtrak, N.R.P.CTrack Supervisor at Amtrak, N.R.P.C
Nathaniel DuerNathaniel Duer
Electrical Technician at Amtrak, N.R.P.C.Electrical Technician at Amtrak, N.R.P.C.
Geron BrooksGeron Brooks
Substitute Teacher, Relay Elementary School at Kelly EducationSubstitute Teacher, Relay Elementary School at Kelly Education
Devin S. SmithDevin S. Smith
Pet Sitter at Friends and FamilyPet Sitter at Friends and Family