Mathew Hartge

• Member of the ATAC - Advanced Threat and Analytics Team
• Focused on detection and analysis of events carried out by Advanced Persistent Threats.
• Serve as ADD (Analyst on Duty) through monthly rotation cycles

-ADD Responsible for tracking all OSINT, internal, and closed source reporting related to emerging cyber threats.

-Responsible for triaging / coordinating all ongoing security events, and ensuring incidents are sent to appropriate handlers (Tier III Analyst).

• Perform pro-active threat hunting across multiple categories such as Perimeter Based hunting, Endpoint Hunting, OSINT Hunting and Social Media Hunting.
• Develop Products from threat hunts to team reporters to share with DIB community as well as internal briefings.
• Develop / Continuously Improve Current tools used for threat hunting such as Splunk Dashboards, Hunting Processes, Case Management, Bug Tracking, etc.

• Operate Communications Focal Point (CFP)
• Reports incidents and executes corrective procedures.
• Troubleshoots and repairs desktop and mobile systems.
• Sets up new computer systems and devices, including installing hardware and software and patching programs
• Manages over 1100 user accounts via Active Directory and Enterprise Account Provisioning.
• Ensures end user workstations are configured correctly and compliant with Dept. Of Defense Information Systems Agency (DISA) Security Technical Implementation Guidelines (STIGS).
• Coordinates with other communications offices to ensure jobs are completed/escalated and users are notified of any network/infrastructure changes.
• Earned USAF Achievement Medal (2016) 1st Oak Leaf Cluster (2019).
• Earned Airman of Quarter while TDY at Ramstein AFB (2017).

• Report / Ingest, Review ,and recommend countermeasures based on open source intelligence and agency generated reports.
• Manage and cultivate defensive cyber database housing service partner reports.
• Conduct log analysis using SIEM to identify effectiveness of countermeasure recommendations and troubleshoot reported issues.
• Perform analysis to process and review countermeasure exemptions.
• Issue orders to mission partners to adjust and tweak defensive cyber tools as needed / discovered.
• Performed risk analyses to identify appropriate security countermeasures.
• Recommend improvements in security systems and procedures.
• Worked with government customers to understand needs and provide user acceptance of pilot services.

• Support DCC Battle Watch Captain with all Cyber Defense\Network Assurance issues.
• Oversee all network defense operations, and be familiar with DISA current operations process flow and execution.
• Be familiar with DISA's Defensive Cyber Operations (DCO) work centers and responsible partners.
• Be familiar with organization's Security Stack / Architecture and impacts those systems cause to organization.
• Maintain awareness of all pertinent directives, orders alerts, and messages; prepare and deliver daily situational awareness and operational update briefings to senior leadership and work-center supervisors.
• Serve as Senior Defensive Cybersecurity SME during 24x7 operations.

• Operated within the U.S Naval Academy Information Technology Service Department (ITSD) IT service center (ITSC).
• Prioritized tickets and escalated issues as needed based on mission impact.
• Performed Tier I and II level troubleshooting and ticket response actions with a sense of urgency and timeliness both in person and remotely.
• Responsible for the receipt, dispersal, storage, and disposal of IT equipment as well as repair of hardware, software and configuration.