Sidney Sakota
Baltimore,MD
Summary
Knowledgeable Cyber security professional with 20 years of experience designing and implementing security solutions in high-availability environments. Seasoned and goal-driven leader with proven success in developing robust cybersecurity capabilities and standards and policies to enable prompt threat detection, characterization, and mitigation. Accomplished manager, adept at mentoring and motivating cross-functional teams of engineers and analysts in demanding environments, ensuring alignment with professional development requirements and performance expectations. Extensive hands-on technical skills, able to integrate cutting-edge tools and technologies to ensure a robust security posture.
Overview
9
9
years of professional experience
1
1
Certification
Work History
Cybersecurity Analyst
Y-Tech LLC
Baltimore, MD
07.2023 - Current
- Developed and implemented security policies and procedures to protect the company's assets from unauthorized access.
- Analyzed network traffic logs, firewall logs, intrusion detection system alerts, and antivirus reports to identify potential threats.
- Monitored user activities on the network for suspicious behavior or malicious activity.
- Conducted vulnerability scans using automated tools to detect any weaknesses in the system.
- Responded promptly to cyber incidents by analyzing attack signatures, isolating affected systems, and restoring normal operations.
- Assisted with developing strategies for responding to potential cyber attacks such as malware outbreaks, phishing campaigns, ransomware attacks.
- Provided technical support for troubleshooting issues related to security systems and networks.
- Updated existing processes and procedures related to cybersecurity best practices regularly.
- Reviewed audit logs daily for unusual activity or patterns that could indicate an attempted breach or attack.
- Investigated suspected intrusions or breaches into the company's computer networks and systems.
- Provided training on various topics related to cybersecurity awareness and best practices.
- Developed incident response plans to ensure compliance with industry standards.
- Created Standard Operating Procedures (SOP) for real-time threat monitoring.
- Utilized MITRE ATT&CK and network/application protocols to track and hunt threats using known adversary Tacticts Techniques and Procedures (TTPs)
Cybersecurity Consultant
i2i Global Technology Solutions
Honolulu, Hawaii
01.2023 - 07.2023
- Conducted cybersecurity risk assessments on all Hawaiian Airport critical systems in accordance with Department of Homeland Security, Transportation Security Administration emergency amendment taking action because of persistent cybersecurity threats against U.S. critical infrastructure to include the aviation sector. These systems included critical systems at Honolulu (HNL), Maui (OGG) Kona International Airport (KOA) and Lihue Airport (LIH), Video Management System and Access Control system (VMACS), Identity Management System (IDMS), Flight Information Display (FIDs), Gate Management System (GMS), Baggage Management System (BMS), SCADA Systems, Fire Control Systems (FCS), Airfield Lighting System (ALS)
- Assessments were done utilizing: Visual Inspections on all equipment on each system including but not limited to power, backup power, servers, switches, routers, cooling equipment, and any outside connectivity. Also conducted Port scans, Policy reviews, Standard Operating Procedure reviews, Maintainer interviews, System/Router/Switch Log reviews, Router/Server/Switch configuration settings reviews.
- Created an individual Cybersecurity Implementation Plan (CIP) for each Hawaiian airport where an assessment was conducted in accordance with the TSA emergency amendment.
- Utilized NIST 800/53 rev 5 security Controls to create a Cybersecurity Assessment Program to guide implementation of the Cybersecurity Implementation Plans.
- Created Critical System Identification and Authentication Policy, Multi Factor Authentication Policy, Password Policy, User Agreements, and Access Control Policies.
- As the Cybersecurity Consultant for i2i Global Technology solutions created Incident Response Plan, the Systems Security Plan, Access Control Policy and Information System awareness and training policy.
Cyber Security Director
Clear Ridge Defense
Baltimore, MD
06.2021 - 01.2023
- Developed and implemented cyber security protocols to ensure the safety of confidential data.
- Established detailed policies and procedures for monitoring and responding to potential threats.
- Conducted regular audits to verify that security measures were in place and effective.
- Provided technical guidance on cyber security matters to senior management.
- Evaluated new technologies, products, and services related to cyber security solutions.
- Ensured compliance with all applicable laws, regulations, and industry standards for data protection.
- Supervised a team of IT professionals responsible for managing cyber security systems.
- Performed risk assessments to identify areas of vulnerability in networks or applications.
- Prepared comprehensive plans for responding to incidents involving breaches of security policies or unauthorized access attempts.
- Researched emerging trends in the field of cyber security and recommended appropriate changes in strategies or processes.
- Trained staff members on best practices for protecting confidential information from malicious attacks.
- Coordinated with other departments within the organization to ensure consistency in cyber security strategies.
- Assisted with developing incident response plans which included training employees on how to respond to potential threats.
- Created detailed documentation outlining the scope of work performed by the Cyber Security team.
- Presented findings at board meetings as well as executive briefings on current state of cybersecurity posture.
- Negotiated contracts with vendors providing cyber security services such as penetration testing or malware analysis.
- Analyzed workflows and established priorities for daily operations.
- Provided company users with tech support for IT problems and account maintenance.
- Evaluated organization's technology to recommend upgrades for hardware and software.
- Reviewed program plans to develop and coordinate activities.
- Procured IT resources for strategic and operational computing requirements.
- Reviewed and approved project plans prior to implementation.
- Recruited, trained and supervised IT department staff.
- Developed data security and disaster recovery procedures.
- Controlled operational IT budget and expenditures within department parameters.
- Assigned and reviewed work of IT project managers, systems analysts and developers.
- Examined metrics and prepared IT project progress reports.
Senior Technical Consultant
Clear Ridge Defense
Baltimore, MD
02.2020 - 06.2021
- Led the development of python scripts to automate threat hunting using Tactics, Techniques, and Procedures of adversaries of interest in big data platforms to parse and organize data increasing the speed at which analysis could occur. Created a Defensive Cyber Operations course to train Cyber Pursuit Operators on analyst tradecraft (MITRE ATT&CK, Lockheed Martin Cyber Kill Chain, Intelligence Model, Diamond Model), s Network analysis (Protocol Analysis, Deep Packet Inspection, IPv4 vs IPv6, packet capture), and malware analysis (static and dynamic malware analysis, endianness, opcodes, ollydbg, idaPro, Ghidra, regex, and YARA signature Dev).
- Mentored junior analysts on their development of python for cyber threat hunting through SIGINT Sensors and reviewed all python scripts prior to production of the scripts.
- Senior Trainer on the Cybersecurity Directorate (CSD) at NSA creating all Tradecraft, Network, and Malware analysis training as well as instructing the courses, proctoring exams, grading assignments and exams, and mentoring trainees.
- Created an Advanced Cyber Operations Course for Sensor Ops Engineers. Trained them to conduct deep packet inspection, advanced malware analysis techniques, advanced REGEX techniques, and python development for Big Data Platforms and automation of tedious tasks.
- Developed and implemented training to instruct students on tools to include NetFlow analysis tools, Wireshark, Carbon Black, REGEX, Splunk, ArcSight, Recorded Future, virus total.
Senior SOC Manager
Clear Ridge Defense
Baltimore, MD
01.2018 - 02.2021
- Maintained knowledge of current cyber security threats, attack vectors, and countermeasures.
- Monitored network activity for suspicious behavior and investigated potential intrusions.
- Performed vulnerability assessments across the organization's networks using various scanning tools.
- Implemented robust incident response processes including forensics analysis and remediation activities as required.
- Created detailed reports on security incidents for executive-level audiences.
- Developed technical documentation related to SOC operations including SOPs and playbooks.
- Managed a team of cybersecurity professionals providing support in the areas of threat intelligence, log management, intrusion detection and prevention, malware protection, access control.
- Coordinated with external stakeholders such as vendors, law enforcement agencies, auditors as needed during investigations or other tasks.
- Trained personnel on best practices for data protection measures such as encryption techniques, two factor authentication.
- Evaluated emerging technologies for their potential applications within the SOC environment.
- Collaborated with internal teams to develop strategies for responding to cyber threats quickly and effectively while minimizing disruption to business operations.
- Worked closely with IT departments to ensure proper implementation of security controls throughout the organization's infrastructure.
- Participated in industry forums focused on sharing information about new threats or attack trends.
- Researched new technologies that could be used to improve overall security posture.
- Ensured compliance with relevant laws and regulations pertaining to data privacy and security.
- Maintained team compliance with professionalism guidelines and security team standards.
- Recorded required data for incident reports and files.
- Completed investigations of security incidents and wrote reports for permanent record.
- Developed and implemented training methods to promote improved officer performance.
- Compiled evidence for law enforcement officials to use to prosecute criminals.
Lead Senior Cyber Intelligence Analyst
Leidos
Reston, VA
12.2016 - 01.2018
- As the SOC Manager led and mentored five-member Intelligence support to operations team providing adversary/threat assessments to the DODIN; provide training on analysis, reporting, and briefing senior leaders. Managed incident response reporting and handling. Assisted program manager with recruitment, candidate evaluation, and hiring decisions. Presented intelligence updates at high-level meetings and briefed senior leadership. Used Cyber Kill Chain, Diamond Model, and JP 3-12.
- Led the development of JFHQ-DODIN Cyber Situational Template for adversary situation/threat assessment and wrote Fusion analysis Standard Operating Procedures (SOPs).
- Lead intelligence analyst and Subject Matter Expert (SME) for cyber threat identification and characterization enabling effective timely mitigation.
- Wrote Python scripts to automate NetFlow scans on known bad Indicators of Compromise (IOC) and Indicators of Attack (IOA) to provide analysts with raw data results for triage and analysis allowing analysts to focus on Threat Hunting using TTPs of known adversaries. (MITRE ATT&CK Framework)
- Maintained knowledge of current cyber security threats, attack vectors, and countermeasures.
- Provided technical guidance on security matters to system administrators.
- Conducted regular reviews of existing systems to identify areas of improvement in terms of security posture.
- Implemented robust incident response processes including forensics analysis and remediation activities as required.
- Created detailed reports on security incidents for executive-level audiences.
Senior Software Engineer
CACI
Arlington, VA
11.2015 - 12.2016
- Technical Program Manager for the On-Net Development team within United States Cyber Command (USCC) Cyber Development Group (CDG)
- Led the development team in building off-site development team in the research, development and testing cyberspace capabilities and hardware exploits
- Performed pen testing (Metasploit, Meterpreter, BEEf, custom Python Scripting)
- Utilized fuzzers and EEPROMs to research hardware vulnerabilities
- Developed Meterpreter payloads and configured & operated vSphere, MSSQL, SSH, FTP servers, and Security Onion (Bro, Snort), created defensive cyber capabilities.
- Advised government leadership on various the development of an off-site plan, how to define software requirements, provided weekly updates on development projects and sprints, facilitated training for junior developers, testers and operators, and presented demonstrations of completed development projects to Government Leadership and Outside Stakeholders.
- Analyzed user requirements to develop software solutions and created technical specifications.
- Monitored system performance and troubleshoot issues in production environment.
- Collaborated with cross-functional teams to ensure quality assurance throughout the development process.
- Created detailed design documents, test plans, user manuals, release notes and other related documentation.
- Participated in regular meetings with stakeholders to discuss project progress, changes, challenges.
- Provided technical support to customers regarding product usage and troubleshooting issues.
- Utilized version control tools such Git or SVN for managing source codes across multiple projects.
- Refactored legacy codes for improved maintainability without affecting existing features.
- Coordinated with project managers to meet development timelines and plan testing.
- Met with stakeholders, product teams and customers throughout system development lifecycle.
- Introduced automation tools to enhance workflow.
- Liaised with QA testers to perform testing meeting various parameters.
- Created training program for internal and client staff for red teaming vs. blue teaming and other exercises.
- Supported cyber business development efforts by taking a lead role in writing proposals for potential CACI clients.
Senior SOC Manager
Lockheed Martin
Bethesda, MD
02.2015 - 11.2015
- Led, mentored, and trained eight cyber fusion analysts on analysis, characterization, and reporting of threats to DODIN for appropriate mitigation. Assisted program manager with interviewing/hiring, as well as providing weekly/monthly status updates to clients. Briefed senior leadership in intelligence incidents and presented updates at J2 meetings.
- Served as Government Branch Chief for Cyber Fusion Intelligence Analysis from 2/15 to 5/15 during search for full-time replacement. Guided and directed cyber fusion intelligence team in conduct intelligence operations.
- Provided training and leadership for three in-house and DODIN and three DoD-wide exercises critical to transitioning SOC from initial to full operating capacity and receiving Joint Information Operation Center (JIOC) certification.
- Managed incident response reporting/handling and trained JIOC watch captain on Tier 1, 2, and 3 requirements to stand up team, intelligence reporting, integration with operational watch floor, and intelligence collection, analysis, and reporting standards.
- Enabled prompt response to incidents and effective coordination of detection, analysis, mitigation, and reporting by creating DoD cyber defense communication system.
- Wrote 10 SOPs for incident reporting, event management, intelligence reporting, operations, 0day reporting, operations planning team procedures, and SOC reporting.
- Orchestrated creation of Network Activity Report (NAR) for reporting network incidents correlated with Category reporting and Cyber Kill Chain to allow intelligence analysts to provide cyber threat assessments and graphical representation for senior leadership.
- Led implementation of NAR tool for DOD-wide intelligence analysis and reporting, providing serialized reporting of real-time incidents, actionable indicators for mitigation, and cyber network defensive operations.
- Authored or co-authored four Threat Alerts and one Significant Activity Report (SAR).
Education
Master of Science - Information Systems Management
Keller Graduate School of Management
Oak Brook, IL07-2012
Bachelor of Science -
American InterContinental University
Schaumburg, IL04-2009
Skills
- Patch Management
- Data Encryption
- Cybersecurity Frameworks
- Penetration Testing
- Incident Response
- Disaster Recovery
- Business Continuity
- Software Deployment
- Network Security
- Compliance Monitoring
- Access Control
- Intrusion Detection
- Reverse Engineering
- Protecting Networks
- Data Security
- Managing Security Breaches
- Regulatory Compliance
- Tenable Nessus
- Compliance Management
- Reporting and Documentation
- MITRE ATT&CK
- Metasploit
- Wireshark
- Splunk
- ArckSight
- AZURE
- Linux Server
- Kali Linux
Certification
- CompTIA Security+ COMP001020454723
- CISSP (Testing March 2024)
- E|CIH (Testing Feb 2024)
Timeline
Cybersecurity Analyst
Y-Tech LLC
07.2023 - Current
Cybersecurity Consultant
i2i Global Technology Solutions
01.2023 - 07.2023
Cyber Security Director
Clear Ridge Defense
06.2021 - 01.2023
Senior Technical Consultant
Clear Ridge Defense
02.2020 - 06.2021
Senior SOC Manager
Clear Ridge Defense
01.2018 - 02.2021
Lead Senior Cyber Intelligence Analyst
Leidos
12.2016 - 01.2018
Senior Software Engineer
CACI
11.2015 - 12.2016
Senior SOC Manager
Lockheed Martin
02.2015 - 11.2015
Master of Science - Information Systems Management
Keller Graduate School of Management
Bachelor of Science -
American InterContinental University
Similar Profiles
KHALID AHMAD KHALID AHMAD null
RO water filter technician at Mar tech general tech llcRO water filter technician at Mar tech general tech llc
Ganbaatar KhilchinbaatarGanbaatar Khilchinbaatar
Construction Worker at JK LLC In Korea, Colors Tech LLC In MongoliaConstruction Worker at JK LLC In Korea, Colors Tech LLC In Mongolia
Robert SealeyRobert Sealey
Owner, Store Manager at Sea Tac Tire & Auto Tech, LLC, a Goodyear DealershipOwner, Store Manager at Sea Tac Tire & Auto Tech, LLC, a Goodyear Dealership
Devin S. SmithDevin S. Smith
Pet Sitter at Friends and FamilyPet Sitter at Friends and Family
Geron BrooksGeron Brooks
Substitute Teacher, Relay Elementary School at Kelly EducationSubstitute Teacher, Relay Elementary School at Kelly Education