australian leadership cyber-security workshop · and security. he is an expert in network attack,...
TRANSCRIPT
PRESENTER
Jeff is a cybersecurity professional with over 16 years operating, teaching, and advising information technology and security. He is an expert in network attack, penetration testing, and technical security assessments.
Jeff is very experienced in developing advanced network defense frameworks, integrating network security, risk assessment, tactics and training program, virtual range development, and cyber exercise design methodologies. He continues to serve as a senior technical officer in the Air Force Reserves; USAF Blue Team and NSA Red Team certified operator and team lead.
Jeff has extensive technical knowledge in securing, configuring, and maintaining network devices, security appliances, Linux based systems, and Microsoft products to include Active Directory, Exchange, and Windows operating systems.
TECHNICAL SKILLS
Operating Systems: MS Windows Server 2003-2012, Windows XP-10, Linux, macOS, and Android
Cloud Technology: Office 365, Exchange Online, Azure AD, Amazon Web Services (AWS), OpenDNS, VMware AirWatch MDM
Software: Nessus, Metasploit, Nmap, Snort, Kali, Security Onion, Wireshark, Active Directory, Exchange 2010/2012, Microsoft Certificate Authority, Enterprise Group Policy, Quagga, VyOS, VMware ESX, VCenter, Cypherpath Software Defined Infrastructure (SDI), Software Engineering Institute (SEI) STEPfwd Exercise Range, AlienVault Unified Security Manager (USM), pfSense Firewall, Fortinet Firewall/IDS/Proxy, WatchGuard Firewall/IDS/Proxy
Programming Languages: C, Visual Basic, Batch, PowerShell, *NIX Shell, Python, Perl, PHP.
RECENT PROJECTS
• Expert on virtual and simulated cyber “range” environments;designed, provisioned, and supported sophisticatedthreat hunting training class for financial sector securityprofessionals in the NYC area; developed a large scale, realisticenvironment to emulate Advanced Persistent Threat (APT)activity.
• Delivered a multi-day event “Tactics Exchange” for theColumbus Collaboratory’s Fortune 100-member firms’ network security teams to collaborate and exchange technicalinformation about advanced network threats utilizing hands-on exercises in a realistic, simulated network environmentusing Cypherpath SDI.
• Responsible for creating and facilitating capture the flagand network defense exercises for T-Mobile cyber securitypersonnel; provided technical expertise in provisioning andconfiguring virtual environments to conduct cyber exercisesusing Cypherpath.
• Led the design of the gamespace for 2017 Infragard-sponsored cyber camp for 2 day-long capstone exercisesin advanced cyber security curriculum; the design wasimplemented by ManTech on the Cypherpath.
AUSTRALIAN LEADERSHIP CYBER-SECURITY WORKSHOP
PRESENTED BY THE SCHOOL OF INFORMATION TECHNOLOGY AND ELECTRICAL ENGINEERING IN CONJUNCTION WITH ARGO P@CIFIC
JEFFREY J.ARSENAULT
PREVIOUS WORK EXPERIENCE
Director, Security Engineering, Delta Risk LLC February 2012 to September 2017
• Led company’s IT Operations for 70+ employees. Office 365expert experienced in securing access, auditing, data loss,and email. Knowledgeable in migrating from on premise,password policies and self-service reset, and SSO with popularSAAS such as Salesforce, AWS, Drobox, etc. ImplementedMDM solution to ensure BYOD devices are secure andcompliant.• Engineered, implemented, and maintained securityengineering solutions for the ActiveEye Managed SecurityService based on the AlienVault USM• Team Lead and Evaluator for DHS in developing andexecuting Cybersecurity Capability Validations (CCVs) ofFederal Agencies in support of the Office of Management andBudget’s (OMB) Trusted Internet Connection initiative.• Developed methodology for evaluating National CapitolRegion states, counties, and organizations alignment to NIST’sFramework for Improving Critical Infrastructure Cybersecurity,providing recommendations to improve their procedures andprocesses.• Lead technical evaluator of applications submitted to ICANNas part of their stringent application process for new domains,adhering to a restricted naming policy for open gTLDs,community-based domains, and internationalized domainnames.• Installed, managed, and developed virtual content insupport of US Cyber Command’s (USCC) CYBER FLAG, CyberProtection Teams, and Marine Forces Cyberspace Command’s(MARFORCYBER) exercises. Exercise content include Blue andRed team simulations, both real time and automated.• Technical expert consultant on DHS FEMA National LevelExercise 2012 Scenario Team. Designed and wrote technicalscenarios to drive simulated cyber-attacks on Federal andState Department and Agencies.
USCYBERCOM, National Security Agency, Fort Meade, MD September 2010 to February 2012
• Prioritized Network Operation Missions for the DoD GIG,oversaw fix actions and provided situational awareness toleadership for 7 million computers, 15 thousand networks,and 20 thousand circuits across the globe directly supportingthe war fighter• Standardized/defined USCYBERCOM reporting guidelinesfor DoD GIG infrastructure to quickly identify critical failures• Ensured active Network Defense of the GIG by workingclosely with the NSA Threat Operation Center (NTOC) andDefense Information Systems Agency (DISA) to developmitigation of cyber advisories and unauthorized networkaccess attempts.
Red Team Services Branch Chief, NSA Red Team, NSA, Fort Meade, MD. September 2009 to September 2010
• Developed and directed training and certification of 100+NSA Red Team cyber operators supporting the defense of theDoD GIG• Helped develop USAF first “Cyber 300” advanced skillscourse to develop strategic focus for integration andapplication of cyberspace capabilities.
AUSTRALIAN LEADERSHIP CYBER-SECURITY WORKSHOP
PRESENTED BY THE SCHOOL OF INFORMATION TECHNOLOGY AND ELECTRICAL ENGINEERING IN CONJUNCTION WITH ARGO P@CIFIC
JEFFREY J.ARSENAULT
PREVIOUS WORK EXPERIENCE CONTINUED
Deputy Chief Systems, Iraq Training and Advisory Mission-Intelligence Transition Team, Iraq February 2009 to September 2009
• Identified requirements and implemented long-rangestrategy and plans to extend Iraqi Intelligence Networkthroughout ministries and military bases
• Advised senior Iraqi officials on developing an advancednetwork architecture and maintaining strong networksecurity practices.
Operations Team Lead, NSA Red Team, NSA, Fort Meade, MD. April 2008 to February 2009
• Led Red Team operations against multiple DoD networksand identified vulnerabilities to increase cyber security
• Certified Red Team operator and analyst; taught UNIXsystems and exploitation for NSA Red Team Boot Camp
Senior Network Systems Engineer, USAF Exchange Officer Canadian Forces, Ottawa, Ontario, Canada. May 2006 to April 2008
• Technical authority for Canadian Forces entire WindowsActive Directory domain of 100 servers and 98 thousandworkstations
Flight Commander, Base-Level Comm, 31st Combat Comm Squadron, Tinker AFB, OK . April 2003 to May 2006
• Led 53-man deployed network control center providinghelp desk, network management, and network infrastructureservices
• First to deploy 5-man capability by leading team to NewOrleans airport for Katrina relief ops to setup full commsupport to relief efforts in 8 hours, and rewarded with Top 100IT Professionals in the US Government for 2005 by FederalComputer Week Magazine.
EDUCATION & CERTIFICATIONS
• Bachelor of Science, Computer Science, Clarkson University,Potsdam, NY, 2000
• NSA/CSS Red Team Operator, 2008
• Security+, CompTIA, 2010
• USAF Cyberspace 300, 2011
• USAF Blue Team Operator, 2012
U.S. NATIONAL SECURITY CLEARANCE: Information available upon request.
AUSTRALIAN LEADERSHIP CYBER-SECURITY WORKSHOP
PRESENTED BY THE SCHOOL OF INFORMATION TECHNOLOGY AND ELECTRICAL ENGINEERING IN CONJUNCTION WITH ARGO P@CIFIC
JEFFREY J.ARSENAULT