Bachelor of Science, Information Systems (Computer Security) @
Strayer University (VA)
Information Technology professional with substantial experience working within large government environment and that provides exceptional written and oral communication, problem-solving, and multi-tasking skills. Over 4 years of experience working within Defense Intelligence Agency (DIA). Earned two Bachelor Degrees in Information Systems and Criminal Justice, currently completing Master’s Degree in Information Security and Assurance, possesses CEH, Security+ and
Information Technology professional with substantial experience working within large government environment and that provides exceptional written and oral communication, problem-solving, and multi-tasking skills. Over 4 years of experience working within Defense Intelligence Agency (DIA). Earned two Bachelor Degrees in Information Systems and Criminal Justice, currently completing Master’s Degree in Information Security and Assurance, possesses CEH, Security+ and ITIL certifications, and has experience working with vulnerability assessment tools and computer forensic software. Currently working as a Security Operations Center Analyst, monitoring and analyzing network traffic, Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), security events, and logs. Possesses 3 years’ experience as a Cyber Threat Intelligence Analyst, conducting all-source intelligence fusion and threat modeling, and producing metrics and trending data for multiple key threat indicators. Experience working as Web Application Developer using Django web framework. 8 years in federal law enforcement and security with extensive professional experience in conducting criminal and counterintelligence investigations, conducting research and analysis, providing comprehensive written and oral reports to high-level officials, and collecting and maintaining chain of custody of electronic evidence as evidence custodian. As Federal Agent, led multidisciplinary teams of analysts, collectors, and support personnel, understanding CI policies and procedures, and producing strategic analysis reports, threat assessments, daily intelligence briefings, situational awareness briefings, and security briefings for combatant and theater commanders.
Specialties: Tenable/WebInspect/DbProtect Vulnerability Exploitation Testing, IBM Site Protector System, Archer, BigFix, Splunk, McAfee ePolicy Orchestrator (ePO), Java, Python, Django, Wireshark, FTK Imager, SANS Investigative Forensic Toolkit.
Incident Response Analyst @ Performs Incident Response and Triage on all security escalations/detections to determine scope, severity, prioritization and, if immediately possible, root cause. Triage includes the safe gathering and assessment of all relevant available/observable event/incident data as evidence, and includes review of all internal knowledge bases for historical precedent or patterns. Correlates event/incident data (network and host-based) from as many sources as practical to confirm and/or validate status as: event of interest (suspicious, but unexplained warranting further investigation), explainable/non-incident (false-positive), or true incident (occurrence with potential or actual adverse effects). Performs analysis to recognize/distinguish and qualify real versus non-incidents, malicious or suspicious activity patterns, known malicious tools, tactics and processes (TTPs). Performs digital media analysis of systems as required, to include the following, but not limited to, disk image, volatile memory, processes, ports / protocols, potentially malicious software, etc. Performs packet capture of network traffic in support of a potential security incident. From January 2015 to Present (1 year) Washington D.C. Metro AreaSecurity Operations Center Analyst, @ Responsible for Information Systems Vulnerability Management (ISVM) reporting and compliance assessment of Department of Homeland Security (DHS) component nodes. Core tasks involve creating and troubleshooting systems data using tools such as BigFix Web Reports, Xacta/Archer and Remedy, while implementing data mining techniques. Monitors and provides first hand incident response actions for alerts generated by host intrusion prevention systems (HIPS) and network intrusion prevention systems (NIPS), such as Proventia IBM Site Protector System (ISS) and McAfee ePolicy Orchestrator (ePO / HBSS). Also, utilizes Splunk to review and perform targeted queries on Proxy Logs. From March 2014 to January 2015 (11 months) Learning Technology Analyst @ Managed DIA's learning technology architecture and capabilities to deliver efficient training. Identified learning technology needs and provided solutions for the DIA enterprise to deliver training that supported DIA's training priorities.
• Managed Tiger Team to create a proposed process to evaluate incoming information technology requirements
• Participated in Tiger Team to research and select Learning Content Management System for DIA From January 2014 to March 2014 (3 months) Consultant @ Program Manager for two high-level programs within DIA’s Military Awards Office, and Consultant for DIA’s Directorate Subject Matter Experts and Hiring Managers. Served as primary liaison between DIA and program management office.
• Managed processing awards for military personnel throughout world and counterintelligence background checks on foreign military personnel
• Collected and maintained panel metrics utilizing DIA’s databases and spreadsheets.
• Developed and prepared monthly statistical reports
• Provided and implemented business process improvement efforts From November 2011 to March 2014 (2 years 5 months) Washington D.C. Metro AreaCyber Threat Intelligence Analyst @ Conducted all-source intelligence fusion and threat modeling. Executed metrics and reporting (cyber bulletins, threat briefings, etc). Conducted emerging threat research, assigned threat focus areas, and performed emerging threat reviews in order to produce metrics and trending data for multiple key threat indicators.
• Researched tools to automate botnet/malware analysis tasks
• Conducted threat analysis and coordinated response methodology
• Discretely and diplomatically resolved issues with clients while respecting company privacy concerns
• Worked with vendors and outsourced partners to resolve issues. From March 2011 to March 2014 (3 years 1 month) Facility Security Officer @ Managed over-all security program for DeepMile Networks and Advanced Concepts Research Group. Knowledgeable in National Industrial Security Program Operating Manual (NISPOM) procedures and maintained company facility and personnel security clearances. Processed personnel security clearances and periodic reinvestigations utilizing Joint Personnel Adjudication System (JPAS) and electronic- Questionnaires for Investigation Processing (e-QIP). Developed, implemented, and administered security awareness training for cleared personnel. Conducted indoctrinations, briefings, de-briefings, annual refresher training and foreign travel briefings, and visit authorization requests. Managed and maintained current personnel clearance spreadsheets based on JPAS data. Maintained security records and files, and provided liaison with other company facility security officers and government security representatives.
• Created Advanced Concepts Research Group's security program
• Created and revised written security plans and procedures
• Participated in Defense Security Service inspections and audits From February 2009 to March 2014 (5 years 2 months) Washington D.C. Metro AreaWeb Application Developer @ Conducted web application development using Python within Django web framework. Utilized Eclipse as base workspace for customizing Django environment.
• Researched tools to perform web design
• Analyzed methods to efficiently address software system requirements From October 2013 to January 2014 (4 months) Special Agent @ Independently planned, coordinated, conducted, and managed increasingly complex operations and investigations as senior special agent concerning criminal felony offenses. Performed research and analysis of previous cases to determine laws and regulations violated. Planned and conducted numerous interviews with victims, witnesses, subjects, and sources. Prepared written investigative memoranda, summary of facts, comprehensive final reports, reports of interview, and subpoenas for prosecutors. Served as liaison with intelligence, federal, state, county, and local law enforcement agencies on complex matters under investigation. Served as primary handler and custodian of evidence obtained as a result of criminal and counterintelligence investigations. Maintained chain of custody of evidence and worked closely with Department of Defense Computer Forensics Laboratory when electronic evidence was seized.
• Lead investigator for DoD/FBI investigation of AF member who solicited sexual relations with minors over the Internet – Defense Computer Forensics Laboratory listed case on their top 10 highest priorities.
• Lead investigator of DoD/FBI espionage investigation.
• Wrote 270+ intelligence information reports protecting over 70,000 US coalition forces and airfields.
• Produced significant intelligence on the structure, tactics, techniques, and procedures of two terrorist groups to US Army targeting team and other Department of Defense Intelligence agencies. From June 2005 to October 2008 (3 years 5 months) Law Enforcement Officer/Security Forces @ Provided immediate armed response to security incidents, hostile situations and alarms emanating from restricted areas containing multi-billion dollar Air Force and Space Command resources. Ensured the security of Protection Level (PL) 2 space surveillance assets and satellite communication systems, PL3 aircraft, weapons, and other resources requiring stringent security measures. Ensured compliance with applicable security and safety regulations. Conducted physical security inspections of assigned areas and reported all deficiencies. From November 2000 to June 2005 (4 years 8 months)
Master’s Degree, Information Security and Assurance @ George Mason University From 2013 to 2016 Bachelor of Science, Information Systems (Computer Security) @ Strayer University (VA) From 2011 to 2012 Bachelor of Arts, Criminal Justice @ Moravian College From 1996 to 2000 Joshua Wren is skilled in: Intelligence, Security Clearance, Security, DoD, Counterintelligence, Physical Security, Government, Intelligence Analysis, Private Investigations, Tactics, National Security, Criminal Investigations, Counterterrorism, Defense, Military
Looking for a different
Get an email address for anyone on LinkedIn with the ContactOut Chrome extension