Cyber Telecommunications Expert Witness

Provides Opinion & Testimony In:

Cyber forensics, cyber, counterintelligence, installation, operation, cyber troubleshoot, network telecommunications, collection management, in theater operations support, field services, systems planning, cyber security, hacking analysis, exploit of viruses, propogation of viruses, mal ware, trojans, mal deteriming user activity, automatic teller machine


Results-driven professional with ten years of intelligence analysis, cyber counterintelligence, and network telecommunications experience including all-source collection management and reporting, in-theater operations support, field services; systems planning, Cyber Forensics, installation, operation, troubleshooting and maintenance.  Over 5 years of project management, sales engineering and account management experience as well.  Possess excellent team leadership, customer and staff management skills. Expertis also an experienced Native Arabic and French speaker with over 5 years of working linguistic/Intelligence analysis based contracts in Iraq and Qatar.


Expert would be a CCA with an active TS / SCI and CI Poly. CI Poly in 2009, SSBI Closed in 2008


2012    CISSP (In class now until December 2012 at Howard Community College, MD)
2011    CCIE Security Boot camp (covered ASA, ACL, IPS, IDM) - CCBOOTCAMP - Texas
2010    Cyber Defense Academy (DCITA) - MD- Counter Intelligence in Cyber Space (CICS)
2009    Cyber Defense Academy (DCITA) - MD- Cyber Online Undercover Techniques (OUT)
2008    Joint Military Virtual University - Tysons Corner- VA- Geospatial Information and Services
2007    Joint Military Intelligence Training Center -VA- Gisting for the 21st Century Linguist
2005    Montgomery College-Rockville-MD- Visual Basic.Net & JAVA.
1993    IDRAC France (European Territory)-France-Paris.
1991    IDIT B.T.S (B.S. Level) Engineering/Business-Paris France


  •     Encase Enterprise
    Encase EDiscovery
    Encase Implementation
    Encase Forensics 1 & 2
    Security+ certified
    Net+ – comptia.
    ATM Configuration.
    CEH (Certified Ethical Hacker)
    Troubleshooting Frame Relay Networks.
    Geospatial Information- Joint Intelligence University.
    Advanced Cisco configuration.
    Online Undercover Techniques-Cyber-DCITA.
    Cisco Network Troubleshooting
    CICS (Counter Intelligence in Cyber Space).
    DLPT 3/3 in Arabic (MSA, Levantine dialect, Egyptian & Yemeni Dialect, most of the Arabic
    speaking countries) and French and ALTA 5/5


July 2012 – September 2012: Private Company, Germantown, MD:
Provide technical support to security personnel in examining computer resources as directed,
including the identification and removal of contaminating classified data from unclassified
systems to return the resource to service.
Develop approved Standard Operating Procedures (SOP’s) including escalation procedures for
clearing various hardware and software platforms, as new requirements are identified or arise.
Enable and implement procedures for the remote wiping of systems remotely using DOE’s
installation of EnCase Enterprise.  tools (such as search or clearing utilities), HbGary and
FireEye to support the decontamination process, Ethical hacking.
Conduct “Lessons Learned” evaluations using the information gained from the evaluation of
information security incidents to identify recurring or high impact incidents.
Disseminate findings of cyber activity to the DOE community and National agencies including
US-CERT and the Intelligence Community.

March 2012 – June 2012: Senior Business Analyst, Cyber Security – Air Force – Pentagon (contract):
Serves as a technical advisor in ensuring cyber security standards are implemented to enable
Air Force organizations to practice safe security techniques by following the DIACAP process.
Provides information assurance support for the development and implementation of security
architectures to meet new and evolving security requirements on cross domain solutions.
Set up periodic and other unscheduled briefings on the status of critical joint initiatives for Air
Staff, SECAF, Joint Staff, and DoD key officials concerning enterprise network initiatives.
Serves as an Air Force technical representative for IA at technical symposia, industry
conferences, seminars, meetings, working groups (DSAWG), panels and advise on cross domain
solutions issues.
Prepares, facilitates, and provides post-event minutes and summaries for action officer,
executive, and Congressional level hearings, meetings, seminars, conferences, boards and
related activities.
Facilitate the coordination of actions required to implement IT capabilities at the AF Enterprise
level, analyze technology trends to support IT strategic planning.
Author, review and edit policy documents, regulatory instructions, concepts of operation, and
other formal documents as necessary to accomplish tasking and program execution.

June 2011 – October 2011: Senior Consultant, Guidance Software (contract):
Client Management including actively consulting with Federal sector clients on best practices
and Cyber Security solutions, products implementation in the client networks and managing the
planned expectations.
Project Management which includes providing flexible strategies, creating deliverables in
professional structure and providing detailed reports depicting the overall services provided.
Planning client engagements and deliverable strategies along with resolving any internal
department conflicts and identifying risks areas along with providing a proper solution.
Provide mentoring to other consultants in the field of Cyber Security.

January 2010 – April 2011: Enterprise Sensor Grid Manager & Lead Network Security Engineer,
Act as the Agency’s sensor grid manager on the Department of Defense (DoD) DISA operated
Global Information Grid (GIG) enterprise sensor grid.  Prepares daily executive summary of the
health of the GIG enterprise sensor and presents the material, as required, to senior
government leadership.
Coordinate and assist DISA NetOp Centers (DNC), the SOC (watch floor) and Field Security
Operations on enterprise sensor capabilities, Incident response, outages, and maintaining
HIPAA (PII) guidelines.
Used tools such as Arc sight Logger/Connectors, Netcentrix, Trickler, Dscape and remedy.
Participated in the continuous operations (Coop) exercise to maintain 24×7 coverage.
Act as a Subject Matter Expert at DCITA (Defense Cyber Investigations Training Academy).
Develop and deliver customized Network Investigations & Cyber CI trainings. Provide inputs for
courseware, concerning new or existing security system procedures and/or programs to ensure
compatibility with the customer’s standard operating procedures.
Develop detailed design courses using best of breed security & Forensics equipment including
firewalls, incident response, intrusion detection systems (IDS) and access control servers. Also
the use of various tools and software such as Encase, VMware, Netwitness, Forensic toolkit,
Snagit, Pcap, Analyst Notebook, mobile Edit, Intrusion detection, Firewalls, TCP/IP,
Routing/Switching, IP packets Analysis, intrusion analysis and pen testing.

June 2009 – January 2010: Cyber CI Analyst, SAIC, Linthicum, MD:
Perform intelligence analysis on cleared defense contractor networks to support the DSS
Counterintelligence mission, Ethical hacking.
In accordance with DoD National Industrial Security Program (NISP) guidance, collaborate with
analytical counterparts across the U.S. Intelligence Community; apply knowledge of network
fundamentals, open-source tools, and current implementation of those technologies in order to
create all-source analytic products and collection strategies.
Perform all-source intelligence analyses of cyber activities to identify entities of interest; their
methods, motives, and capabilities to determine malicious behavior; and recognize emergent
patterns and linkages to mitigate the risks and understand adversary targeting of classified
programs and cleared personnel.
Produce technical intelligence reports in support of special programs and system security plans
working with Intrusion detection systems, Firewalls, pen testing, TCP/IP, Routing/Switching, IP
packets Analysis, intrusion analysis and incident response using tools such as Arc sight to
provide expertise and leadership to the team in the development of analytical models and

October 2008 – June 2009: Cyber Analyst, MEP, Fort Meade, MD:
Linguist in the support of the Army Cyber Counterintelligence Activity at the 902d Military
Intelligence Group.
Conduct Counterintelligence collection operations in cyber environment meeting Army, DOD and
national collection requirements.
Provide linguistic and cultural subject matter expertise in support of a sensitive Army mission.
Conducted open source research and synthesized research with collected intelligence to meet
requirements and tasking. Wrote various Intelligence Information Reports (IIRs) on the Portico
system where few of them received evaluations by the Intelligence Community.
Produced Cyber Intelligence Reports that detailed specific threats to Army and DOD equities
and identified operational actions to mitigate those risks and threats using Intrusion detection
systems, Firewalls, TCP/IP, Routing/Switching, IP packets Analysis, intrusion analysis.

December 2006 – September 2008: Intelligence/Linguist, DIA, Northrop Grumman and NWB, NMEC, VA:
Manage production of intelligence reporting from tactical to strategic level, responds to
evaluations of intelligence reporting, creates and submits intelligence requirements, targets
and assesses intelligence gaps, creates and monitors analytical support products, conducts
presentation of intelligence products.
Maintains and increases organizational knowledge of analytic methodologies, best practices,
and common procedures for community activities.

March 2004 – August 2006: Intelligence/Linguist, DIA (Defense Intelligence Agency):
Based in Qatar and Iraq, worked with the DOD to interpret various data using linguistic and
tech skills.
Managed tools such as DOCEX for HUMINT.
Maintain and increase organizational knowledge of analytic methodologies, best practices, and
common procedures for community activities.

2001 – Present: President, ECI, LLC, Silver Spring, MD:
ECI (Private Company) created and founded an ecommerce website: (Private) .com as
well as a retail store in a Maryland shopping center.
Handled licensing, raised the Capital to create the assets with the banks, and managed all
related business aspects with the Corporation.

January 2000 – February 2001: Regional Sales Engineer – East Coast, Ericsson Inc., Silver Spring, MD:
Traveled all over the country to qualify our leads working with the sales team on a day to day basis between the Product Unit and Business Unit and marketing to get every new product deployed and worked with tech support to get resolutions on issues encountered.

January 1999 – December 1999: Lead Network Engineer / Account Manager, CMGI-Navinet, Andover, MA:
Provide support to various ISPs as the account manager to resolve problems related to the
internet, dial-up networking, Telcos and different Dns and servers issues.
Supported Firewalls, TCP/IP, Routing/Switching and IP packets Analysis.
Manage team and related organizational projects, installing and implementing tools as Navis
Access from Lucent.

January 1998 – December 1998: Network Support Engineer, Ascend/Lucent, Westford, MA:
Provide Support Help Desk to the sales force.
Perform Network Management services using HPOpenView, dial-in using ProComm Plus, or
telnet through a UNIX machine. Monitor and maintain communications network.
Perform diagnostics and repair on lines and related equipment.
Configure switches and Ascend Routers to support WAN environment and worked on circuits
and ports.
Downloaded CP software and helped customers bring up their switches.
Helped on customer’s network design and worked internationally with foreign accounts.
Supported Firewalls, TCP/IP, Routing/Switching and IP packets Analysis.

January 1997 – December 1997:   Consultant Engineer/Project Manager, MCI, RTP, NC:
Performed circuit tests for international customers in Global Network Management Center.
Provided 1st and 2nd level support on a 24×7 shift, troubleshooting DXCS, CSU/DSU, and Cisco
Routers using MCI tools.
Used Netview 6000 and HP OpenView to diagnose alarms and interfaces.
Worked for Concert (a joint venture between British Telecom and MCI) on the European contact
Processed all project management duties including sales, proposals, monthly forecasts and
account profiles in a timely fashion.
Installed, monitored, and maintained communications network.
Controlled the performance and status of network resources.
Supported Firewalls, TCP/IP, Routing/Switching and IP packets Analysis.