Mark Sweet - Cyber Tactician - Technical Nexus -Leader

Executive Summary

Mark is pursuing a role in cyber risk management building towards a career as a Chief Information Security Officer (CISO). Mark is a proven expert at bridging technical expert capabilities and the strategic goals of senior managers.

Mark’s proven leadership has led cyber teams to provide strategic, impactful, and relevant threat-focused products and information to mitigate risks to the cyber landscape. He accomplishes this with a blend of business acumen, technical, and operational experience. Mark has led large teams of over one hundred.

Mark is an expert in synergizing cybersecurity teams to produce results as demonstrated in career experience, conducting national working groups, public talks, and publications. He is a proven team builder and trainer training over a hundred people in multiple cybersecurity topics. Mark’s personal hobbies include music, mixed media art, culinary, wine, and crafting cocktails.

MY STRENGHTS

Tactician

Understanding not just the technical complexity of the single hack but the impact of the entire adversarial campaign.

Communication

Translating the needs of non-technical customers to technical operators and technical operations to non-technical audiences.

Creativity

Designing cyber threat emulation engagements that cost-effectively answer customer questions.

Leadership

Servant-Leader. Building and empowering teams to achieve sustainable results.

MY EXPERIENCE

Cyber Threat Engineer @ National Nuclear Security Administration (NNSA)

Aug 2022 - Present

Led initiatives to translate strategic organizational threat-articulation objectives into executable Red Team engagements then led and executed those engagements.

• Planned and led threat emulations against nuclear security infrastructure each delivered within scope, timeline, and resource constraints.

• Conducted nationwide working groups to demonstrate how to replicate production environments for non-impactful testing that articulate risk to mission and critical impacts.

• Designed and executed multiple integrated red team operations resulting in measurably reduced risk and millions in operational cost savings.

• Consulted directly with executive leadership to translate strategic objectives into technical requirements resulting in consistent effective delivery.

Red Team Operator / Cybersecurity Inspector @ Joint Forces Headquarters-Department of Defense Information Network (JFHQ-DODIN)

Oct 2018 - Aug 2022

Executed Red Team Operations utilizing intelligence-based adversary techniques. Led assessment teams in evaluation of United States Government Organizations’ cyber posture in relation to Department of Defense (DoD) requirements.

• Executed threat emulations against multiple DoD organizations to stress-test detection and response capabilities.

• Led and executed over fifty cybersecurity inspections certifying United States Government organizations.

• Trained United States Government (USG) personnel and inspectors to building sustainable and repeatable assessment outcomes.

• Authored DoD cyber assessment standards used to evaluate DoD organizations against U.S. Cyber Command requirements.

Blue Team Windows Analyst / Systems Administrator / Mitigations Analyst @ Department of Defense

Sep 2012 - Oct 2018

Delivered security assessments of enterprise environments to identify exploitable weaknesses. Administered systems supporting custom intelligence platforms. Developed rapid, scalable, and integrated vulnerability mitigation solutions across multiple government and private sector organizations.

• Identified and triaged security weaknesses and misconfigurations.

• Administered Windows and Linux custom intelligence collection platforms.

• Developed mitigations to leading threat vectors formatted for rapid deployment improving identification and remediation times by 80%.

Cyber Threat Emulation Team Leader (Captain / O-3) @ United States Army

Sep 2012 - Oct 2018

Served as a Captain in the United States Army Reserve and led red team functions to support military operations targeting USG and U.S. critical infrastructure. Our effective demonstration of real-world threat vectors and credible impacts to organizational leadership led to programmatic and technical changes across multiple agencies.

• Led offensive operations simulating red / purple team, insider threat, physical/electronic threat actors against USG and private sector targets.

• Ensured operational sustainability by authoring and implementing all operational and planning documentation templates and standard operating procedures (SOP).

• Translated non-technical strategic objectives into executable technical operations resulting in effective delivery and measurable risk reductions.

EDUCATION

Carnegie Mellon University

MS in Information Assurance 2017 - 2017

University of Nevada Las Vegas

BS in Management of Information Systems 2005 - 2009

PUBLICATIONS

Strategic Theories Employing Specialty Cyber Teams

Amazon: https://a.co/d/0Sz8fc2

United States Army

Intelligence Officer Captains Career Course 2012 - 2012

United States Army

Signal Officer Basic Course 2009 - 2009

United States Army

Primary Leadership Development Course 2004-2004

CERTIFICATIONS

eLearnSecurity - eLearning Junior Penetration Tester

Cert Number: 7939669

CompTIA - Security+

Code: MYT1DYR2WHEEKVDB

EC-Council - Certified Ethical Hacker

Cert Number: ECC41200077496

ACHIEVEMENTS

EC-Council - Certified Ethical Hacker Hall of Fame

Cert Number: HOF-2023-1400035

Department of Defense -Adjunct Professor

Department of Defense - Career Mentor