WEBVTT

00:03.880 --> 00:05.824
Uh , my name is Airman first class

00:05.824 --> 00:08.369
Alexander Brier . Uh , I work full time

00:08.380 --> 00:10.269
at IBM as a supply chain security

00:10.269 --> 00:12.436
specialist . I work part time with the

00:12.436 --> 00:14.658
2 29th , uh , cyber operations squadron

00:14.658 --> 00:16.602
as a cyber warfare operator . Uh ,

00:16.602 --> 00:18.620
security clearance helped me get

00:18.629 --> 00:20.854
further in the civilian world for my

00:20.864 --> 00:22.834
job , uh , by saving me about six

00:22.844 --> 00:25.066
months of waiting for the investigation

00:25.066 --> 00:27.233
to go through and it saved my employer

00:27.233 --> 00:29.233
about 10,000 potential dollars when

00:29.233 --> 00:31.233
they went to hire me as they didn't

00:31.233 --> 00:33.122
have to conduct the investigation

00:33.122 --> 00:32.935
themselves and get all the paperwork

00:32.944 --> 00:36.924
documented and that has opened probably

00:36.935 --> 00:39.102
at least 40 other opportunities for me

00:39.564 --> 00:41.564
here on the weekends . We typically

00:41.564 --> 00:44.169
train up in defense of other cyber

00:44.180 --> 00:46.291
threats , getting proficient in tools

00:46.291 --> 00:48.319
that the community already uses to

00:48.330 --> 00:50.497
combat cyber threats and detect . Uh ,

00:50.497 --> 00:53.240
we prep for a lot of network , uh ,

00:53.250 --> 00:55.419
manipulation and defense . We look

00:55.430 --> 00:58.599
through logs . Logs is a record for

00:58.610 --> 01:00.721
events that happen on a computer or a

01:00.721 --> 01:03.080
network . Um , typically there's a

01:03.090 --> 01:06.599
large sum of data that comes from all

01:06.610 --> 01:08.610
activities , even the stuff that we

01:08.610 --> 01:10.332
don't see , uh , just from how

01:10.332 --> 01:12.277
computers communicate . But we use

01:12.277 --> 01:14.332
aggregation tools to view simplified

01:14.332 --> 01:16.499
versions and we can set it to alert us

01:16.499 --> 01:18.332
when specific types of logs come

01:18.332 --> 01:20.666
through . For specific types of actions .

01:20.666 --> 01:22.888
We use that to characterize threats and

01:22.888 --> 01:25.054
not have to look through thousands and

01:25.054 --> 01:27.221
thousands of logs to get to the bottom

01:27.221 --> 01:29.221
of what we're looking for here . We

01:29.221 --> 01:30.999
probably take it to at least an

01:30.999 --> 01:33.221
intermediate or an expert level on most

01:33.221 --> 01:35.221
topics that we look into . Um We're

01:35.221 --> 01:37.980
training to be as proficient in every

01:37.989 --> 01:40.309
subject matter . We can be involving it

01:40.319 --> 01:42.541
and tech and just cyber in general . Uh

01:42.541 --> 01:44.900
We have to be able to do defense . We

01:44.910 --> 01:47.021
have to be able to do countermeasures

01:47.021 --> 01:48.854
and response actions which would

01:48.854 --> 01:50.940
involve uh counter hacking or

01:50.949 --> 01:54.339
penetration testing . Um We have , I

01:54.349 --> 01:56.460
mean , globally impacting , we have a

01:56.460 --> 01:58.682
lot of mission partners that we have to

01:58.682 --> 02:00.682
protect their networks . Uh We also

02:00.682 --> 02:02.905
help secure our own network here at the

02:02.905 --> 02:05.071
base and we go through and we audit as

02:05.071 --> 02:07.769
well to make sure that we have no

02:07.779 --> 02:09.612
vulnerabilities that we could be

02:09.612 --> 02:11.835
patching and doing ourselves instead of

02:11.835 --> 02:13.723
waiting for an update to come out

02:13.723 --> 02:15.779
outside of our network . So a global

02:15.779 --> 02:17.501
effect . I mean , we would see

02:17.501 --> 02:19.390
adversaries of rival countries on

02:19.390 --> 02:19.250
networks and be able to remove their

02:19.259 --> 02:21.690
access , find how they came in and

02:21.699 --> 02:23.699
patch that to keep them from coming

02:23.699 --> 02:25.810
back that same way in the future , we

02:25.810 --> 02:27.866
can assess the damages of any data .

02:27.866 --> 02:30.509
They may have infiltrated . Uh We , I

02:30.520 --> 02:33.429
mean , protect other cyber systems for

02:33.440 --> 02:35.440
other countries . We've go or we've

02:35.440 --> 02:37.496
gone through and removed adversaries

02:37.496 --> 02:39.551
from other countries as well . To me

02:39.551 --> 02:41.718
getting to see the impact that we have

02:41.718 --> 02:43.829
when it comes globally , I guess with

02:44.300 --> 02:46.356
getting to actually be out there and

02:46.356 --> 02:48.300
deal with the threats that we talk

02:48.300 --> 02:50.467
about . And we research , we work with

02:50.467 --> 02:52.578
intel really hand in hand , they kind

02:52.578 --> 02:54.689
of drive operations . We get to see a

02:54.689 --> 02:56.800
lot of uh tactics and techniques that

02:56.800 --> 02:59.490
we study . Uh in depth . We get to

02:59.500 --> 03:01.667
execute some of the techniques that we

03:01.667 --> 03:04.149
have for responding to adversaries uh

03:04.160 --> 03:06.860
exploiting vulnerabilities . Uh I

03:06.869 --> 03:08.980
really felt that being in the Vermont

03:08.980 --> 03:11.036
International Guard was calling , um

03:11.036 --> 03:14.389
they enable me to keep a high level of

03:14.399 --> 03:17.330
proficiency in the cyber field and it

03:17.550 --> 03:19.717
lets me have fun with people that also

03:19.717 --> 03:21.883
have the same interests and are of the

03:21.883 --> 03:24.880
same level of proficiency and have that

03:24.889 --> 03:27.919
same desire to continue gaining skills

03:27.929 --> 03:28.770
in cyber .