FILE  Henry, J. — Personal Profile Augusta, GA · 30909  ·  View as desktop ↗

Jason Henry

Cybersecurity training leader, instructor, and operator. Building the systems that turn cyber practitioners into people who can do the job on day one.

jason.c.henry@outlook.com · (762) 333-5369 · github.com/jhenrysec
§ I

Overview

Ten years across cyber operations, training program design, and direct team leadership. The work I care about is the kind that changes what happens on a shift — programs measured by what practitioners can actually do, not what they completed.

I currently own end-to-end curriculum for 400+ cybersecurity professionals across 4 training cohorts annually at the U.S. Army Cyber School. Before that, as an enlisted team lead at the 782nd MI Battalion, I rebuilt onboarding for a 60-person team across seven distinct work roles and reduced Time to Train by 25%. The thread connecting both is the same: build the framework before the content, measure operational behavior, iterate against current reality.

Active TS/SCI clearance with CI Polygraph. GIAC- and CompTIA-certified across defensible security architecture, incident handling, and penetration testing.

§ II

Experience

2021 — Present Fort Gordon, GA

Cybersecurity Course Instructor & Curriculum Developer

U.S. Army Cyber School

Own the training lifecycle for 400+ cybersecurity professionals across 4 training cohorts annually — needs analysis with mission partners, curriculum design with SMEs across four services, assessment frameworks tied to DoD qualification standards, and a feedback loop pulling current adversary tradecraft back into the curriculum.

Plan and execute 400+ hours of exercises per year against live DoD networks, anchoring instruction in Splunk SIEM workflows, MITRE ATT&CK-mapped TTPs, and realistic SOC scenarios. Mentor junior instructors and cadre through co-teaching, scenario reviews, and curriculum partnerships.

2020 — 2021 Fort Gordon, GA

Computer Network Defense Analyst

U.S. Army Cyber Protection Brigade

SOC-style analysis within an EUCOM/NATO cyber defense mission — incident response, host and network investigation, threat characterization across Windows and Linux enterprise environments. Investigated suspicious activity, analyzed application behavior and network traffic patterns, documented IOCs aligned to known threat actor TTPs.

Conducted vulnerability assessments and digital forensics; characterized adversary tooling and supported attribution through static and dynamic malware triage.

2015 — 2019 Fort Gordon, GA

Enlisted Team Lead — DNEA / Language Analyst

782nd Military Intelligence Battalion, 106 CMT

Inherited a 60-person team across seven work roles and an onboarding process costing months of operational capacity. Designed training pipelines, progression milestones, and progress-tracking metrics that cut Time to Train by 25% and accelerated mission readiness across three mission elements conducting offensive cyberspace operations.

Conducted SIGINT/DNEA target development and language-specific technical analysis supporting priority operational missions; coordinated with higher headquarters for operational and administrative deconfliction.

§ III

Selected Work

Praxis
AI / Training Infrastructure

A multi-agent AI platform that ingests adversary whitepapers and auto-generates ready-to-deliver incident-response training environments. Specialized agents handle intelligence parsing, infrastructure provisioning, content generation, security validation, and orchestration.

The thesis: the bottleneck in technical training isn't SME availability or content quality — it's the manual translation work between a threat report and a usable scenario. Praxis is where AI earns its place in instructional design.

Proxmox VE Terraform Packer Ansible Docker Python Multi-agent Claude ZFS
github.com/jhenrysec/praxis
§ IV

Credentials

Certifications

  • GIAC GDSADefensible Security Architecture
  • GIAC GSTRTStrategic Planning, Policy & Leadership
  • GIAC GCIHCertified Incident Handler · exp. 2029
  • GIAC GSECSecurity Essentials · exp. 2029
  • CompTIA Pentest+
  • CompTIA CySA+
  • Joint Cyber Analysis CourseDoD · 2019

Education

  • M.S., Information Security EngineeringSANS Technology Institute · Expected 2028
  • B.S., Business AdministrationPost University · 2019
  • A.A.S., Intelligence Operations StudiesCochise College · 2019
  • A.A., Persian-FarsiDefense Language Institute · 2014
§ V

Practice Areas

Training & Enablement
Curriculum lifecycle ownership · Needs analysis · Assessment framework design (DoD JQR/JQS) · SME collaboration · AI-assisted content development
Cyber Operations
SOC workflows · Incident response · Splunk SIEM · MITRE ATT&CK · Vulnerability assessment · Digital forensics · Network defense
Infrastructure
Terraform · Packer · Ansible · Docker · Proxmox VE · VMware · ZFS · Git/GitHub
Scripting
Python · Bash · PowerShell · Go · C (10+ years)
Systems
Windows Server · Windows 10/11 · Ubuntu · Debian · Kali · Unix · Application behavior & network traffic analysis
Language
Persian-Farsi (DLI-trained)

"Training programs only matter when they change what happens on a shift."

Get in touch GitHub