Raymond C. Borges Hink

Research Associate - Cyber for Power & Energy Systems

Oak Ridge National Laboratory - PhD student @WVU

Bio

Raymond is a Information Assurance Research Scientist at Oak Ridge National Laboratory (ORNL) specialized in Cybersecurity, Digital Forensics and Machine Learning. Here he serves as an associate researcher and Co-PI for several efforts in the area of cyber-physical system security. He has a B.S. in Computer Software Eng. and and M.S. in Information Assurance. He works on developing analytics for distributed systems, digital twins and anomaly detection algorithms that can differentiate between natural faults/failures and cyber-attacks in energy delivery systems. Raymond works in collaboration with DUKE, EPB, the US Office of Electricity and the DHS Science and Technology Directorate. He's currently finishing his PhD at West Virginia University. Coordinates red-team efforts for the CyberForce competition at ORNL and is an avid astronomy aficionado. Raymond is a Certified Scrum Master, CompTIA Network+, A+, Security+ (expired), Microsoft Certified Technology Specialist ( MCTS) and is currently preparing for the Offensive Security Certified Professional (OSCP) exam.

See my current research projects

Past and current certifications

CURRENT- Scrum is part of the Agile movement. Agile is a response to the failure of the dominant software development project management paradigms (including waterfall) and borrows many principles from lean manufacturing. In 2001, 17 pioneers of similar methods met at the Snowbird Ski Resort in Utah and wrote the Agile Manifesto, a declaration of four values and twelve principles. As a Certified ScrumMaster® (CSM®), you’ll help the Scrum Team perform at their highest level. CSMs also protect the team from both internal and external distractions. Through the certification process, you will learn the Scrum framework and gain an understanding of team roles, events, and artifacts.

CURRENT- CompTIA Network+ earners who certified prior to January 1, 2011 have a Network+ considered good-for-life (GFL). It does not expire and does not have CE requirements. Earners of the CompTIA Network+ certification have the skills needed to troubleshoot, configure, and manage enterprise networks.

EXPIRED - Earners of the CompTIA Security+ certification have the knowledge and skills necessary to perform core security functions required of any cybersecurity role. CompTIA Security+ professionals know how to identify and address potential threats, attacks and vulnerabilities and they have established techniques in risk management, risk mitigation, threat management and intrusion detection.

CURRENT- CompTIA A+ earners who certified between January 1993 and December 31, 2010, have an A+ considered good-for-life (GFL). It does not expire and does not have CE requirements. Earners of the CompTIA A+ certification have validated skills in hardware repair and configuration, PC and peripheral troubleshooting, Windows operating system administration, and user support.

CURRENT - Windows Server 2012 - Microsoft Certified Technology Specialist certification proves your skills on a particular Microsoft technology, such as the Windows operating system, Microsoft Exchange Server, Microsoft SQL Server, or Microsoft Visual Studio. MCTS certifications are no longer in development.

Currently pursuing...

An OSWP, by definition, is able to identify existing vulnerabilities in 802.11 networks and execute organized attacks in a controlled and focused manner. An OSWP is able to circumvent various network security restrictions implemented on wireless networks, bypass them, and recover the encryption keys in use. The four hour examination also demonstrates that OSWP’s have a certain degree of persistence and determination and are able to perform under imposed time constraints.

An OSCP, by definition, is able to identify existing vulnerabilities and execute organized attacks in a controlled and focused manner, write simple Bash or Python scripts, modify existing exploit code to their advantage, perform network pivoting and data ex-filtration, and compromise poorly written PHP web applications.

see my Research