Aaron Bryson Email & Phone Number

Seattle, WA, US

• Bezos Academy is building a network of tuition-free, Montessori-inspired preschools in under-resourced communities. Our preschools offer year-round programming, five days a week, for children ages 3-5.About my role:
• Develop DevSecOps capabilities, including identifying security scanning tools (SAST, DAST, IAST, SCA, RASP) to be integrated into Software Development Lifecycle (SDLC) processes, including CI/CD pipelines.
• Design and guide the implementation of secure SDLC best practices and tools, including threat modeling, architecture, design and code review security checklists, secured software supply chain, and vulnerability.
• Lead incident response activities to investigate security incidents and implement remediation plans.
• Conduct regular security assessments (fuzzing, penetration tests, red teaming) and audits on security design to identify vulnerabilities, assess security risk, and develop design and mitigation strategies.
• Create system threat models for mobile and web software applications we are building.

Remote, California, US

• Managed the Blue Lava security program and achieved the following:
• Reduce operational spending and overhead, managed budget
• Improve business and engineering/product team agility through security enablement and faster processes
• Did more with less
• Consolidated tools and licensing
• Improved technology and increased automation Increased visibility, detection, monitoring, and auditing capabilities

Waterloo, Ontario, CA

• A heavy amount of customer and client-facing experience was involved which included contract negotiations and writing, requests for proposals, statements of work, and client deliverables. In addition, it included.
• Network Security
• Logging and Monitoring
• Identity and Access Control
• Data Protection
• Vulnerability Management

Waterloo, Ontario, CA

An initial key hire for building the security consulting practice; made Cylance's first $1. I consulted directly for Cylance and BlackBerry's clients from every industry vertical worldwide, including many Fortune 500s. Responsibilities included security, privacy, compliance, risk, and product engineering. Cylance® was one of the fastest-growing companies.

Austin, TX, US

• Saved a high-profile and high-value customer deal in excess of $20,000,000 leading to contact renewal and a new and improved partner relationship by working directly with their CISO. Put at numerous client-facing fires.
• Help to drive the enterprise architecture vision, service & application designs, security protocol designs, and engineering to deliver the most secure Mobile Application Development Platform (MADP) and Mobile.
• Closely collaborate with the stakeholders, architects, and engineering teams and drive key security design choices made in the implementation of the product.
• Identify and anticipate security solution requirements based on tactics, techniques, and procedures of adversaries. Conceptualize and evolve enterprise security architectures for Kony’s solutions.
• Lead and drive the security technology & architectural aspects of the product roadmap to enable building usable and secure solutions. We created a more secure, efficient, transparent, and customer-friendly product.
• Worked with product management and engineering to achieve industry leadership recognition by Gartner Magic Quadrant for Mobile Application Development Platforms & Forrester in the Forrester Wave: Mobile Low-Code.

Burlington, Massachusetts, US

• Veracode Manual Penetration Testing (MPT) complements their automated scanning technologies with best-in-class penetration testing services to find business logic and other complex vulnerabilities in the web, mobile.
• Assisted many Veracode clients in the management and operation of their application security programs
• Responsible for research of vulnerabilities in software, firmware, and devices, and modern exploits and exploitation techniques. Developing proof-of-concept attacks, analysis of emerging threats, and research of.
• Developed security testing tools as well as presented research results at conferences
• Responsibilities included threat assessment, vulnerability assessment, penetration testing, architecture and design security reviews, and design of security components to ensure the security of products, technologies.
• Maintain continuous and substantial knowledge of state-of-the-art security principles, theories, and attacks

San Jose, California, US

• Provided subject matter expertise and acted as a trusted advisor on cybersecurity. Using our Enterprise consultative mindset and approach, we partnered with our clients to design solution architecture and evangelize.
• Taught Foundstone Ultimate Hacking series of hands-on classes to organizations in both the private and public sector
• Supported the sales team with the identification and development of professional service opportunities for McAfee and business partners
• Understanding enterprise security strategy and where it fits within an organization enabled us to meet the client's business goals and requirements.
• Understanding market issues and trends affecting business and the use of IT/OT within various sectors
• Maintained and expand client contact at high levels and build credible relationships with key client personnel.

Gosu Security is an experienced security consulting firm providing cyber, information, and application security services to clients in many industries. Our seamless integration of functional expertise and deep industry knowledge is the key to our client services. We provide the following services:► Virtual CISO (vCISO) services► Web/Mobile/IoT/Application.

San Jose, CA, US

• Protect company assets and ensure business continuity
• Fraud and risk management
• Work with architects and DevOpsSec to build the corporate application security program and develop secure software development lifecycle (SDLC) practices
• Provide black-box and white-box web application/web service penetration testing services to large enterprise customers, partners, acquisitions, and Cisco
• Present to technical management and senior executives
• Develop and maintain methodologies and software tools to enhance Cisco penetration testing services and vulnerability management program.

San Jose, CA, US

• Conduct application penetration testing and assessments
• Conduct wireless penetration testing and provide other advanced security services to Fortune 100 customersMade the impossible possible with a team of amazing and talented engineers

San Jose, CA, US

• Answer technical and procedural questions for less experienced team members and provide mentorship
• Enhance and implement new processes
• Determine security requirements by evaluating business strategies and requirements
• Research information security standards
• Conduct system security and vulnerability analyses and risk assessments; research architecture/platform requirements; identify integration issues; prepare cost estimates and project plan
• Implement IPS/IDS technology for Cisco and customers

Patuxent River, Maryland, US

NAVAL AIR WARFARE CENTER - WEAPONS DIVISION (NAWCWD) CENTER FOR ASYMMETRIC WARFARE (CAW)The Center for Asymmetric Warfare (CAW) provides testing, training, and experimentation support for Department of Defense expeditionary forces to prepare them to counter the effects of asymmetric warfare. We exercise large-scale "multi-agency, multi-level" events.