Daniel Redfern Email & Phone Number

New York, United States

New York, NY, US

New York, NY, US

• Coordinated Governance, Risk, and Compliance (GRC) and Identity and Access Management (IDAM) programs, ensuring regulatory compliance. Oversawthe change management process to address security gaps, perform gap.
• Managed third-party vendor management and spearheaded the development of an automated risk assessment engine to quantify and mitigate risks.
• Led the transition assessment from PCI-DSS 3.2.1 to 4.0, ensuring continual compliance by integrating critical security frameworks and standards such as CSF, CIS, ISO 27001, and NIST.
• Managed risks related to vulnerability assessments through the use of Rapid7 tools for scanning, prioritizing, and mitigating vulnerabilities.
• Conducted forensic investigations for legal subpoenas, securing admissible evidence, and incorporating Splunk for comprehensive auditing and analysis.
• Orchestrated forensic investigations using Splunk to secure legally admissible evidence, adhering to technology controls and compliance requirements. Successfully resolved 15+ cases, improving investigation efficiency.

New York, US

• Directed a significant segment (~20%) of the professional services team, specializing in governance solutions across various industries.
• Proficient in cryptography and key exchange protocols, specializing in securing end-to-end communication
• Developed and deployed Java and Python-based RESTful APIs for automated data provisioning and efficient batch processing.
• Managed client-side security measures including REST TLS certificate management, authentication protocols, and PGP key management
• Leading vulnerability remediation projects, notably for CVE-2021-44832 and CVE-2021-44228.
• Overseeing malware defense integration using Symantec and Broadcom technologies.

New York, NY, US

• Reported directly to the CIO, often interfaced with C-level and executive directors as a technical and compliance advisor.
• Manager of a small group of technical engineers responsible for delivering the strategic IT architecture
• Led the strategy of the enterprise Identity and Access Management (IAM) system, supporting over 100,000 users and enhancing security across the organization, improving efficiency, resiliency, and scalability to meet.
• Systematically re-designed the identity management solution into a streamlined and improved resiliency service
• Advisory for IT strategy alignment to support the business deliverables/objects to the Board-level committee
• Pioneered the IAM middleware stack program at this non-profit educational

• Directed a significant segment (~20%) of the professional services team, specializing in governance solutions across various industries.
• Led comprehensive architectural evaluations of enterprise platforms, including authentication mechanisms like Single Sign-On (SSO), SAML, transaction data signing, both hard and soft One-Time Passwords (OTP), LDAP, and.
• Delivered expert advisory services to ensure HIPAA Title II compliance, developing and implementing robust policies and procedures to protect the privacy and security of sensitive healthcare information.
• Delivered guidance on compliance with SOX and NERC standards, focusing on SOX Section 302 and NERC CIP 007.x requirements, enhancing corporate responsibility for financial reporting and critical infrastructure.
• Technical advisor to VPs, CTOs, and CISOs, offering strategic insights and recommendations for integrating and enhancing enterprise applications. Program lead, overseeing a fifth of the professional services team group.
• Conducted comprehensive architectural reviews of enterprise platforms, encompassing authentication systems such as single sign-on (SSO), SAML, transaction data signing, hard/soft One-Time Password (OTP), LDAP, mobile.

Navi Mumbai, Maharashtra, IN

• Managed five professional services experts specializing in GRC and IAM, leading global IT Professional Services consulting firm, growing to 650 professionals.
• Orchestrated identity governance projects across US and APAC regions, focusing on user attestation, comprehensive identity management, and secure mobile authorization.
• Coordinated pre-sales and post-sales activities, including developing service level agreements (SLAs) and crafting compelling pre-sale materials to support business development.

Austin, Texas, US

After entering Oracle through acquisition, I continued as a technical lead on a number identity management and compliance engagements across the EMEA region. Extending roles included a high number technical knowledge transfer sessions within Europe, PS engagements and delivering IT-GRC PoC's for a number of European financial companies

Palo Alto, CA, US

Specializing in Identity Compliance and Enterprise Role management lifecycle within the EMEA identity team performing PoC's, technical lead for production deployments, 'best practice' solutions and tech lead for Sun internals, customers and Sun partners. Often responsible for providing integration solutions and technical expertise on large-scale projects.

GB

Main responsibility was providing 3rd line support focusing on Cisco network security and automated software patching. The environment included 200+ networked Troubleshooting with computers, printers, interactive whiteboards, switches/router connections and software. Assist with tasks and projects related with technology and communicating with the school.