David Eason Email & Phone Number

Denver, CO, US

Denver Metropolitan Area

• I architected and implemented the company's DevSecOps standards and tooling related to secure application development. This reduced the company’s cybersecurity portfolio vulnerabilities 96% while demonstrating DoD.
• Implemented security tooling with containers, deployed using infrastructure as code (IaC via Docker, Ansible, Terraform) into ESXi VMs and AWS.
• Alerted developers and tool maintainers to compliance, STIG, and CVE problems.
• Scans included compliance (ACAS), static (SAST), dynamic (DAST), policy as code (PAC), and software component analysis (SCA).
• Established supply-chain transparency and dependency checks through automated software bill of materials (SBOM) generation, OSINT CVE ingestion, and analysis.
• Reduced vulnerabilities through automated feedback from the pipelined PAC enforcement.

Stamford, Connecticut, US

• Protected critical infrastructure, services, and customers from cyber threats by creating, improving, and using tools and processes to quickly detect and respond to external security incidents, minimize data loss.
• Lead Tier 1 basic and advanced training on incident response, detailed ticket activities, automation, and process improvements for 14 Cyber Defense Center staff.
• Evaluated governance risk and compliance (GRC) solutions to help achieve PCI-DSS compliance and prioritize efforts to reduce cyber risk across the enterprise.
• Hunted for shadow IT during penetration testing efforts in a senior Risk and Threat Management (RTM) team during the early phase of the COVID pandemic.
• Configured and tuned intrusion detection and prevention tools using Splunk to identify anomalous user and system behavior, generate reports, and throw actionable alerts.
• Created and maintained automation tools to increase incident response speed by over 90%.

Stamford, Connecticut, US

• Created and executed processes to manage multiple release trains through test environments to prepare for safe, repeatable, well-documented production deployments. This supported Charter’s rollout of Spectrum releases.
• Created key DevOps processes to manage, control, plan, and record current and planned future environment states for concurrent release trains and programs. This assisted program management, test leads, and lab staff.
• Gathered metrics to assist program managers with release planning, such as estimating the time needed during test cycles to do point releases to fix launch-gating bugs.
• Conducted detailed reviews of deployment plans, including staging, pre-checks, deployment, validation, and rollback planning.
• Coordinated release packaging, testing, and deployment across multiple teams, meeting daily with project and program managers and leaders of development, test, and infrastructure.
• Established and documented gating requirements for release trains and environment changes, with due consideration to service level agreements, regulatory requirements, and user needs.

• Architected and automated release and code management processes and managed the source code security for over 50 release trains, 600 git and subversion repositories, and 1000 developers and testers worldwide in a.
• Identity, access, and credential management: created and managed the source code access provisioning lifecycle and account monitoring and auditing standards and systems for 1000 developers and QA staff. Architected.
• Security and risk management: documented, implemented, and audited company security policies related to source code access, such as restricting proprietary code by company or countries and limiting exports of strong.
• Security architecture and engineering: setup remote logging and log monitoring (SIEM) for intrusion detection (IDS). Tuned credential caching and improved LDAP integration.
• Communication and network security: configured firewalls and load balancers to increase infrastructure reliability and security. Created an IDS to monitor firewall, load balancer, and application logs.

Ms, Computer Science

Graduate Certificate, Cybersecurity

Bs, Psychology