Daniel Rathbun Email & Phone Number

Cedarville, OH, US

New York, US

Oxford, MA, US

• Developed a risk-based security program and operational capabilities as the inaugural CISO, safeguarding critical data and manufacturing processes. Spearheaded the transition to a hybrid workforce by deploying.
• Spearheaded recovery efforts during a major ransomware attack involving extensive operational disruption. Restored Active Directory and recovered over 600 servers. Led daily briefings with senior executives throughout.
• Implemented a security operations program following a major ransomware attack. Produced a root cause analysis and a strategic two-year roadmap. Established an incident response framework, 24x7 Security Operations.
• Oversaw a $2.4M budget and managed a global team of 6 direct and 52 dotted-line resources, ensuring effective resource allocation and team performance.
• Boosted revenue from the sale of small-value parts and consumables by 20% YoY through the development and implementation of a security plan which enabled a new B2B eCommerce platform.
• Established a global security program as per the NIST Cybersecurity Framework and ISO-27001 (for the European division), enforcing security measures across the organization.

Andover, MA, US

• In this role as the first CISO, I crafted a risk-based cybersecurity program to secure the business. Streamlined financial oversight and managed a $4.8M budget, supervising 3 direct reports and 45 dotted-line resources.
• Established a governance, risk, and compliance program (GRC) to ensure regulatory requirements were met. This included SOX, NIST SP800-171, FDA 21 CFR Part 11, GDPR, and other relevant data privacy laws.
• Achieved a 70% reduction in susceptibility to phishing scams by executing a phishing awareness program that was complemented by targeted training for high-risk business units.
• Launched new security programs, including privileged account management, vulnerability management, incident response, threat intelligence, risk management, security monitoring & analytics, strong authentication, device.
• Secured CNC machines, temperature chambers, pick-and-place machines, and other manufacturing equipment through the implementation of network segmentation utilizing firewalls, network access controls, and privileged.
• Served as the cybersecurity liaison with prime defense contractors, including Lockheed Martin, Raytheon, Northrop Grumman, Boeing and others. Communicated Mercury’s security posture and DFARS compliance status in the.

Dallas, Texas, US

• As the inaugural CISO for AECOM, I implemented a tailored, risk-based cybersecurity program based on ISO-27001 to safeguard the company's global operations. I introduced a cyber-threat intelligence strategy to support.
• Attained heightened resilience and reduced cyber risk by steering the global cybersecurity strategy, and aligning it with investment priorities to optimize resource utilization.
• Achieved a 45% annual cost reduction by consolidating 14 legacy antivirus programs from various M&A companies into a unified anti-malware platform.
• Strengthened security posture by establishing a metrics program with clear performance goals and assigning owners for all necessary actions, which increased patch compliance by 172% and antivirus coverage by 51%.
• Successfully advocated for cybersecurity to be included among the top 10 risks tracked by the Enterprise Risk Management team.
• Led a cross-functional cybersecurity steering committee, recommended investments, and oversaw governance of strategic security projects.

Dallas, Texas, US

• Entrusted with creating the first cybersecurity program for ENSR.
• Company went on to be acquired by AECOM and I was promoted to CISO of AECOM.