Deputy Ciso
CurrentBuilt an organization to collaborate with product and engineering on secure systems design, report on security risks and mitigation plans, establish a framework for data governance, obtain industry security compliance certifications, and engage with customers to give them confidence in the security program• Ensured the security and resilience of Fastly products and services by leading proactive design evaluations and threat modeling exercises throughout the SDLC• Designed and implemented a security risk management program that resulted in quantification of security risks, risk mitigation tracking, and engagement of the right individuals to ensure informed risk-treatment decisions • Led Fastly’s first, and now continual, security program maturity assessment relative to the NIST Cybersecurity Framework and reported on progress to the board• Partnered with the Compliance organization to drive the process and control improvements needed for ISO 27001, PCI-DSS, SOC2, and GDPR certifications• Conducted multiple due-diligence security assessments of organizations in contention for M&A activity• Enabled meaningful risk reduction by driving initiatives around endpoint protection, cloud security architecture, secrets management, modern authentication design, etc.