Fred Blaise Email & Phone Number
@thomsonreuters.com
3 phones found area 213 and 121
LinkedIn matched
Who is Fred Blaise? Overview
A concise factual answer block for searchers comparing this professional profile.
Fred Blaise is listed as Product Security / Security Engineering at Light Frame, based in Leysin, Vaud, Switzerland. AeroLeads shows a work email signal at thomsonreuters.com, phone signal with area code 213, 121, and a matched LinkedIn profile for Fred Blaise.
Fred Blaise previously worked as Special Advisor at Secureflag and Senior Director, Product Security at Thomson Reuters. Fred Blaise holds Master Of Science, Computer Information Systems from Boston University.
Email format at Light Frame
This section adds company-level context without repeating Fred Blaise's masked contact details.
AeroLeads found 1 current-domain work email signal for Fred Blaise. Compare company email patterns before reaching out.
About Fred Blaise
Results-oriented engineering leader with a proven track record in building and scaling high-performing Product Security teams, and implementing DevSecOps paradigms in engineering workflows. Passionate about bridging the gap between security and product teams through innovative solutions and a culture of security by design. Secure AI is, as for many, a focus area of learning.Key strengths include:- Leadership: Proven ability to build, sustain, inspire and motivate teams to achieve exceptional results, while making them autonomous.- DevSecOps Transformation: Find the best ways to implement DevSecOps practices to accelerate software delivery while enhancing security posture.- Cloud-native security: Expertise in designing, implementing, and managing security controls across cloud-native environments.- Security by design: Proactive identification and mitigation of security risks through pragmatic threat modeling processes.- Secure education: Deep experience in rolling out enterprise-wide secure development trainings that can easily fit within the agile spirit.- Security champions: Enough failures and experience to aim for a win next time around!- Bug Bounties: Ran multiple Vulnerability Disclosure Programs (VDPs), private and time-boxed bug bounties.- Open-Source Advocacy: Strong advocate for open-source technologies and their role in driving innovation.Looking for opportunities to leverage my skills and experience to drive security and innovation at a dynamic organization.Certifications: CISSP, CISM, Certified Kubernetes Administrator and Security Specialist, AWS Security Specialist and many others not renewed.
Listed skills include Linux, System Administration, Integration, Unix, and 49 others.
Fred Blaise's current company
Company context helps verify the profile and gives searchers a useful next step.
Fred Blaise work experience
A career timeline built from the work history available for this profile.
Senior Director, Product Security
Reporting to the CISO, led a global 40+ kick-ass product security team (Enterprise Vulnerability Management, AppSec, Pentest, Software and Data Engineering) responsible for securing over 400 applications and empowering over 4000 engineers. Successfully drove product security maturity and implemented innovative security initiatives, including:- Strategic Planning: Developed a 3-year roadmap aligned with NIST CSF and CMMI standards to enhance product security and succesfully met defined targets.- Leadership Development: Nurtured and empowered a team of talented security leaders to drive results.- Vulnerability Management: Comprehensive vulnerability management program, covering 140K+ assets across on-prem and 4 cloud environments.- Security Posture Assessment: Oversaw development of comprehensive security assessment platform for product leaders to track progress, prioritize investments, and access security services.- Security Champions Program: Drove program with the ambitious goal of having a security advocate in over 800 teams. Fell short, but learned a lot.- Secure Development Training: Delivered engaging, hands-on security training to over 4000 engineers, driving wide adoption.- Security toolchain development and optimization: Worked on secure paved roads to embed S-SDLC activities in-band of engineering work.- Penetration Testing: Revamped the pentesting process to improve efficiency, precision, and adherence to financial targets.- Managed Vulnerability Disclosure Program (VDP) and time-boxed bug bounties.- Worked on CISA self-attestations, leveraging OWASP SAMM and NIST SSDF.
Owasp Defectdojo Maintainer
Contributed to the DefectDojo open-source vulnerability management tool for 3 years. Developed features, reviewed code, improved CI integration, provided community support, and contributed to governance. Recognized for my contributions to the Hall of Fame: https://github.com/defectDojo/django-DefectDojo/#hall-of-fame
Director, Product Security
Multi-faceted and transverse role heading security engineering within a critical software vertical, with the most popular open-source CI/CD engine (Jenkins) as well as for all CloudBees self-managed and commercial SaaS products.- Team Leadership: Led the Jenkins Security and Product Security teams to deliver outsized results.- Security Champions Program: Empowered engineers across product teams to become security advocates and drive a culture of security.- Cloud Security: Collaborated with operations teams to ensure robust cloud security posture on AWS and GCP.- DevSecOps: Strengthened the Security Development Lifecycle (SDL) through tailored processes and the use of the SAMM maturity model.- Risk Management and security by design: Adapting pragmatic risk assessment/threat modeling as well as risk acceptance to Product Teams workflows.- Vulnerability Management: Developed centralized, automated processes for ingesting and processing security vulnerability scans to improve visibility and enable proactive response using DefectDojo.- Incident Response: Established and led the PSIRT to effectively manage security incidents.- Security Training: Provided hands-on secure development training to foster a culture of continuous learning.- Security Program Management: Overseen security programs, bug bounties, and penetration testing initiatives.- Compliance: Managed SOC2 Type 2 compliance for SaaS products.- Product Security Integration: Collaborated with product management to ensure security was a top priority in product development.Technical Expertise:- CI/CD Tools: Deep understanding of Jenkins and other CI/CD technologies.- Infrastructure as Code: Proficiency in Terraform and cloud infrastructure management.- DevOps Tools: Experience with Kubernetes, Helm, Git, Python, and shell scripting.- Cloud Platforms: Expertise in AWS and GCP.
Devsecops Lausanne Meetup Organizer
Security Engineering Manager
Digital - Systems and Data Security, insufflating Sec in DevOps.- Bringing security throughout the SDLC- AWS security- Risk Management and assessment with engineering in mind- Compliance as code- Secrets management
Head Of Engineering (Infra & Ops)
Leading the global infrastructure & delivery engineering and operations, working with our Managed Security Services architecture and analysts teams, as well as software engineering teams.All carried out by one solid team of top engineers and supporting upper management, and continuing from previous role:* Recognized internal transformational leader, seeding and spreading cultural change across the organization and legacy product units of mother company.* Define and drive vision and implementation of the DevSecOps track, to secure KS infrastructure (VMware, AWS, Openstack) and our integration pipelines starting with people awareness, best infra-as-code practices (i.e. openscap integration to puppet/foreman) to specialized tooling such as JFrog Xray, Hashicorp Vault, Cilium, netflix security monkey and more.* DR on-demand mixing hybrid technologies and use of pipelines for best RTO/RPO at lowest costs.* Involved in the solutions development of our security portoflio, including Managed Security Services.* Keep hands dirty in most bleeding-edge cloud-native stacks to remain a trusted advisor to the engineering teams.* Part of the ISO 27001 [re]certification effort.* Manage the budget in relation with global I&O activities* Manage talents and working with HR to help further identify potentials, identify better ways to train employees and share knowledge.* Created the DevSecOps meetup in Lausanne, to promote awareness and encourage practice sharing.
Tech Lead, Devops Infra & Delivery Engineering
* Lead the global Dev[Sec]Ops infra engineering team (12+ people and growing in Switzerland and the USA) focused on providing state of the art infrastructure and delivery engineering for several solutions/development teams across Switzerland, the USA and India.* Increase infrastructure agility applying Kanban and agile principles, through architecture simplification, standardization and automation, while intrinsically promoting security.* Industrialization and automation of infrastructure deployments with puppet/foreman/katello and Jenkins, managing data centers in Switzerland and the USA.* Promoting and implementing infra as code, such as leveraging git and merge requests workflows, implementing in-band processes, and using jenkins to orchestrate delivery and deployments.* Improve collaboration and cross-team practices sharing, e.g. through internal meetups, ad-hoc training and by continually promoting a DevOps mindset.* Implemented global Zabbix monitoring deployment across hybrid platforms, creating and managing custom templates through git workflows.* Implemented Graylog as a central logging infrastructure, along with DMZ Kafka clusters to allow for semi-trusted log sources, as well as leveraging the alerts mechanism for java applications. Used to enhance ability of engineering teams to preempt problems, regular ops needs, or post-mortem analysis.* Promoted docker to first-class citizen, along with Kubernetes.Keywords used: DevOps, DevSecOps, agile, Infrastructure as code, Ansible, Puppet, Katello, Jenkins, SonarQube, git, Mattermost, Artifactory, Elasticsearch, graylog, nginx, scrum master, kanban, Cumulus linux, network, Linux, openstack, docker, kubernetes, kafka, zookeeper.
Senior Security Consultant
- Solution architecture and pre-sales activities- Log analytics / SIEM
Co-Organizer Soft-Shake.Ch
Senior Technology Officer
Gottex Brokers is a leading interbank and institutional broker.Gottex Brokers has offices in Switzerland, Sweden and New York.Manage the R&D and infrastructure teams to:- Lead the IT transformation to embrace new regulatory changes impacting Gottex Brokers' industry (I.e., full revamp of HA infrastructure/network and move to a data center, network MPLS cloud, virtualization, Unified Communications)- Meet increasing demands of the business for rapid solution deployment through increased cross-departmental integration and communication (I.e., shared CI responsibilities, new environments)- Increased IT operations effectiveness through solid deployment, best practices, automation, monitoring and agility (I.e., Implemented ELK stack for application monitoring, zabbix, use of ansible for configuration management)- Define, boost the efficacy and efficiency of processes across all business units to strive for operational excellence. Implemented new business processes through BPM to also provide for audit trails and easier reporting.- Sustain the technology vision in relation with the business objectives.- Vendors management.- Manage external IT consultants recruiting and supervision.- Manage the budgets.Keywords: IT transformation, data center, network, virtualization, DevOps, Unified Communications, noSQL, middleware, management, project management, business analysis, vendor management, Bonita BPM, operational excellence, operational analytics, reporting, BCP, DRP.
Senior Technology Officer
Gottex Brokers Alternative, Gottex Brokers' specialized entity, acts as a leading broker in the secondary market for alternative investments.
Senior Systems Engineer - Lead Core Banking Integration
MIG Bank was acquired by Swissquote late 2013.Swissquote Group is Switzerland's leading provider of online financial and trading services.- Lead administrator and project manager on Unix, Linux, SAN and databases environments- Lead SRE for Core Banking and back/middle office applications- Lead integration architect between Core Banking applications, corporate enterprise softwares and trading platforms (i.e., automated STP funds payment system, mirroring of FX positions from trading platform in core banking platform)- Expert on Apsys integration.Keywords: Ambit Private Banking (APSYS), MetaTrader, pSeries, AIX, Linux, SAN, capacity planning, data center, Netapp, SMO, Oracle 11g, MySQL, CRM, legal reporting, Talend Data Integration, Forex, CFD, Options, ETL, lean processes, automation, java, shell scripting, DRP.
Senior Systems Engineer - Core Banking Integration
Catella Bank provides customised wealth management to corporations, institutions and individuals requiring active independent advice and management. Catella also offers other banks complete card programmes under its own Visa and MasterCard licenses. Catella provides all services including clearing for Visa and MasterCard, card branding, billing, risk monitoring and customer services in-house.- Part of the on-call team for credit card systems and databases to maintain our SLA around the clock, 365 days a year, 24h/24.- Core Banking administrator responsible for Apsys and full fledged Stelink/SWIFT infrastructures, BCP and DRP.- Led and implemented data integration projects related to financial flows and processes (FX, SWIFT) (Talend/Kettle, JMS, java development, WIFE)- Integration of Apsys with DMS (Alfresco) via Java API. Deployed Alfresco HA cluster, development of custom models and small developments.- Linux/AIX pSeries/SAN administration- Virtualization (Xen, POWER)- Database admin (Oracle, mysql, postgresql)- Other duties related to infrastructure (Backup, email, monitoring, etc..) and integration of heterogeneous systems.
Systems Engineer
- Instructor for custom Linux courses, and Novell Linux courses curriculum.- Novell ZenWorks Asset Management, ZenWorks for Desktops and ZenWorks for Linux Management analysis. Enhancements to the ZDM linux initrd image and scripts for fully automating imaging of over 1500 workstations.- Windows to Linux infrastructure migration (AD/Exchange to Debian/openLDAP/samba/Open-Xchange), LDAP schema extension, perl scripts sets to ease migration and administration.- Java development with Tomcat- eDirectory LDAP programming (Java, C#)- Internal telephony migration from proprietary PABX and ISDN, towards Asterisk and VoIP.- Database administration (Oracle in particular)
Systems Administrator
- Installation, administration of BSD/OS, Linux Debian and Windows/Exchange 2000 servers.- Administration of iptables, apache, tomcat/JK, freeradius, postfix, cyrus, mysql and postgresql.- Implemented fault/availability monitoring solution using Nagios, snmp, snmptt, alerting with emails, SMS and IVR. Work includes custom perl and python scripts.- Implemented trend monitoring for capacity planning using Cacti/RRDtool.- Initiated, implemented and administrated the use of ticketing and knowledge base systems using eGroupware, bug tracking using Mantis, and version control with Subversion.
Tivoli Administrator/Systems Programmer
- Lead several projects impacting quality of company-wide systems (fault/availability), ie, bringing successful payment transactions rates from ~70% to ~99%.- Tivoli administrator (in AIX environment): Distributed Monitoring, TEC, Framework.AIX and RedHat systems administration for day to day maintenance tasks, backups, involving shell and perl scripting for tasks automation + Sendmail/postfix, Apache, iptables, CVS, samba and other services.- Oracle (8i/9i) and MySQL databases administration.- Wrote complex/distributed Perl/CGI programs for system automation and fault/availability/trend monitoring and capacity planning.
Systems Administrator/Consultant
Linux and Windows servers administration, Citrix administration and NFuse customization.
Fred Blaise education
Master Of Science, Computer Information Systems
Bachelor, Computer Information Systems
Bac, Philosophy, Literature And Languages
Frequently asked questions about Fred Blaise
Quick answers generated from the profile data available on this page.
What company does Fred Blaise work for?
Fred Blaise works for Light Frame.
What is Fred Blaise's role at Light Frame?
Fred Blaise is listed as Product Security / Security Engineering at Light Frame.
What is Fred Blaise's email address?
AeroLeads has found 1 work email signal at @thomsonreuters.com for Fred Blaise at Light Frame.
What is Fred Blaise's phone number?
AeroLeads has found 3 phone signal(s) with area code 213, 121 for Fred Blaise at Light Frame.
Where is Fred Blaise based?
Fred Blaise is based in Leysin, Vaud, Switzerland while working with Light Frame.
What companies has Fred Blaise worked for?
Fred Blaise has worked for Light Frame, Secureflag, Thomson Reuters, Owasp Foundation, and Cloudbees.
How can I contact Fred Blaise?
You can use AeroLeads to view verified contact signals for Fred Blaise at Light Frame, including work email, phone, and LinkedIn data when available.
What schools did Fred Blaise attend?
Fred Blaise holds Master Of Science, Computer Information Systems from Boston University.
What skills is Fred Blaise known for?
Fred Blaise is listed with skills including Linux, System Administration, Integration, Unix, Apache, Windows Server, Mysql, and Oracle.
Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.
Start free trial