Brian Hanson Email & Phone Number

California, United States

San Francisco, California, US

• Successfully designed, implemented, and achieved certification for the 270+ controls for HITRUST.
• Successfully turned around struggling cyber security program to an average 4.0 SAMM maturity in less than two years.
• Enhanced core business product security posture to include authentication, authorization, registration flows, non-repudiation, auditing, API security and mobile security.
• Delivered business continuity program with business resilient 3-2-1 backup strategy and tested operational procedures.

Washington, D.C., US

• Oversaw the end-to-end security buildout and operations for one of the fastest growing companies in the world.
• Built and operationalized a complete security program from scratch during tremendous company growth of 300 to 4000+ employees and operational expansion into 11 countries in just over a year.
• Built security into manufacturing and supply chains across four countries to include fraud prevention and data protection.

Newbury, Berkshire, GB

• (Merged from HPE)Directed complete Cyber Security stack for seventh largest pure software company with $4.5B in revenue and a global presence.
• Managed end to end security of 17,500 employees, 200 products and over 130 facilities (labs, datacenters and office space)
• Developed a strategy and framework that allowed the organization and products to get ISO 27001/27002 certified, SOC2 certified and prepared for GDPR.
• Merged two separate companies’ security organizations people, process and technology resulting in increased efficiency and reduced cost by 20%.

Houston, Texas, US

• Collaborated with product engineers and developers on security concerns for all projects to evaluate security assurance and compliance. Presented Information Security topics to senior leadership, department heads and.
• Built complete cyber security program for HP Software to include Security Operations, Assessment, Governance, Risk and Compliance, 24/7/365 SOC and related processes.
• Managed security related merger and acquisition risk to include HP separation into two fortune 50 organizations, 110,000 employee services divesture to CSC, 15,000 employee divesture to Micro Focus, Aruba acquisition.
• Successfully built from scratch a team of 84 highly effective security professionals and developed a program to apply and test security prior to production all of HP products.
• Increased business sales by demonstrating security assurance practices, met customer regulatory obligations (PCI, SOX, etc.) and proving to customer’s security was “built in”.

Tokyo, JP

• Responsible for end-to-end cyber and physical security in the areas of information asset management, risk and vulnerability management, audit & compliance, and general security awareness for the Sony Network.
• Presented to board on quarterly basis on security ROI, residual risks, and security posture of organization.
• Applied product security program proactively on an extremely diverse set of platforms to include the Sony Entertainment Network, PlayStation, Music and Video streaming services, online gaming, mobile, and various.

Oakland, California, US

• The primary role of this position is to understand emerging threats to the organizations in a 1-3 year time frame and proactively develop and operationalize the capabilities that will protect the data, brand and.
• Created and led the team to develop the security architecture and detailed security design for Kaiser Permanente’s primary strategic initiative – the online medical record.
• Defined offshore security controls for KP and partnered with multiple offshore organizations to meet those controls. Developed repeatable security patterns to how electronic medical information and other sensitive data.
• Defined, documented, implemented and passed multiple control objectives for SOX, PCI, and HIPAA providing business benefit and cost avoidance.

Executive Strategy Certification (1 Year), Executive Strategy

B.S., Business Administration - Management Information Systems