J. Scott A. Email and Phone Number
I have a confession to make. I am an insider threat.It’s true. I’m an insider threat. Have been my entire professional life. A hard pill to swallow, but there it is. It’s my truth. Thing is, if you’re reading this then it’s your truth, too. In fact, it’s true of anyone who has ever held a job. From those in the trenches to senior leaders, all the way up to the C-Suite, we all have what outsiders lack…authorized access. Whether it’s to spaces, data, systems, networks, or people, those on the inside are already over that first hurdle; the hardest one to bypass.We hear the word “threat” and think of bad guys w/ facial scars, in dark trench coats and sunglasses, skulking about back alleys waiting for their next victim. We don’t see ourselves as threats b/c, by-and-large, most of us go to work, do our jobs to the best of our abilities, take pride in what we do, and go on w/ life. In short, most of us aren't malicious threats to our employers. But, due to our placement, access, knowledge, and influence, there are plenty of chances for things to go sideways. A bad decision; poor business practices; poorly written policies; circumventing security controls, not to cause harm, but b/c those pesky obstacles designed to reduce the company’s risk exposure often hinder our abilities to take care of business timely and efficiently. That's not to say we should ignore external threats. In fact, sometimes malicious insiders have puppet masters guiding their actions. Nation states, hacktivist groups, even competitors, all know that it's easier to meet their goals if they have inside help. That's why disciplines such as cyber threat intelligence are so critical. If you don't know and understand your enemy's tactics, techniques, and procedures (TTP), it'll be difficult to know when you're dealing w/ more complex threats and where the gaps are in your defenses.I’ve spent almost two decades both responding to and looking for insider threat actors; those people whose decisions and actions create risk. I’ve learned to look past the technology to the people who use it in a way that opens organizations up to financial, reputational, operational, regulatory, and/or legal risks. I understand motivations, recognize potential risk indicators, and know how to differentiate between true bad guys and people who make bad decisions or fail to adhere to policy. I’ve been successful in helping to identify, mitigate and reduce risk.This is my passion.This is what I bring to the table. Email me at jsalston11@gmail.com.
Bank Of America
View- Website:
- bankofamerica.com
- Employees:
- 232061
-
Cyber Crime Defense Intake And Triage (Ccdi) AnalystBank Of AmericaPineville, Nc, Us
-
Cyber Crime Defense Intake & Triage (Ccdi) AnalystBank Of America Dec 2023 - PresentCharlotte, North Carolina, United StatesTriages and dispositions inbound security alerts generated in response to potential threats against BAC operations, its clientele, and/or its business partners.Conducts initial investigative due diligence on escalated threat events related to a variety of nefarious acts (e.g., cyber-crime, social engineering, alleged/suspected fraud).Orchestrates coordinated actions across BAC’S Cyber Crime Defense space to optimize incident response times, team collaboration, and remediation efforts.Leads investigative efforts against threat actors impersonating industry financial advisors online to facilitate website takedown and reporting.Responsible for creating and maintaining CCDI documentation (i.e., playbook, process guides, procedure manuals).
-
Information Security & Risk Management (Isrm)Johnson & Johnson Jun 2023 - Dec 2023Charlotte, North Carolina, United StatesServe as a liaison between the Janssen R&D (JRD)/Innovative Medicine (IM) group and J&J’s ISRM organization.Engage J&J Therapeutic Area (TA) senior leaders, Project Leads (PL), and Compound Development Team Leads (CDTL) to identify, assess, catalog, and track sensitive business matter (e.g., institutional knowledge, trade secrets, and patentable information; aka, Crown Jewels).Collaborate with network security and internal investigation teams on integrating the aforesaid sensitive data into tailored network security measures.Provide information security awareness briefings to TA stakeholders to foster security mindfulness and encourage safe data handling and best business practices.Create and present Crown Jewel Program informational security briefings for leadership and scientist engagements, highlighting threat actor tactics, techniques, and procedures (TTP) and explaining the threat landscape as it pertains to J&J. Create information security awareness online training modules, which are to be rolled out enterprise-wide in 2024.Evaluate J&J’s information security posture to identify gaps and recommend remediation.Responsible for team administrative functions (e.g., scheduling engagements, maintaining JRD/IM asset inventory, metrics).Partner with J&J Intellectual Property (IP) Legal Department, the Insider Risk Management Team (IRM), Data Protection Engineering (DPE) in safe data handling efforts.Facilitate creation of Asset Tracker tool to simplify information reporting and protection requirements via automation.Collaborate with IRM in the development of Insider Risk and Data Protection use cases for alerting.Engage business stakeholders regarding information or alerts reported by ISRM security teams to address security concerns and potentially nefarious activities. -
Insider Threat Operations InvestigatorMufg Dec 2020 - Jun 2022Charlotte, North Carolina, United StatesThis is the America's arm of Japan's largest bank, the fourth largest in the world in 2019. Enterprise Information Security is the firm's security apparatus, comprised of a network of cyber and information security disciplines dedicated to defending the bank and its customers against internal and external threats. Our Insider Threat Operations team provides investigative support to Privacy, Human Resources, Employee Relations, and the Legal department. -
Information Security Insider Threat Management SpecialistBank Of America Dec 2013 - Nov 2020Charlotte, North Carolina, United StatesBofA is the 2nd largest bank in the world, with over $2.5 trillion in assets. It also encompasses Merrill Lynch Wealth Management and U.S. Trust Capital. Global Information Security (GIS) is the backbone of the bank's cybersecurity infrastructure. It is made up of myriad security disciplines (Insider threat, Digital Forensics, Malware, Cyber Threat Intelligence, to name a few) all working together seamlessly as a best-in-class security orchestra dedicated to leading the charge on protecting the bank's operations, stakeholder interests, and, most importantly, it's clientele. It was here that I honed my investigation skills and broadened my knowledge base, working complex investigations from end-to-end, not only engaging partner teams both inside and outside of GIS, but gleaning knowledge about their methodologies and the critical functions necessary to perform their work.
-
Special Agent - Investigator/AnalystUnited States Department Of Defense Apr 2011 - Dec 2013Fort George G. Meade, Maryland, United StatesSeptember 11, 2001 was arguably the most egregious and devastating attack on U.S. soil since Peal Harbor. It reminded us that terrorism isn’t just something that happens somewhere else in the world, a safe distance from our own backyards. Claims of intelligence failures continue to overshadow our Government to this day. One of the most important roles I’ve ever held involved analyzing counterintelligence and counter-terrorism data to better understand the ever-present threats to our national security. It isn’t enough to review sensitive reports gleaned from Government sources. It requires a knowledge and understanding of what’s going on in the world around us--from geopolitical conflicts to known threat actors and their TTPs--and in many cases, knowing the backstory on what precipitated tensions and unrest. It also taught me the value of brevity. Informed decisiveness needs to be as immediate as possible to be truly effective. It also requires a clear understanding of the stakes. Decision makers don’t have the luxury of spending a lot of time reading tomes on a given topic. They depend on thoughtful concise reporting to inform their decisions. As someone who enjoys writing, the significance of an economy of words in critical situations is of paramount importance. -
Special Agent - Investigator/AdjudicatorUnited States Department Of Defense Apr 2008 - Apr 2011Fort George G. Meade, Maryland, United StatesDecisions to grant or allow continued access to sensitive information within the U.S. Government is not made in a vacuum and is not taken lightly. It requires the information collection efforts of a host of individual teams and a thorough assessment of disparate investigative facts all synthesized to provide a complete picture of the "whole person." It is not enough to read a single report and make a recommendation. It requires cross-checking numerous missives to identify potential discrepancies in information, factual inaccuracies, contradictions, and indicators of potential concern. Through conducting hundreds of clearance analyses, I learned to recognize signs of potential threats, to map conflicting information among multiple unrelated documents from multiple unrelated sources, and to clearly, concisely, and objectively articulate the cost/benefit, risk/reward of granting access to someone based on all available evidence.
-
Special Agent - Investigator/Polygraph ExaminerUnited States Department Of Defense Nov 2004 - Apr 2008Fort George G. Meade, Maryland, United StatesAs I said in my summary, placement and access are keys to causing harm and creating risk. Nowhere are the stakes higher than within the U.S. Government: defender of our Constitution and responsible for our national security. Critical to that defense is making sure that those seeking access to, or continuing to access, the most sensitive information in the nation are trustworthy, responsible, and reliable. With over 1300 polygraph examinations under my belt, I became adept at understanding human motivations, decoding human emotions, and identifying risk indicators, all through extensive, focused personal interactions.
J. Scott A. Education Details
-
Forensic Studies -
Criminal Justice -
Psychology
Frequently Asked Questions about J. Scott A.
What company does J. Scott A. work for?
J. Scott A. works for Bank Of America
What is J. Scott A.'s role at the current company?
J. Scott A.'s current role is Cyber Crime Defense Intake and Triage (CCDI) Analyst.
What schools did J. Scott A. attend?
J. Scott A. attended Stevenson University, Radford University, Radford University.
Who are J. Scott A.'s colleagues?
J. Scott A.'s colleagues are Ingrid Balazova, Julien Roman, Cole Charles, Bob Cha, Mohd Saleem, Areatha Cunningham, Michele Boone.
Not the J. Scott A. you were looking for?
-
2moseleyarchitects.com, moseleyarchitects.com
Free Chrome Extension
Find emails, phones & company data instantly
Aero Online
Your AI prospecting assistant
Select data to include:
0 records × $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial