James Pearson Email & Phone Number

Kirkland, WA, US

Burbank, CA, US

Mclean, VA, US

• Top performer driving remediation of web application and cloud infrastructure vulnerabilities providing DevOps delivery teams with verified and actionable information saving hundreds of sprint hours.
• Provided analysis of several hundred security findings across all lines of business to identify recurring security misconfigurations resulting in documented security guidelines for DevOps delivery teams.
• Collaborated with security consultants across lines of business on special projects, vendor integrations, remediation task force efforts, and emergent issues providing consistent delivery and transparency.
• Identified and championed cloud asset security patching process improvements, automation of data analysis, and providing actionable information for targeted DevOps teams that significantly accelerated patching.

Mclean, VA, US

• Provided security guidance to DevOps teams ensuring approved architecture patterns and data protection (PCI, NPI, PII) enabling Lift and shift of legacy line of business applications from private data centers to a.
• Contributed to Security Architecture patterns intended to limit cloud provider lock-in, data protection, monitoring, alerting, encryption standards, DDoS protection, and approved security configurations.
• Developed and tuned web application firewall (WAF) policies for use in a public cloud supporting the successful transition from an open source to an enterprise vendor solution.

Mclean, VA, US

• Established and managed the Security Innovation Program to research, evaluate, and rationalize emerging security capabilities that informed the Security Strategy Roadmap (capability gap, consolidation, build vs. buy).
• Sourced, managed, and implemented multiple cloud vendor proof of concept engagements to decision solutions for security capability gaps supporting early adoption for enterprise public cloud migrations (data center to.
• Established and managed the Security Patent Program to identify and submit unique processes, work product or other intellectual property ideas, and partner with IP Legal team to rationalize and submit qualifying patents.

• Delivered layered DDoS solution protecting geographically distributed data centers (hardware, CDN, BGP) that successfully protected production systems from multiple large scale, 175+ Gbps network attacks.
• Consulted on the design and delivery of a VMWare private cloud leveraging virtualized server and network infrastructure to support rapid delivery of Production, Development, and Quality Assurance environments.
• Collaborated with Wintel team to redesign enterprise remote access solution providing secure network and application isolation through Citrix servers, hardware MFA, role-based policies, and thin client software.

• Managed and mentored four security teams across three geographical locations focused on Security Engineering, Vulnerability Management, Security Infrastructure, and Information Privacy.
• Provided security oversight and approval for all production change requests to ensure alignment with documented security standards and least privilege access controls.
• Championed the design and adoption for network segmentation from a flat network to multiple security zones based on approved traffic patterns that significantly lowered attack surface for all LAN/WAN environments.

• Managed and matured the Information Security Program, security budget, physical security, and SME for PCI-DSS assessments and security focused audit inquiries.
• Built team of high performing security engineers driving security requirements, data protection and ensuring security standards for all technology projects.
• Conducted penetration testing and web application vulnerability assessments for customer facing applications, 3rd party integrations, and drove successful remediation of identified findings.

• Established an Information Security Program covering policies, standards, vulnerability management, risk, engineering, vendor integrations, infrastructure and related platforms.
• Developed, tested, documented, and automated server hardening standards for all production systems aligned with least privilege and regulatory compliance (Windows and Unix*).
• Implemented endpoint whole disk encryption, USB management, host firewall, IDS/IPS, and MFA role-based VPN profiles enforcing least privilege network access supporting Business Continuity and remote administration.

• Delivered secure public DNS design allowing full control of internet facing name resolution while minimizing exposure and bandwidth consumption to authoritative name servers.
• Documented and implemented least privilege network segmentation for Corporate and Production data centers reducing attack surface and scope for PCI-DSS compliance.
• Planned and migrated existing stateful firewalls to high availability application Layer firewall clusters supporting multiple security zones with zero unplanned downtime.

London, England, GB

• Co-Lo data center build out of physical server and network hardware (rack and stack) for multiple enterprise customers.
• Completed several on-site ad-hoc consulting engagement projects for enterprise customers with high satisfaction evaluations.

Lewis Center, Ohio, US

• Configured secure Citrix platform enabling server hosted applications for internet connected thin clients, meeting a tight deadline to support conference demos.
• Deployed Enterprise Anti-virus and IDS client software across several WAN connected offices, and successfully migrating thousands of network hosts from a legacy platform.

US

• Delivered 14 unique technical certification courses in a classroom setting focused on Microsoft technologies and consistently achieved excellent student evaluations.
• Consulted on Microsoft Exchange implementations for small businesses resulting in successful project completion and customer satisfaction.