Jason Herbst

Jason Herbst Email and Phone Number

Senior Architect - Cloud and Application and AI Security @ Baxter International Inc.
Saint Paul, MN, US
Jason Herbst's Location
St Paul, Minnesota, United States, United States
Jason Herbst's Contact Details

Jason Herbst personal email

About Jason Herbst

As a seasoned product security leader, I seek to capitalize on my robust technical and architectural expertise, coupled with my proven communication and leadership skills to become a pioneering force in product security innovation. I am passionate about pushing the boundaries of what's possible in security, driving significant advancements that go beyond conventional testing methods. My focus is on spearheading initiatives that make tangible, real-world improvements in product security, setting new standards in the industry. I aim to be a visionary leader and a champion for cutting-edge security practices, influencing change and fostering a culture of security excellence.Technology is constantly evolving to the point that it's difficult to keep up with. New functionality makes better products while adding connectivity and complexity. This introduces new attack vectors which makes security progressively more important as technology evolves. It’s not easy to secure evolving technology. It feels like a game that will never be completed which is perfect. It sounds strange to say, but it’s a pleasurable torment being exposed to new technology which I need to figure out and understand well enough to analyze and assess its security. I strive to learn, improve, and adapt every day. My background and experience demonstrate this. I have worn a lot of hats in most positions I've held but I think most can be loosely categorized as Consultant, Penetration Tester, Network Security, Forensics Analyst, Security Analyst and Data Collections Specialist. My knowledge began expanding as I started exploring free security sources. While some were very good, I found them to be lacking complete coverage in some areas. My knowledge expanded rapidly with my BS in Information Security and Assurance from Capella University where I graduated Summa Cum Laude. As my knowledge grew, I wanted deeper technical knowledge. I found it with various certifications including the Security+, OSCP, CHFI, GSEC, GMOB, GWAPT, GAWN, GPEN, GPYC, and CISSP I currently hold. I plan to keep expanding my knowledge. My experience and education continue to build onto my career goals. I really enjoy the challenges of keeping up with new technology and all the security considerations that come with. A day without a challenge, is a boring day.

Jason Herbst's Current Company Details
Baxter International Inc.

Baxter International Inc.

View
Senior Architect - Cloud and Application and AI Security
Saint Paul, MN, US
Website:
baxter.com
Employees:
39233
Jason Herbst Work Experience Details
  • Baxter International Inc.
    Senior Architect - Cloud And Application And Ai Security
    Baxter International Inc.
    Saint Paul, Mn, Us
    View
  • Medtronic
    Principal Product Security Engineer
    Medtronic Mar 2022 - Present
    Minneapolis, Mn, Us
    Lead, coordinate, and meticulously plan testing efforts, ensuring a consistent and strategic approach across our entire product portfolio. Overseeing vulnerability monitoring across the entire spectrum of our products. Ensure risks are identified, comprehensively understood, and mitigated effectively. Secure the organization against emerging threats and shape a culture of proactive security that permeates all of our diverse product offerings.
    View
  • Medtronic
    Senior Product Security Engineer
    Medtronic Jul 2020 - Mar 2022
    Minneapolis, Mn, Us
    Rigorously testing the security of our products, employing comprehensive methodologies to identify vulnerabilities. Elected into the Technical Forum Council to help steer engineering across the organization towards improving product security.
    View
  • Technical / Security Consultant
    Technical / Security Consultant
    Technical / Security Consultant Jan 2004 - Present
    Serve as a trusted advisor to small and medium-sized businesses, assuming a CISO-type capacity. Advocating for a proactive approach to security that not only safeguards against risks but also drives business efficiencies. Work closely with the business to emphasize how proactive security measures distinguish them from competitors in an increasingly competitive landscape. Through a strategic focus on security, enhance their products and infrastructure, reduce vulnerabilities, and mitigate risks, fostering more resilient and secure products and operational environments. This holistic approach ensures that my clients not only thrive in a secure ecosystem but also stand out as industry leaders.
  • Collins Aerospace
    Senior Security Engineer
    Collins Aerospace Sep 2017 - Jun 2020
    Charlotte, North Carolina, Us
    Remain deeply immersed in the realm of security to engage with a spectrum of responsibilities that span the entire product security organizational spectrum. Navigate intricate details within individual product lines and on up to reaching the highest echelons of corporate leadership to establish standards and frameworks that underpin uniform and highly effective security controls throughout the organization.Discovering product requirements and driving security solutions that proactively mitigate risks while simultaneously assessing solutions at the portfolio level. As a representative of the security organization, collaborate closely with product management, technical program managers, and engineers to contribute to product strategy and roadmap development that ensure product security is sufficiently addressed and prioritized.Involvement in security planning, policy development, assessment, testing, validation, and reporting has been pivotal in enhancing security controls across the organization. By driving security risk decisions and initiatives, help shape the technical architecture to meet the highest standards. Coordinate responding to customer inquiries regarding product security and privacy with colleagues across the organization to ensure accurate, efficient, and consistent responses. Educating our business teams about potential risks and providing actionable mitigation solutions.Serve as a liaison, bridging the realms of product security and engineering to ensure a cohesive and security-conscious approach across the corporation. Actively shape the security landscape, from intricate product details to overarching organizational strategies, and in doing so, foster a culture of security that is both proactive and aligned with the highest industry standards.
    View
  • St. Jude Medical
    Senior Product Security Analyst
    St. Jude Medical Aug 2014 - Sep 2017
    St. Paul, Minnesota, Us
    Collaboratively develop and integrate the Product Security Program, emphasizing the implementation of security mitigations and the uniform management of security events across the organization. Define, gather, and establish metrics crucial for the successful implementation and adoption of the product security program. Conducting comprehensive security risk assessments, thorough threat modeling, identifying vulnerabilities in SJM products, offering recommendations and implementing solutions for identified issues.Product security remediation efforts were closely monitored to ensure successful completion, including the development of requisite supporting evidence and documentation. Collaboration with internal business partners was a key focus, particularly regarding the incorporation of security mitigations into new products during various development phases, all while maintaining a sharp emphasis on efficiency. A proactive role was taken in educating the business on the risks in the Product Security environment, presenting targeted product security information, and offering solutions to address or mitigate these risks. Coordinate and engage in penetration testing, interface with regulatory and compliance agencies, such as ICS-CERT and the FDA, regarding the company's product security posture. Author comprehensive product security documentation in collaboration with various departments in preparation for FDA submissions.Code analysis tools were harnessed to uncover vulnerabilities in code, and subsequent efforts focused on their remediation to incorporate robust control measures as early as possible during development. Experience with the F5 Application Security Manager (ASM), particularly their web application firewall module, was leveraged. A pivotal role was played in ensuring the alignment of medical device security activities with organizational goals, emphasizing security by design.
    View
  • The Nerdery
    Security Engineer/ Lead Quality Assurance Engineer
    The Nerdery Jul 2013 - Aug 2014
    Edina, Minnesota, Us
    Collaborating with external and internal development teams to resolve identified issues to improve the security posture of the product. Fostered proactive security services focusing on efficiency and value in a highly competitive marketplace. This comprehensive approach extended to innovative technology use, constituting a critical component of our risk mitigation strategy.Cultivating a culture of security excellence by establishing and leading the Security Club to mentor, guide, and train as well as furthering a commitment to security across all facets of operations. Providing a mix of security services such as code analysis, vulnerabilities assessments, and penetration testing. Establish security policies, procedures, and guidelines aligned to development best practices to ensure thoroughness and high quality in those services.
    View
  • The Nerdery
    Quality Assurance Engineer
    The Nerdery Jun 2012 - Jun 2013
    Edina, Minnesota, Us
    Developed comprehensive project security planning, resource allocation, and project schedule development and maintenance, collaborating in implementation of security resolutions with a focus on validation post-implementation. Shifting security left through architecture and feature reviews, threat models, and risk assessments to identify risks and remediate them as early as possible in the development lifecycle. Presenting multiple attack methodologies to diverse audiences, underlining the importance of developing robust security practices. Defining and maintaining application security best practices, ensuring their adherence throughout the organization. Demonstrate vulnerabilities to application and system owners, accompanied by recommendations for mitigations. Continuous monitoring and tracking of progress in resolving discovered vulnerabilities ensured that the organization's security measures remained robust and effective.
    View
  • Merrill Corporation
    Data Security Manager, Technical Support
    Merrill Corporation Jul 2005 - Sep 2011
    Thorough investigation of evidentiary data to uncover potential issues and address emerging requirements. Comprehensive evaluation of data integrity at various stages of project lifecycles. Identifying issues and concerns with integrity and availability of data, with the responsibility of directing a team to resolve any discovered issues, restoring data from backups and ensuring system functionality. The role included verifying the functionality and necessity of write-blockers, auditing the effectiveness of physical and logical intrusion countermeasures for data stores, and ensuring that only authorized users had access to physical and logical data, media, and workstations.Optimize security effectiveness at all infrastructure levels, including proposing, testing, and implementing new hardware and software solutions. Rigorous enforcement of the protection of data in transit from unauthorized disclosure if lost or intercepted and chain of custody to ensure evidentiary data was processed per specific requirements, and recommendations for appropriate courses of action were made based on the evidence found. Verify the integrity of forensically collected data, various tools such as FTK3, Encase, MacQuisition, and Blacklight were utilized. Catalog data, extract as needed, and filtered for further analysis. Pre-processing of collected data for eventual processing through tools like LAW, Concordance, or other suitable platforms to make data trial ready.

Jason Herbst Skills

Network Security Information Security Computer Security Vulnerability Assessment Computer Forensics Application Security Internet Security Testing Data Security Security Audits Software Development Virtualization Software Installation Software Quality Assurance Microsoft Operating Systems Software Testing Security Management Technical Communication Web Application Security Sql Risk Management Desktop Support Network Engineering Technical Services Technical Analysis Inventory Management Penetration Testing Technical Training Technology Implementation Technical Documentation Hardware Support Server Architecture Software Project Management Software Implementation Hardware Installation Security+ Physical Security Litigation Support Collections Management Data Warehousing Data Management Digital Forensics Network Hardware Data Collection Client Communications Storage Architecture Threat And Vulnerability Management Identity Management Security Audit Mobile Application Security

Jason Herbst Education Details

  • Sans Technology Institute
    Sans Technology Institute
    Penetration Testing & Ethical Hacking
  • Capella University
    Capella University
    Information Assurance And Security
  • Minneapolis Business College
    Minneapolis Business College
    Computer Science

Frequently Asked Questions about Jason Herbst

What company does Jason Herbst work for?

Jason Herbst works for Baxter International Inc.

What is Jason Herbst's role at the current company?

Jason Herbst's current role is Senior Architect - Cloud and Application and AI Security.

What is Jason Herbst's email address?

Jason Herbst's email address is ec****@****ail.com

What is Jason Herbst's direct phone number?

Jason Herbst's direct phone number is +194976*****

What schools did Jason Herbst attend?

Jason Herbst attended Sans Technology Institute, Capella University, Minneapolis Business College.

What are some of Jason Herbst's interests?

Jason Herbst has interest in Technology, Linux, Health, Leadership Training, Data Collection, Education, Environment, Science And Technology, It Consultant, Human Rights.

What skills is Jason Herbst known for?

Jason Herbst has skills like Network Security, Information Security, Computer Security, Vulnerability Assessment, Computer Forensics, Application Security, Internet Security, Testing, Data Security, Security Audits, Software Development, Virtualization.

Who are Jason Herbst's colleagues?

Jason Herbst's colleagues are Anthony Yen, Raúl Armando García Lee, Garrett Loomer, Bill Mentink, Riccardo Russo, Shelly Bird, Pmp, Marcio Olimpio.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.