John Lento work email
- Valid
John Lento personal email
* Results-driven, visionary executive with a proven track record of leading comprehensive digital security programs, ensuring the protection of critical assets, and minimizing risks. Well-versed in establishing security architecture guidelines and standards to provide integrity, confidentiality, and availability of sensitive data and critical systems.* Adept at conducting offensive security testing, threat modeling, and vulnerability assessments to fortify organizational defenses. Experienced in leading incident response efforts and coordinating with IT and engineering teams to swiftly resolve security breaches and minimize impact.* History of developing robust and resilient software, resulting in the integration of security controls into the product development lifecycle. Successful in administering offensive security operations and conducting penetration tests and red team exercises to identify vulnerabilities and enhance defensive measuresUse the following format:Areas of Expertise:* Offensive Digital Security Testing* Multimillion Dollar Budget Management* Vulnerability Assessments* Training Curriculum Development* Compliance and Regulatory Standards* Complex Problem SolvingSelected Career Achievements:* Orchestrated re-architecture of large-scale microservices platform (275 services) on Microsoft Azure to meet rigorous security standards for Fortune 100 financial institutions. * Established and operationalized an enterprise-wide penetration testing program from the ground up (200+ applications in scope and 1K real vulnerabilities remediated).
Microsoft
View- Website:
- microsoft.com
- Employees:
- 231118
-
Principal Security ResearcherMicrosoftPittsburgh, Pa, Us
-
Director Of Product Security & Architecture / Chief Security Architect / BisoFidelity National Financial 2021 - PresentJacksonville, Fl, Us* Promoted to position after only 6 months in previous role, showcasing excellent performance (now responsible for a $10M budget). * Leads the development of a reference architecture for next generation identity protection and isolation while steering operationalization of security-hardened images (both IaaS and container-based).* Established and built out a Red Team to enhance the organization’s cybersecurity posture—teaching the SOC how to hunt and ultimately contain intrusions.* Architected and organized company wide zero trust strategy and built novel privledged access model to bolster cyber defense strategy.* Integrated and familiarized the application security team with container-based workspaces (i.e., container space onbarding)—increasing process efficiency and operationalizing new security capabilities.* Played a key role in crafting FNF’s 5-year information security strategy—guiding the organization’s efforts in securing its digital assets, mitigating risks, and ensuring business continuity. -
Avp, Manager Of Security Architecture And Application Security, Information Security OfficeFidelity National Financial 2021 - 2021Jacksonville, Fl, Us* Administered review processes to standardize architecture as per OWASP Application Security Verification Standards (ASVS). * Evaluated, refined, and authored comprehensive corporate security standards and policies, driving enhanced organizational security measures.* Implemented STRIDE-based threat modeling processes to validate and ensure secure architecture.* Orchestrated consolidation of all enterprise security findings into centralized management location, leading to organized platform.* Oversaw and synchronized enterprise penetration testing efforts and subsequent remediation activities, resulting in improved systems.
-
Assistant Vice President, Senior Security Architect—Information Security OfficeFidelity National Financial 2019 - 2021Jacksonville, Fl, UsSpearheaded information security team establishment for major FNF subsidiary through effective collaboration with senior leadership and business stakeholders.* Delivered $100M revenue boost through successful implementation of enhanced security measures and optimized cloud services utilization.* Conceptualized and deployed static, dynamic, and interactive analysis tools as integral components of DevSecOps pipeline.* Recognized as security subject matter expert, mentoring business units, engineering teams, and clients on security protocols, requirements, and industry best practices.
-
Senior Security Software Engineer, Azure Red TeamMicrosoft 2016 - 2019Redmond, Washington, Us* Led enhancement of Azure security through leadership and execution of penetration tests on production infrastructure and services. * Engineered scalable network discovery tools, aimed at pinpointing exposed Azure endpoints, alongside access control monitor designed to detect any unauthorized access within Azure subscriptions swiftly, leading to optimized security.* Fostered collaboration with multiple teams across Microsoft, advocating for and reinforcing "assume breach" mindset while delivering actionable recommendations to elevate security methodologies and practices.* Headed efforts to drive continuous improvement in Azure security, orchestrating penetration tests, developing innovative tools, and nurturing culture of proactive security measures throughout organization.
-
Security Program Manager, Microsoft Security Response CenterMicrosoft 2014 - 2016Redmond, Washington, Us* Directed large-scale initiatives to remediate security vulnerabilities across organization. Collaborated with international partners and security researchers to proactively prevent security incidents and enhance Microsoft product security.* Governed CVSS 3.0 integration throughout Microsoft as company's representative to CVSS SIG, ensuring enhanced security.* Established api.msrc.microsoft.com to distribute Microsoft Security Bulletins and Advisories in CVRF format.* Investigated and resolved externally reported vulnerabilities spanning Microsoft software, devices, and services, resulting in safer systems.
-
Vulnerability Research Team ManagerMantech 2013 - 2013Herndon, Virginia, Us* Restructured a highly talented team of eight, improving the identification of vulnerabilities and enabling remote code execution in products devoid of publicly known exploits.* Devised effective methodologies to dissect and uncover vulnerabilities within program implementation by reverse engineering 64-bit portable executables, leading to more secure systems.* Engineered kernel modules tailored for CentOS Linux, intended for fuzzing device drivers. -
Deputy Task Order Lead / Technical LeadMantech 2012 - 2013Herndon, Virginia, Us* Superintended highly successful CNO development team, providing critical assistance for CCI and CNE missions; facilitated communication and collaboration amongst CNO developers, analysts, operators, technical writers, and government stakeholders.* Oversaw prioritization and de-confliction of development tasks, effectively managing shared resources.* Directed design, development, and testing phases of CNO capabilities to ensure robust functionality.* Implemented industry-standard configuration management practices utilizing Atlassian products.* Guided professional growth of junior developers through mentorship in both technical and non-technical domains, resulting in employee excellence.* Actively engaged with independent researchers at conferences to procure cutting-edge technologies.* Collaborated in co-authoring of sections within multi-million-dollar proposals, securing selection for award.
-
Senior Software EngineerMantech 2007 - 2012Herndon, Virginia, Us* Monitored high-performing teams in conducting CNO research while overseeing design and executing development phases of projects. Demonstrated expertise in Windows internals to craft applications for gathering system usage data.* Executed reverse engineering and repurposing of user-space CNO tools for operating systems, demonstrating adaptability and innovative problem-solving abilities.* Contributed as co-developer and technical instructor for Windows System Programming and CNO User Space Crucible courses, leading to effective training.* Engineered static libraries in assembly language to facilitate issuance of ATA and SATA commands to hard drives.* Proficiently conducted forensic analysis on hard disk drives to extract valuable insights and data.
John Lento Skills
John Lento Education Details
-
The Johns Hopkins UniversityComputer Science -
Virginia Military InstituteElectrical And Computer Engineering
Frequently Asked Questions about John Lento
What company does John Lento work for?
John Lento works for Microsoft
What is John Lento's role at the current company?
John Lento's current role is Principal Security Researcher.
What is John Lento's email address?
John Lento's email address is jl****@****oft.com
What schools did John Lento attend?
John Lento attended The Johns Hopkins University, Virginia Military Institute.
What are some of John Lento's interests?
John Lento has interest in Children, Environment, Science And Technology, Human Rights, Health.
What skills is John Lento known for?
John Lento has skills like Security, Python, C, Computer Security, Software Development, Agile Methodologies, Program Management, Linux, Network Security, Security Clearance, Software Engineering, Scrum.
Who are John Lento's colleagues?
John Lento's colleagues are Nicole Guzman, Maria Mercado, Adam Stride, John Guy, Sherif Mohamed, Brian Carter, Ravi Mallela.
Free Chrome Extension
Find emails, phones & company data instantly
Aero Online
Your AI prospecting assistant
Select data to include:
0 records × $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial