Jon Brown Email & Phone Number

Mountain View, CA, US

• Lead program manager for the development of Generative AI-related features within Detection and Response, ensuring seamless capabilities within the team
• Developed a comprehensive roadmap, training materials, and process documentation specifically tailored for security engineers. These resources provide clear and concise guidance on how to respond to AI-related.
• Spearhead the development of the Security Response Continuous Improvement Governance program by leveraging engineering expertise. This program led to data-driven decision-making, resulting in the creation of an.
• Lead the Purple Program, acting as the liaison between the Offensive Security team and all of Detection and Response, adding in a new Detection Analysis section to Red Team reports creating additional insights and.
• Created the roadmap and governing body for Digital Forensics tooling, working closely with teams of globally distributed software and security engineers to understand the user journey of an incident, leading to the.
• Built and executed operation excellence program with security leadership to ensure P0/S0 incident readiness for all incident commanders with Security Response

Providence, Rhode Island, US

• Established cyber security maturity model, long-term strategy, governance, and oversight consisting of activities relating to AWS security, secure development, and incident response
• Created security leadership committee, reporting directly to the board of directors and the CEO
• Coordinated all incident response issues, including incident response training tabletop exercise and readout
• Successful integration of security processes and tooling into CI/CD pipeline and build to increase security posture of products
• Established metrics and continuing analysis related to cybersecurity-related issues to ensure that businesses could understand where gaps and issues reside and to understand costs associated with security related actions
• Built and executed security awareness and training exercises

St. Louis, MO, US

• Created cyber security strategy, governance, and oversight consisting of activities relating to product security, including firmware, software, hardware, and systems security
• Consulted with business owners to ensure that information security training and the dissemination of security policies and practices was understood and fully implemented within the business units in an achievable manner
• Lead and coached team that provided security services to business stakeholders. Those activities included threat modelling, security review and audit, penetration testing, legal compliance, and corporate oversight
• Worked hand in hand with legal, marketing, and vendors to ensure alliance in strategy and outputs for both internal- and externally-facing teams
• Coordinated and communicated all product and IT incident response issues with appropriate teams and business leaders
• Built relationships with internal customer user base including business unit VPs of IT and executive staff to ensure buy in of all key objectives and results

St. Louis, MO, US

• Built and participated in a software penetration testing service - including web app, network, client/server and major computing platforms with actionable findings and metrics for follow up and scoring
• Hired and managed personal
• Created service delivery documentation
• Built and conducted threat models and risk assessments using STRIDE and FAIR methodologies for business units for their IoT product and major computing platforms
• Created a product, IoT, and cloud security assessment service - including extensive security architecture and design review.
• Service included testing PLCs, Industrial Control Systems, intelligent controllers, and other sensors and automation controllers used in flow control, pharmaceutical, heating, cooling, transportation, cargo, and food.

St. Louis, MO, US

• Took over and matured vulnerability management program to have actionable, risk-based, and achievable business results
• Replaced Qualys implementation with Tenable.io implementation across a global enterprise on time and under budget
• Conducted basic web application security testing using Burp Suite as well as managed DAST tool WhiteHat
• Lead architecture design and review for all corporate projects and targeted business products.
• Embedded security into the IT project life cycle and product review stage gates to ensure that security was consistently thought of through each
• Performed threat research and created response communications and plans to major issues, understanding scope and severity of impact to the business

Bridgeton, Missouri, US

Teaching a penetration testing course with a focus to help pass the C|EH from EC Council at the Forest Park campus.

St. Louis, MO, US

• Conducted network and web application testing primarily for Financial and FinTech clients and walked them through results to ensure understanding and proper areas of concern could be addressed
• Participated in Incident Response / Digital Forensics investigations with lead investigator
• Responsible for report writing and read outs of any testing completed
• Assisted in the deployment of FireEye devices to client sites

• TCP/IP – theories, state diagram, capturing traffic, analyzing captured traffic
• UNIX – basic commands, scripting, troubleshooting, system administration
• Security Posture – Set and inform policies of best practices
• Firewall changes using Cisco, IPTables, Shasta, CheckPoint systems
• Perform Quarterly Scans in accordance with FedRAMP/FISMA and PCI guidelines
• Perform IP Assignments

• Point person for forensic data gatherings
• Deployed and updated Symantec antivirus
• Turn up network ports using Putty while interfacing with Cisco network switches
• Handled process improve documents for the department
• Helped manage Active Directory accounts and GPOs
• Primary technician for large scale projects, including an initiative to move the entire company from CheckPoint encryption software to BitLocker

• Responsible for integrating new server hardware and software upgrading the entire office from a Windows 2003 server environment to a Windows 2008 R2 environment
• Performed routine maintenance on locally based server including: tape backup, memory maintenance, data restorations, hard drive swaps and software updates using both VMware and remote desktop connections
• Assisted in answering eight telephone lines, helping clients with questions regarding their case or directing them to the appropriate co-worker for assistance
• Handled all computer software/hardware issues on a daily basis ranging from simple virus issues to reformatting and reinstalling a new operating system using different software such as Norton Ghost, Symantec Antivirus.
• Installed new optical drives, hard drives and RAM to upgrade systems office wide whenever necessary
• Setup, created and enabled user accounts using active directory in both a Windows 2003 and 2008 R2 environment

Master Of Cyber Security Management, Cyber Security

Bachelor Of Science (B.S.), Fine/Studio Arts, General