Director Information Security
CurrentDelivered global security engineering and operations for cybersecurity platforms, security operations center, application and cloud security across a 33 person team. Developed and accountable for $10MM in OPEX/CAPEX spend for this $2B healthcare analytics company with 9K employees.• Optimization of platforms and vendor maturity score improvements: Wiz cloud native app protection platform, Splunk SIEM, Imperva web application firewall, Digital Guardian DLP, Crowdstrike malware/antivirus, Axonius asset discovery, ZScaler cloud access security broker & end point proxy client, Zerofox reputation protection, Proofpoint email gateway, Darktrace AI network monitoring• Operational improvements in MSSP Security Operations Center which included 188 use case review, validation, SLA’s and proper escalation to internal SOC. Validation of Splunk SIEM to ensure proper data sources to support current and future use cases• Oversight for internal and managed security operations center and development of incident response protocols and key playbooks to include; ransomware, phishing and endpoint• Development of cloud security framework (AWS/Azure), strategy and controls along with tool implementation. Use case implementation with MSSP and Wiz cloud tool.• Build out of the application security program to include Veracode static and software composition analysis code scanning, Rapid7 DAST scans, Imperva web application firewall implementation and API protection.• Member of InfoSec Risk Sub-Committee & AI Governance Committee• Ensuring security compliance in complex Federal, Cloud, on-premise datacenters and acquisitions