CIO/CISO
eric.resume@igazine.com
SUMMARY
A proven leader in the Cybersecurity industry, making the world’s data safer by understanding and providing guidance in all security aspects across organizations from small startups to large market-leading enterprises. I have years of experience showing the diligence required by legal regulations at the federal, state, and industry levels. I am an expert in meeting business demands by developing and delivering compliant information security frameworks for my employers.
EXPERIENCE
Kaiser Aluminum Investments, Orange County, CA NOV 2019
Responsibilities
Director of Cybersecurity and Infrastructure I am tasked with network/cloud engineering, application security, infrastructure management, cyber risk tracking, and cyber compliance. Replaced legacy engineering and compliance staff and have focused on cleaning up years of management and engineering shortcomings. I hired a team of 10 engineers to manage verticals like Cybersecurity compliance, network engineering, Azure Cloud Services, MS Teams Voice Migrations, voice over IP conversions, and Kanban process migrations.
As a senior leadership risk committee member, I am responsible for identifying, tracking, and helping remediate risk in the IT services across the company. These duties require updates to board members and updates on cybersecurity investments. I implemented company-wide policies and procedures based on the NIST Cybersecurity Framework. This improved the company’s security posture and helped lessen risk across the enterprise.
Kaiser Permanente, Corona, CA – Director Cybersecurity AUG 2017-NOV 2019
Responsibilities
Director of highly skilled teams of network security engineers plus a team of contract resources from multiple third-party business partners. Responsible for protecting an ever-evolving network containing over 400,000 endpoints. I have formulated plans to implement multi-factor authentication across all managed endpoints and received millions in funding to support the project. I was responsible for guiding the long-term direction and operational budget forecasting of Firewalls, Intrusion Protection, and VPN solutions across the Kaiser Network. My guidance and push for much-needed upgrades to the VPN environment prepared Kaiser for a massive uptick in scaling while nonessential office workers were instructed to work from home.
Proven ability to lead talented staff in developing solutions that scale to enterprise levels and support operations for years; my real enjoyment comes from my day-to-day role. I thrive on building engineers, motivating management to change, and mentoring others. I challenge myself to improve organizational culture by breaking down organizational silos developed over years of extensive enterprise management shifts. Implementing new security solutions in enterprise networks can by changing people’s attitudes. Empowering them and getting collaborative success is possibly my greatest strength.
Hart, Anaheim, CA – DevOps/Security JAN 2016 – FEB 2017
Responsibilities
I successfully achieved the highest levels of security by managing people, implementing automated processes, and providing long-term direction with limited staff and resources. Hart is a flat organization with no organizational hierarchy where my primary role is setting the course and organizing Cyber Security and compliance with HIPAA, PCI, and other regulations. I convinced the organization to begin utilizing the HITRUST Security Framework for Healthcare as the guide for managing the company’s needs in compliance. I used HITRUST to review the company’s controls across the framework domains, assigning priority when risks were determined, managing the teams across the organization by setting corrective action plans to address gaps in coverage, and engineering security solutions to complement automated DevOps processes.
Supported Technologies
Dell SonicWall Firewalls, Amazon Web Services (AWS), DigitalOcean Cloud infrastructure, Cisco Nexus routing & switching platforms, Cisco/Meraki wireless, NGINX Web Servers/load balancing, CloudFlare cloud Web Application Firewall, OpenVAS Vulnerability/Compliance Scanning, FreeIPA (LDAP, DNS, Host-Based Access Policies), SALTStack for automation of systems builds. Along with these technologies constructed, multiple custom web services as tools to support internal corporate processes and customer processes.
FINSECTECH, LLC, Huntington Beach, CA – Founder AUG 2015 – NOV 2019
Responsibilities
I decided to start my own consulting/software engineering business in a new and exciting chapter of my career. I built risk management software to help banking and trading firms manage compliance with SEC, FINRA, and FDIC regulations in cybersecurity. Besides maintaining and developing the software, I also provided consulting services, both managerial and technological, to customers in the trading and legal sectors. During this time, I have also been selected to speak on panels with the US Chamber of Commerce and became a State of California Cybersecurity Task Force member. I continue to work on this software concept as a service with hopes of relaunching it as a free service for Cybersecurity Managers using the NIST framework.
Supported Technologies
DigitalOcean Cloud Services, NGINX reverse web proxies, F5 Load Balancers, Debian Linux, Ruby on Rails, PostgreSQL, Palo Alto Firewalls, Wildfire Advanced Persistent Threat Prevention.
COR Clearing LLC, Omaha, NE – CISO DEC 2014 – SEP 2015
Responsibilities
I was responsible for establishing and maintaining the company’s cybersecurity strategy and technologies to ensure adequately protected information assets. Worked with auditors from private and federal organizations to ensure the company was meeting regulations and standards. Developed methods for managing the company’s cybersecurity posture using the NIST Cybersecurity Framework as a tool for implementation and reporting. Provided with a limited direct staff, I implemented security controls across the company’s technology stack and utilized the NIST Common Security Framework to provide security management. Foreseeing the SEC’s direction using the NIST CSF in the trading industry resulted in my decision to build a shared security management software for the industry.
Supported Technologies
Dell SonicWall NSA Firewalls Next-Generation Threat Protection, ZScaler Cloud Proxy, ZScaler Cloud Sandbox for APT mitigation, ESET Endpoint Security/Remote Management, Dell KACE Endpoint Systems Management, Dell Data Protection full disk encryption, Qualys Cloud-based vulnerability scanning.
Kareo, Inc. Irvine, CA – Information Security Principal Dec 2013-Dec 2014
Responsibilities
As Principal Engineer was responsible for architecture, designing, and implementing all network, call center VoIP and cybersecurity-related technologies. I worked with cross-functional business units to contribute to the architecture of our SaaS solution for medical billing and healthcare record-keeping. Also responsible for the initial adaptation of the HITRUST medical IT management framework for the company.
Supported Technologies
Palo Alto Next-Generation Firewalls, PAN Wildfire Advanced Persistent (malware sandbox), PAN GlobalProtect VPN, ESET Endpoint Protections, VPN Threat Protection Debian Linux, OpenVAS, F5 Load Balancers, F5 Web Application Firewalls, ShoreTel VoIP, MPLS, Cisco ASA Firewalls/VPN, HP Procurve, Cisco Nexus (IOS, NX-OS)
Kaiser Permanente, Corona, CA – Principal Engineer 1999-2005/2006-2013
I started as the first Network Security Engineer and proved myself through multiple promotions to become a senior-level principal at one of the world’s largest healthcare providers. I provided security strategies for a network supporting over 9 million members and more than 200,000 workers. Responsible for delivering yearly updates of technology and budget forecasting for enterprise-scale security solutions. I was also instrumental in ensuring regulatory compliance with HIPAA, PCI, and other PII protection laws.
Supported Technologies
Blue Coat Web Proxies (transparent and explicit), FireEye Network APT protections, Palo Alto Next-Generation Firewalls/Wildfire APT protections, Checkpoint Firewalls (Firewall-1, NG), Cisco ASA Firewalls, Cisco Firewall Switch Module, Cisco ASA VPN, TippingPoint IPS technology, Damballa Network APT Protection, Bit-9 Dynamic Endpoint.
Nexa Technologies, Irvine, CA – Manager Security/Infrastructure 2005-2006
Managed the national security operations of the enterprise networks. I supervised SOX compliance projects with banking and brokerage customers in preparation for IPO by establishing Nexa’s system and operations controls. I worked hand and hand with 3rd party auditors to provide scoping and mapping out of controls for the SAS-70 audit. This audit was used to attest to our operational controls to other business partners and regulators.
International Network Services, Torrance, CA – Network Engineer 1998 – 1999
Member of a high-level network consulting services group for mainly large enterprise and carrier-class networks, which included: network design, implementation, problem isolation, maintenance, and optimization of multi-vendor network infrastructures. Designed, implemented, and provided support on multi-vendor network solutions to include: Microsoft, Solaris, Linux, and Cisco.
Pacific Eye Net, Los Angeles, CA – Assistant Director MIS 1997 – 1998
I managed a small team of IT professionals working to support the day-to-day operations of the Southern California Optometrist group. Responsible for backing up systems and upgrading the network on tight budgets. Designed new medical office networks and added them to the Corporate WAN.
USMC 7th Comm Bn, Kaneohe Bay, HI – Field Radio Operator 1992 – 1997
Directly managed the garrison and deployed networks supporting 3,500 Marines of Marine Forces Pacific. Supervised the efforts of 15 plus Marines responsible for maintaining hundreds of PCs, servers, and systems used around the world. Daily tasks included managing directory services, file and print services, PC maintenance, and access to the IBM mainframe via 3270 emulation services. Additional duties include the setup and tuning of radio equipment, including antennas and power sources, establishing contact with distant stations, processing, and logging messages, making changes to frequencies or cryptographic codes, and maintaining equipment at the first echelon. I supervised the installation, testing, monitoring, and maintenance of up to 30 deployed LAN/WAN and Radio networks to support remote operations in Korea, Saudi Arabia, Thailand, and domestic training areas.
EDUCATION/CERTIFICATIONS
United States Marine Corps, Marine Corps Basic Training: Completed 1992
United States Marine Corps, Field Radio Operators Course: Completed 1993
United States Marine Corps, Jungle Warfare School: Completed May 1995
United States Marine Corps, Computer Science Program 1996
Check Point Firewall-1 4.0, Vendor Course: Obtained Certificate
Unix System Administration, Vendor Course: Obtained Certificate