Profiles search
David Lawrence
Global Cybersecurity Incident Commander at PepsiCo.
Plano, TX, United States
Details
Education:
B.S.
Computer Science
Ohio University
1979 : 1983
Computer Science
Ohio University
1979 : 1983
Experience:
Responsible for oversight and management of significant business impacting cyber security incidents in a complex, global Fortune 50 enterprise.
2022 : Present
PepsiCo
Global Cybersecurity Incident Commander
Lead cyber security incident response for the DXC Technology enterprise. Coordinate internal groups providing incident response, investigation, digital forensics, and threat intelligence services to the enterprise. Develop operational security processes. Approve incident response actions on behalf of the CISO. Escalate incidents to CISO and other executives.
In addition, provide security architecture services to various DXC application projects and colleagues.
2017 : 2021
DXC Technology
Enterprise Security Incident Commander
Managing three groups comprising engineering and support for HPE’s enterprise cyber security capabilities : ArcSight Engineering (SIEM), End-Point Engineering (anti-malware, HIPS and APT), and Security Infrastructure (supporting 16 security capabilities). Responsibilities include solution delivery, technology strategy, evaluations, risk management, and security standards.
Prior responsibilities included leading HPE’s global Manufacturing Cyber Security group; responsible for the governance and compliance program for factories and related environments such as PLC, SCADA other industrial and IoT security issues. Led and contributed security expertise for international and domestic manufacturing site assessments, vulnerability discovery, incidents, contract manufacturing, and related projects.
2013 : 2017
Hewlett Packard Enterprise
Senior Manager, Cyber Security Operations
Performed security due diligence and risk analysis for 20+ corporate acquisitions, divestitures, and outsourcing actions exceeding $7.6 billion in total value. Performed network, host, and application vulnerability assessments. Developed risk profiles, network proposals, and remediation plans. Communicated issues, closing clauses, and remediation progress to business executives.
Provided security reviews and approval for corporate network change requests, participated in security incident remediation teams, and led risk mitigation projects.
2008 : 2013
Hewlett Packard Enterprise
Master Consultant, Cyber Security
Provided security and privacy related risk analysis to business scenarios and recommended strategies to achieve client requirements, address regulatory considerations, and the company’s business objectives.
Researched, prototyped, and engineered cyber security capabilities for service offerings and internal use. Portfolio included SIEM, mobile device management, end-point encryption, and governance, risk, and compliance (GRC) tools.
Developed and enhanced enterprise security policies and standards.
2001 : 2008
Electronic Data Systems
Security Architect
2022 : Present
PepsiCo
Global Cybersecurity Incident Commander
Lead cyber security incident response for the DXC Technology enterprise. Coordinate internal groups providing incident response, investigation, digital forensics, and threat intelligence services to the enterprise. Develop operational security processes. Approve incident response actions on behalf of the CISO. Escalate incidents to CISO and other executives.
In addition, provide security architecture services to various DXC application projects and colleagues.
2017 : 2021
DXC Technology
Enterprise Security Incident Commander
Managing three groups comprising engineering and support for HPE’s enterprise cyber security capabilities : ArcSight Engineering (SIEM), End-Point Engineering (anti-malware, HIPS and APT), and Security Infrastructure (supporting 16 security capabilities). Responsibilities include solution delivery, technology strategy, evaluations, risk management, and security standards.
Prior responsibilities included leading HPE’s global Manufacturing Cyber Security group; responsible for the governance and compliance program for factories and related environments such as PLC, SCADA other industrial and IoT security issues. Led and contributed security expertise for international and domestic manufacturing site assessments, vulnerability discovery, incidents, contract manufacturing, and related projects.
2013 : 2017
Hewlett Packard Enterprise
Senior Manager, Cyber Security Operations
Performed security due diligence and risk analysis for 20+ corporate acquisitions, divestitures, and outsourcing actions exceeding $7.6 billion in total value. Performed network, host, and application vulnerability assessments. Developed risk profiles, network proposals, and remediation plans. Communicated issues, closing clauses, and remediation progress to business executives.
Provided security reviews and approval for corporate network change requests, participated in security incident remediation teams, and led risk mitigation projects.
2008 : 2013
Hewlett Packard Enterprise
Master Consultant, Cyber Security
Provided security and privacy related risk analysis to business scenarios and recommended strategies to achieve client requirements, address regulatory considerations, and the company’s business objectives.
Researched, prototyped, and engineered cyber security capabilities for service offerings and internal use. Portfolio included SIEM, mobile device management, end-point encryption, and governance, risk, and compliance (GRC) tools.
Developed and enhanced enterprise security policies and standards.
2001 : 2008
Electronic Data Systems
Security Architect
Company:
PepsiCo
Years of Experience:
40
Skills
Information Security, Information Security Management, Information Security Standards, Infrastructure, IT Security Operations, Major Incident Management, Networking, Network Security, Security Incident & Event Management
About
A technical and business leader with strong skills in cyber security and infrastructure, spanning current technology to legacy mainframe technology. Experienced in acquisitions and divestitures, architecture and engineering, consulting, customer relationship management, systems programming, infrastructure management, program management, and executive interfaces. Industry experiences include information and communications technologies, pharmaceuticals, manufacturing, education, and defense.
Profile Photo
