Profiles search

Josh Brown, MSIA, CISSP, CISA

Information Security Leader Adept at Developing & Directing Top Talent, and Bridging the Gap between Business & Technology | AppSec Maturity | Vulnerability Management | Program Management | Cyber Threat Intel & Exercise
Charlotte, NC, United States

Details

Education: MS

Information Assurance

Norwich University

2007 : 2009

Bachelor of Science

Management

Biola University

2001 : 2004
Experience: 2021 : Present

Ally

Sr. Director Cybersecurity Compliance

Recruited into the Software Integrity Group to help build the financial services vertical. Responsible for cultivating large enterprise client relationships. Build and manage project teams to facilitate timely deliverables on long-term (often multi-year) client engagements, and ensure superior service/results. Travel internationally. Provide consultation to clients’ executive leadership on information security strategies and goals.

2018 : 2021

Synopsys Inc

Managing Consultant, Software Integrity Group (SIG)

SVP, Senior Tech. Manager / Chief of Staff (2015-2018)

Cyber Threat Exercise Program Manager (2012-2015)

Global Information Security Employee Engagement Team Lead (2010-2014)

Policy Lead (2010-2012)

Highly successful tenure with BofA, establishing recognition early in career as a valuable resource able to build new high-impact programs, remedy existing deficient programs, grow strong talent, and eliminate process inefficiencies. Successfully interfaced with Risk Compliance, Audit and Regulatory partners to drive risk mitigation/compliance goals, created 20+ new jobs, and won numerous performance-based awards during 8-year tenure.

As SVP/Chief of Staff, recruited by BofA’s executive for Cyber Security Ops program to serve as Chief of Staff for one of the world’s best application security programs; held oversight for 5 global teams. Managed a multi-million dollar annual vendor/contract budget. Recruited and developed top talent.

As Cyber Threat Exercise Program Manager, responsible for the design/implementation of new Cyber Security Exercise Program. Managed a matrixed organization to identify additional program support resources. Led 6 direct reports (VPs). Co-authored exercises with SIFMA, the FS-ISAC, US-CERT, JPCERT and Department of Treasury.

In early career, recruited by BofA (SVP, Cyber Threat Intelligence Program) to build cyber threat exercise program. Built multiple information security teams from scratch. Responsibilities included managing cross-functional teams, delivering policies, identifying process improvements, coordinating security conference events, and more.

2010 : 2018

Bank of America

SVP, Senior Technology Manager / Chief of Staff / Other Positions

Earned 3 promotions during successful tenure, receiving recognition from CEO as an invaluable resource/leader. Responsibilities were diverse and included security analysis, vendor relationship management, requirements gathering, testing, application development & launch, Business Intelligent reporting, program management, client account management, and more.

Designed/built performance management system (2008), significantly mitigating risk and improving compliance. Participated in 2008 Executive Leadership Summit; one of the top IT professionals helping with strategic planning. Received 2009 World Class Award for exemplary work with Fortune 1000 client; instrumental in landing the account, cultivating relationships with their executives, and leading data conversion project.

2005 : 2010

Steritech

Systems Analyst & Project Manager

2004 : 2005

Carolina CAT (Caterpillar Dealership)

Information Services Technician & Data Conversion Analyst
Company: Ally
Years of Experience: 20

Skills

Application Security, Business Continuity, CISA, CISSP, COBIT, Computer Forensics, Computer Security, Data Security, Disaster Recovery, Exercise Design, Firewalls, Group Training, Identity Management, Information Assurance, Information Security, Information Security Management, Information Technology, IT Audit, Networking, Network Security, PCI DSS, Risk Assessment, Risk Management, Security, Security+, Security Architecture Design, Security Audits, Security Awareness, Security Management, Security Policy, Servers, Troubleshooting, Vulnerability Management, Wargaming, War Gaming, Security Architecture

About

With 20 years of Information Security leadership experience, I am committed to continually recruiting and developing top talent, developing high-impact cyber threat mitigation programs, and helping companies achieve their respective business and technology security goals.



Recognized as a strategic leader and trusted business partner, I have significant international experience, and a broad knowledge and understanding of industry best practices; extensive multi-disciplinary background in application security, threat intelligence, business continuity, and vulnerability management processes. I have had enormous success recruiting, building and directing top talent, developing, growing and optimizing large-scale programs, mitigating financial risk, leading large enterprise engagements, and partnering with cross-functional leaders to ensure superior client service and drive security standards. Expert performance in establishing governance councils to integrate audit/risk positions and provide program oversight and transparency.



Master of Science in Information Assurance (MSIA)

Certified Information Systems Security Professional (CISSP)

Certified Information Systems Auditor (CISA)



EXPERTISE:

Cyber/IT Security | Risk Mitigation/Management | Strategic Planning | Vendor Relations ∣ Process Improvement ∣ Global Cyber Threat Exercise/Technology Program Development & Management | Operations Management ∣ Information/Application Security ∣ Key Account Management ∣ Client Relations