Profiles search
Scott Countryman
Cybersecurity Technologist at Travelers
Hamden, CT, United States
Details
Education:
Masters
National Security Information Protection
University of New Haven
2017 : 2018
Bachelor of Science (B.S.)
Northeastern University
1999 : 2001
Aerospace, Aeronautical and Astronautical Engineering
University of Maryland College Park
1995 : 1997
National Security Information Protection
University of New Haven
2017 : 2018
Bachelor of Science (B.S.)
Northeastern University
1999 : 2001
Aerospace, Aeronautical and Astronautical Engineering
University of Maryland College Park
1995 : 1997
Experience:
Run and develop the Travelers Cybersecurity Awareness program including phishing and training.
Developed an upskilling program to develop talent within the organization.
Track and manage penetration test findings and risks to ensure proper remediation.
2021 : Present
Travelers
Cybersecurity Technologist
• Perform technical/security reviews of proposed new technologies, protocols, and technical processes.
• Run the employee Phishing program including researching current trends, developing the theme, running the test and compiling results for analytics and reports.
• Perform numerous information security audits including NYDFS, SWIFT and FFIEC Cybersecurity Assessment. Gather evidence to support the audit findings and generate reports for management.
• Manage penetration test findings including tracking results, discussing fixes with stakeholders and ensuring implementation of the fixes.
• Review software requests to ensure there are no security vulnerabilities.
• Numerous Ad Hoc projects including developing a process to remediate an Active Directory Audit as well as monitor future adherence to the standards.
• Manage identified risks to ensure they are remediated, or proper mitigation procedures are in place.
2019 : 2021
People's United Bank, N.A.
Information Assurance Specialist
-Manage and monitor the Data Loss Prevention (DLP) program. Monitor effectiveness of DLP rules and implement changes, where necessary
-Assist with SIEM management and monitoring. LogRhythm Administrator and Analyst certified.
-Assess incidents detected by security tools and/or reported by employees or customers. Investigate and resolve incidents.
-Review vulnerability assessments and produce summary reports.
-Support the Bank’s data governance program by using the Bank’s data access governance solution to perform sensitive data discovery and access.
-Perform technical/security reviews of proposed new technologies, protocols and/or technical processes.
-Perform technology related risk assessments as needed.
-Review Service Organization Control reports of the Bank’s technology vendors.
-Member of the Incident Response Team.
-Assist in developing and documenting Information Security department procedures and security awareness training.
-Prepare and assist with audits and regulatory examinations.
-Review and “audit” activity/changes reported on daily, weekly and monthly reports.
-Perform periodic verification of user access to critical systems and privileged user reviews.
-Conduct a variety of periodic reviews to verify compliance with IT and information security policies.
-Run the Bank’s phishing and email social engineering software and reports results to the VP, ISO.
2019 : 2019
United Bank
Information Security Coordinator
-Review and “audit” activity/changes reported on daily, weekly and monthly reports.
-Perform periodic verification of user access to critical systems and privileged user reviews.
-Conduct a variety of periodic reviews to verify compliance with IT and information security policies.
-Review Service Organization Controls reports of the Bank’s technology vendors.
-Run the Bank’s phishing and email social engineering software and reports results to the VP, ISO.
-Assist with monitoring and follow-up on alerts received from various monitoring tools.
-Record results of reviews and escalates exceptions to the ISO, where needed.
-Assist with maintenance of the risk assessment application(s) and coordinate risk assessment activities together with the Information Security Risk Analyst.
-Provide assistance in reviewing vulnerability assessments and compiling metrics for management reporting.
-Provide assistance in conducting technical/security reviews of proposed new technologies.
-Assist in performance of risk assessments of new and existing information assets hosted internally and externally by Bank vendors.
-Execute and report results of email social engineering/phishing tests.
-Perform periodic ‘clean desk’ walkthroughs of Bank departments.
-Compile metrics from various Information Security activities and prepare reports, charts and graphs for management and Board reporting.
-Update existing procedures or documents new procedures, where needed. Assist in preparation for audits and regulatory examinations.
-Work closely with other Information Security team members as well as all levels of personnel in the IT, Vendor Management, Risk Management, Payment Operations and other departments.
2018 : 2019
United Bank
Information Security Specialist
-Assist in the training of students preparing to enter the Information Technology field. Create training presentations focusing on cyber-crime and cyber-security.
2018 : 2018
DCI Resources, LLC
Teaching Assistant
Developed an upskilling program to develop talent within the organization.
Track and manage penetration test findings and risks to ensure proper remediation.
2021 : Present
Travelers
Cybersecurity Technologist
• Perform technical/security reviews of proposed new technologies, protocols, and technical processes.
• Run the employee Phishing program including researching current trends, developing the theme, running the test and compiling results for analytics and reports.
• Perform numerous information security audits including NYDFS, SWIFT and FFIEC Cybersecurity Assessment. Gather evidence to support the audit findings and generate reports for management.
• Manage penetration test findings including tracking results, discussing fixes with stakeholders and ensuring implementation of the fixes.
• Review software requests to ensure there are no security vulnerabilities.
• Numerous Ad Hoc projects including developing a process to remediate an Active Directory Audit as well as monitor future adherence to the standards.
• Manage identified risks to ensure they are remediated, or proper mitigation procedures are in place.
2019 : 2021
People's United Bank, N.A.
Information Assurance Specialist
-Manage and monitor the Data Loss Prevention (DLP) program. Monitor effectiveness of DLP rules and implement changes, where necessary
-Assist with SIEM management and monitoring. LogRhythm Administrator and Analyst certified.
-Assess incidents detected by security tools and/or reported by employees or customers. Investigate and resolve incidents.
-Review vulnerability assessments and produce summary reports.
-Support the Bank’s data governance program by using the Bank’s data access governance solution to perform sensitive data discovery and access.
-Perform technical/security reviews of proposed new technologies, protocols and/or technical processes.
-Perform technology related risk assessments as needed.
-Review Service Organization Control reports of the Bank’s technology vendors.
-Member of the Incident Response Team.
-Assist in developing and documenting Information Security department procedures and security awareness training.
-Prepare and assist with audits and regulatory examinations.
-Review and “audit” activity/changes reported on daily, weekly and monthly reports.
-Perform periodic verification of user access to critical systems and privileged user reviews.
-Conduct a variety of periodic reviews to verify compliance with IT and information security policies.
-Run the Bank’s phishing and email social engineering software and reports results to the VP, ISO.
2019 : 2019
United Bank
Information Security Coordinator
-Review and “audit” activity/changes reported on daily, weekly and monthly reports.
-Perform periodic verification of user access to critical systems and privileged user reviews.
-Conduct a variety of periodic reviews to verify compliance with IT and information security policies.
-Review Service Organization Controls reports of the Bank’s technology vendors.
-Run the Bank’s phishing and email social engineering software and reports results to the VP, ISO.
-Assist with monitoring and follow-up on alerts received from various monitoring tools.
-Record results of reviews and escalates exceptions to the ISO, where needed.
-Assist with maintenance of the risk assessment application(s) and coordinate risk assessment activities together with the Information Security Risk Analyst.
-Provide assistance in reviewing vulnerability assessments and compiling metrics for management reporting.
-Provide assistance in conducting technical/security reviews of proposed new technologies.
-Assist in performance of risk assessments of new and existing information assets hosted internally and externally by Bank vendors.
-Execute and report results of email social engineering/phishing tests.
-Perform periodic ‘clean desk’ walkthroughs of Bank departments.
-Compile metrics from various Information Security activities and prepare reports, charts and graphs for management and Board reporting.
-Update existing procedures or documents new procedures, where needed. Assist in preparation for audits and regulatory examinations.
-Work closely with other Information Security team members as well as all levels of personnel in the IT, Vendor Management, Risk Management, Payment Operations and other departments.
2018 : 2019
United Bank
Information Security Specialist
-Assist in the training of students preparing to enter the Information Technology field. Create training presentations focusing on cyber-crime and cyber-security.
2018 : 2018
DCI Resources, LLC
Teaching Assistant
Company:
Travelers
Years of Experience:
24
Skills
Access Control, Claim, Claims Management, Commercial Insurance, Customer Service, Cyber-security, Cyber Defense, Cyber Insurance, Cybersecurity, Cyber Threat Intelligence (CTI), Data Governance, Defense, DLP, English, Forcepoint, Incident Response, Information Assurance, Information Security, Information Security Awareness, Insurance, Leadership, Liability, LogRhythm, Management, Mediation, Military, National Security, National Security Strategy, Negotiation, Palo Alto Networks, Personal Injury, Property & Casualty Insurance, Research, Risk Management, Security Audits, Security Information and Event Management (SIEM), Security Risk, Social Engineering, Team Leadership, Threat & Vulnerability Management, Vulnerability Scanning, Property & Casualty
About
Strong information security professional with a Masters degree in National Security/Information Security from University of New Haven. Experience handling DLP, SIEM, various cybersecurity audit functions and company phishing programs. Responsible for numerous audits including CAT Cyber security Assessment, SWIFT and NYDFS. Marine corps veteran.
Profile Photo
