Profiles search
Alex Won
Senior Director, Information Security at Wolfspeed
Durham, NC, United States
Details
Education:
University of Washington
1987 : 1992
California Lutheran University
2006 : 2009
1987 : 1992
California Lutheran University
2006 : 2009
Experience:
Reporting to CIO, responsible for Information Security, Data Privacy and Protection, Identity and Access Management, Governance, Risk and Compliance globally.
2013 : Present
Wolfspeed
Senior Director, Information Security
Reporting to CIO, responsible for Cree’s Information Security, Data Privacy and Protection, Identity and Access Management, Governance, Risk and Compliance globally.
2021 : 2021
Cree
Senior Director, Information Security
Reporting to CIO, responsible for Cree’s Information Security, Data Privacy and Protection, Governance, Risk and Compliance globally.
2020 : 2021
Cree
Director, Governance Risk and Compliance
• Technical hands-on manager for team of 5, responsible for all aspects of Information Security operations serving multiple roles as information security architect, security engineer, incident responder, project manager, forensics analyst and internal SME/consultant
• Built Information Security infrastructure from ground up with careful consideration given to budget constraints and availability of Information Security resources to build and manage components effectively and efficiently
• Led evaluation, design and deployment of Information Security infrastructure
- Managed SIEM deployment - McAfee Enterprise Security Manager (ESM) managed by Optiv
- Privileged Account Management - CyberArk Privileged Account Management
- Email Protection - Proofpoint Targeted Attack Protection
- Insider Threat Protection - Varonis DatAdvantage and DatAlert
- Forensics - EnCase Enterprise 7
• Led re-architecting of existing Symantec Endpoint Protection infrastructure with 6 SEPM severs and 8,000 endpoints
- Completely overhauled all aspects of SEPM from new client group structure to all new policies
- Implemented creative solution to leverage SEP for insider threat monitoring
- Authored SEP Management and Administration SOP
• Current portfolio of projects include
- In process of deploying Carbon Black to all workstations and servers
- In process of implementing outsourcing/staff augmentation with KPIT where KPIT will provide day-to-day operations and serving as first responders to all alerts and incidents
• Continuously document and refine repeatable processes to promote consistent, repeatable and scalable security operations
• Responsible for mentoring and developing junior analysts
• Research and recommend emerging technologies to improve security posture in a dynamic threat landscape
2013 : 2020
Cree
IT Security Leader
• Lead E-Discovery engineer with expertise in all aspects of E-Discovery procedures, collection and preservation of digital evidence, working extensively with Legal to ensure accurate and timely delivery
• Lead forensic investigator with expertise in all aspects of digital forensics and analysis, working closely with HR, Legal and Compliance to ensure accurate and timely analysis while maintaining absolute confidentiality and integrity of the investigations
• Leading Computer Security Incident Response Team of 4 direct reports, responsible for resolving all computer security incidents
- Authored Computer Security Incident Response SOP and Manuals
• Led evaluation, design and deployment of following security systems :
- Enterprise logging infrastructure (Syslog, Symantec SIM, and LogLogic)
- Gigamon Matrix Switch
- Advanced Malware Analyzers
• Currently leading projects to design and deploy the following security systems :
- Enterprise SIEM enhancements
- Netflow Analyzer
- SourceFire IDS Deployment
- Zero-Day Threat Management
- Deep Packet Analysis and Packet Capture System
- Laptop Hardening for Travelers to Risky Countries
• Serve as Information Security SME on the following projects :
- AD Monitoring and Reporting
- Firewall Reporting and Analysis
• Provide ongoing day-to-day operations :
- Manage Dell SecureWorks Security Operations
- Provide technical expertise for ongoing Security Assessments
- Lead InfoSec SME and primary point of contact for Wintel, Unix, Network and Desktop groups
- System owner of Logging Infrastructure
- System owner of IDPS infrastructure
• Provide Security Awareness training to employees and contractors
- Present security policy overview at new-hire orientation
- Teach @Home Security classes to internal staff
• Research emerging threat landscape and provide analysis and recommendations across IS peer groups
2008 : 2013
Amgen
IS Security Engineer
2013 : Present
Wolfspeed
Senior Director, Information Security
Reporting to CIO, responsible for Cree’s Information Security, Data Privacy and Protection, Identity and Access Management, Governance, Risk and Compliance globally.
2021 : 2021
Cree
Senior Director, Information Security
Reporting to CIO, responsible for Cree’s Information Security, Data Privacy and Protection, Governance, Risk and Compliance globally.
2020 : 2021
Cree
Director, Governance Risk and Compliance
• Technical hands-on manager for team of 5, responsible for all aspects of Information Security operations serving multiple roles as information security architect, security engineer, incident responder, project manager, forensics analyst and internal SME/consultant
• Built Information Security infrastructure from ground up with careful consideration given to budget constraints and availability of Information Security resources to build and manage components effectively and efficiently
• Led evaluation, design and deployment of Information Security infrastructure
- Managed SIEM deployment - McAfee Enterprise Security Manager (ESM) managed by Optiv
- Privileged Account Management - CyberArk Privileged Account Management
- Email Protection - Proofpoint Targeted Attack Protection
- Insider Threat Protection - Varonis DatAdvantage and DatAlert
- Forensics - EnCase Enterprise 7
• Led re-architecting of existing Symantec Endpoint Protection infrastructure with 6 SEPM severs and 8,000 endpoints
- Completely overhauled all aspects of SEPM from new client group structure to all new policies
- Implemented creative solution to leverage SEP for insider threat monitoring
- Authored SEP Management and Administration SOP
• Current portfolio of projects include
- In process of deploying Carbon Black to all workstations and servers
- In process of implementing outsourcing/staff augmentation with KPIT where KPIT will provide day-to-day operations and serving as first responders to all alerts and incidents
• Continuously document and refine repeatable processes to promote consistent, repeatable and scalable security operations
• Responsible for mentoring and developing junior analysts
• Research and recommend emerging technologies to improve security posture in a dynamic threat landscape
2013 : 2020
Cree
IT Security Leader
• Lead E-Discovery engineer with expertise in all aspects of E-Discovery procedures, collection and preservation of digital evidence, working extensively with Legal to ensure accurate and timely delivery
• Lead forensic investigator with expertise in all aspects of digital forensics and analysis, working closely with HR, Legal and Compliance to ensure accurate and timely analysis while maintaining absolute confidentiality and integrity of the investigations
• Leading Computer Security Incident Response Team of 4 direct reports, responsible for resolving all computer security incidents
- Authored Computer Security Incident Response SOP and Manuals
• Led evaluation, design and deployment of following security systems :
- Enterprise logging infrastructure (Syslog, Symantec SIM, and LogLogic)
- Gigamon Matrix Switch
- Advanced Malware Analyzers
• Currently leading projects to design and deploy the following security systems :
- Enterprise SIEM enhancements
- Netflow Analyzer
- SourceFire IDS Deployment
- Zero-Day Threat Management
- Deep Packet Analysis and Packet Capture System
- Laptop Hardening for Travelers to Risky Countries
• Serve as Information Security SME on the following projects :
- AD Monitoring and Reporting
- Firewall Reporting and Analysis
• Provide ongoing day-to-day operations :
- Manage Dell SecureWorks Security Operations
- Provide technical expertise for ongoing Security Assessments
- Lead InfoSec SME and primary point of contact for Wintel, Unix, Network and Desktop groups
- System owner of Logging Infrastructure
- System owner of IDPS infrastructure
• Provide Security Awareness training to employees and contractors
- Present security policy overview at new-hire orientation
- Teach @Home Security classes to internal staff
• Research emerging threat landscape and provide analysis and recommendations across IS peer groups
2008 : 2013
Amgen
IS Security Engineer
Company:
Wolfspeed
Years of Experience:
24
Skills
Analytical Skills, behavioral analytics, CISSP, Computer Forensics, Computer Security, Cyber-security, Cyber Defense, Cybersecurity, Data Privacy, Data Security, Disaster Recovery, enterprise software, Firewalls, GCFA, giac, Identity & Access Management (IAM), IDS, Incident Response, Information Security, Information Security Management, Information Technology, IT Operations, IT Security Operations, Leadership, Malware Analysis, Management, Microsoft PowerPoint, Networking, Network Security, Penetration Testing, Process Improvement, Risk Management, Security, Security Architecture Design, Security Audits, Security Awareness, Security Policy, Switches, System Administration, system deployment, Threat & Vulnerability Management, Unix, User Requirements, vendor management, VMware, vulnerability assessment, Vulnerability Management, Vulnerability Scanning, Windows Server, Written Communication, Security Architecture
About
Specialties: CISSP
MCSE 2003 + Security
GSEC
GCFA
SIEM SME
E-Discovery
Computer and Network Forensic Investigation
Security Incident Handling
Security Project Management
Security Architecture
Profile Photo
