Profiles search

Brian Hackney, CISSP, NXA

Senior Manager, Information Security
Round Rock, TX, United States

Details

Education: Master of Engineering (M.Eng.)

Engineering/Industrial Management

Old Dominion University

2009 : 2012

Bachelor’s Degree

Construction Engineering

Texas A&M University

2001 : 2004
Experience: Leading security expert, reporting to the Chief Information Officer for security operations and administration. Responsible for policy development, security compliance, vulnerability remediation, data loss prevention, incident response, and security technology refresh.

- Fully automated the vulnerability scan cadence across all departments, and developed the company’s first remediation methodology, resulting in a 22% reduction in risk in 2017.

- Authored company’s first security review process for configuration changes, allowing for a 15% infrastructure expansion at a near-zero increase in security risk.

- Architect for the Data Loss Prevention Transition Project, which transferred all DLP policies and rules to a lower-cost alternative, resulting in a cost savings of $55k/yr.

2019 : Present

Vista Equity Partners

Senior Manager, Information Security

Leads strategic and operational planner; responsible for providing comprehensive security operations and assessment work;

- Authored company’s first formal Infosec Policy Program, including critical updates to WISP, IRP, and AUP Policies

- Developed the first formal SOC reporting process for prioritizing Indicators of Compromise (IOC)

- Architect for the Data Loss Prevention Strategic Roadmap, including enhancements in endpoint, cloud, and removable media

- Introduced phishing triage automation capabilities that reduced manual Tier-1 analysis of reported phishes by 97%

- Lead the Proof of Concept testing for new security technologies, responsible for implementing security improvements across all portfolio companies

2016 : 2019

TriNet

Information Security Manager

- Led 38 IT personnel in conducting security compliance and continuous monitoring

- Builds collaborative relationships with IS business owners for allocation of IT team resources

- Interfaces with leadership to ensure strategic alignment with long-term program goals

- Developed strategic and operational guidelines for deployed IT team operations

- Optimized performance of incident response teams using lab and IT-range environments

- Designed and implemented IT risk management process for directing follow-on assignments

- Designed automated data sharing application for global use by defensive cyber forces

- Created standardized reporting templates for deployed defensive cyberspace operators

2013 : 2016

United States Strategic Command

Deputy Chief, Plans Branch - Joint Cyber Center

Information Systems (Cybersecurity) Officer, Jan 2010 - May 2016

Submarine Nuclear Reactor Officer, Dec 2004 - Jan 2010

2004 : 2016

US Navy

Naval Officer

- Cultivated strategic vision for future of Navy information security policies and practices

- Matured the Navy security controls audit program to an equivalent CMMI Lvl 3

- Managed directorate-wide training program for information assurance curriculum

- Led 9 IT personnel in conducting over 100 successful cybersecurity audits

- Designed the US Navy's first NIST/NISPOM compliant information systems self-assessment

- Co-authored the Navy Cyber Forces Cybersecurity and Information Assurance Handbook

- Personally trained junior personnel on STIG implementation and vulnerability scanning

- Conducted vulnerability scans, analyses, and remediation on Windows clients/servers

- Configured routers and HIPS to meet DoD requirements

- Rewrote US Navy Information Assurance Manager’s Course to meet NIST 800-53 standards

2010 : 2012

Navy Cyber Forces Command

Manager, IT Audit (Cybersecurity Inspection Team Lead)
Company: Vista Equity Partners
Years of Experience: 30
Spoken Language: English

Skills

Business Process Improvement, Business Strategy, C4ISR, C4ISR Systems, Computer Network Operations, Cyber-security, Cybercrime, Cyber Defense, Cyber Operations, Cyberspace Law, Cyber Warfare, Disaster Recovery, Electronic Warfare, Engineering Management, Firewalls, Host Intrusion Prevention, Information Assurance, Information Management, Information Security, Information Security Awareness, Information Security Governance, Information Security Management, Information Technology, Information Technology Training, Intrusion Detection, IT Audit, IT Management, IT Strategy, IT Transformation, Joint Military Operations, Joint Operations, Joint Planning, Microsoft Excel, Navy, Network Security, Nuclear Engineering, Operational Risk Management, Operations Management, Process Improvement, Project Management, Project Planning, Risk Management, Strategic Planning, Team Leadership

About

A cybersecurity jack of all trades: player-coach, manager, and project coordinator with 23 years of experience in strategic and technical operations roles, with 14 years in cybersecurity. I started as an IT Auditor in training in 2009 and fell in love with the job. My current skillset is focused on strategic planning, cultural advocacy, security controls governance, risk assessment and remediation, security operations center practices, data loss prevention, vendor management, policy/process development, and security awareness. I’m also capable of providing value in security architecture/engineering programs. If you know what you need, I can help you get it established. If you don’t, I can help get you answers.