Profiles search
Jared Newton
Technical Program Manager, Information Security at Bill & Melinda Gates Foundation
Seattle, WA, United States
Details
Education:
Bachelor's
International Security and Conflict Resolution
San Diego State University
2005 : 2007
Associate's
Math, Science, and Engineering
De Anza College
2003 : 2005
International Security and Conflict Resolution
San Diego State University
2005 : 2007
Associate's
Math, Science, and Engineering
De Anza College
2003 : 2005
Experience:
Identify and reduce risk across the foundation through pro-active engagement with IT and business teams to design and implement security solutions while educating and improving awareness around security.
● Lead the Information Security Engagement program (internal risk consulting) for the foundation and affiliated entities globally
● Act as a trusted technical security advisor to all levels of the organization for a variety of information security projects (endpoint, mobile, infrastructure, cloud, network, etc.)
● Develop a complete Information Security Training & Awareness program and regularly deliver training to teams and program staff
● Act as a subject matter expert and leader in a technical capacity to drive vision and results that enhance the overall security posture at the foundation
● Relationship development and security alignment with operational and program teams
● Continuously mature the Information Security program to better assess risks and provide innovative countermeasure solutions that appropriately balance security and business objectives
● Evaluation & assessment of compliance to regulations and policies using industry standard methodologies (NIST, PCI, GDPR, etc.)
2019 : Present
Bill & Melinda Gates Foundation
Technical Program Manager, Information Security
Ensures the security of the foundation's information assets and systems through a systematic and proactive approach that balances risk with business requirements and outcomes.
● Engineered and built enterprise solutions (Endpoint Detection and Response (EDR), Email Security, Mobile Security, etc.) to improve security and drive continuous maturity
● Participated in architectural reviews and defined the vision of technologies and services needed for protecting customer data while enabling internal and external users to work more effectively
● Evaluated proposed technology solutions for adherence to documented company standards, policies, and regulatory responsibilities
● Responsible for security logging, endpoint protection, forward proxy, vulnerability management, system hardening, and monitoring technologies for the enterprise
● Executed the mission of the information security program including : risk assessments, controls design, standards development, awareness and communication, and incident response
● Collaborated across all levels of the organization, creating partnerships to decrease or eliminate information security risk
2018 : 2019
Bill & Melinda Gates Foundation
Senior Information Security Consultant
Act as a principal security engineering resource and mature the Platform Security program. Focused on mentoring junior engineers and implementing best practices for policy, process, and documentation while simultaneously leading the organization to the secure adoption of cloud services
● Engineered and built enterprise solutions to provide a secure foundation for continued maturity
● Secured multiple Azure environments by utilizing Azure Security features, custom Proxy configurations (BlueCoat), and the implementation of a Cloud Access Security Broker (CASB)
● Created a Cloud Security Program to prepare and safeguard the organization as it moved more heavily into adopting Cloud Solutions (IaaS, PaaS, and SaaS offerings from various vendors)
● Participated in architectural reviews and defined the vision of technologies and services needed for protecting customer data while enabling internal and external users to work more effectively
● Evaluated any proposed technology solution for adherence to documented company standards, policies, and regulatory responsibilities
● Worked across IT and the business to understand the coming needs for the users so solutions could be developed proactively
● Responsible for security logging, endpoint protection, cloud security, forward proxy, vulnerability management, system hardening, and monitoring technologies for the enterprise
2018 : 2018
Premera Blue Cross
Sr. Information Security Engineer
As a Subject Matter Expert (SME) in Data Protection I focus on Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) technologies, providing strategic guidance on the design, development, functionality, operations, innovation, and management of industry leading Data Protection programs and initiatives for my clients.
• Assess, evaluate, and provide valuable expertise on various DLP and CASB solutions in the market
• Design, build, and tune DLP and CASB policies and rules to meet client requirements
• Administer, support, implement, and operationalize DLP and CASB solutions
• Manage multiple projects and work streams to ensure comprehensive and timely execution against identified requirements and milestones
• Mature existing Data Protection programs/efforts to include greater coverage of sensitive and confidential information
• Create program/project materials including overall design, requirements, and process documents, training materials, reports/forms, and any other documents based on client’s needs
• Manage DLP and CASB infrastructure and provide expertise and guidance regarding upgrades and maintenance
• Gain efficiencies through improvements to processes, education & awareness, relationship building, and training
• Provide strategic guidance to senior management of data security focused companies on industry trends and gaps that could impact the success of business or product
• Innovate and develop new techniques and technologies for the protection of data within a corporate network, on computer endpoints, or on Cloud Storage & Collaboration Platforms
• Design new products focused on identifying and securing data in Cloud Storage & Collaboration Platforms
• Define Product Requirement Documents (PRD) for the development of class leading security products and features
• Communicate effectively and act as a liaison between various technical and non-technical groups within the client’s business, their board members, and external customers
2014 : 2018
JN(R) Consulting
Freelance Data Protection Consultant
Provide guidance/mentorship, architectural design, engineering support, and administration of IT Security controls including Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Anti-Vitus, Splunk Security Incident and Event Management (SIEM), and Metasploit Pro, while creating a Cybersecurity Assurance Red Team function to perform continuous assessments of overall security for the enterprise.
• Provide expert level architecture, engineering, and administrative support IT Security controls
• Creation and improvement of Security policies and procedures to meet IT Security and Business requirements
• Create and lead the Cybersecurity Assurance Red Team to provide constant pro-active security assessment of the entire enterprise and third part partners
• Provide guidance to drive improvement in Cyber Defense, Vulnerability Management, Penetration Testing/Red Team, and Incident Response
• Mentor junior Security resources to increase knowledge, skills, and capabilities within the org.
• Expand Data Protection capabilities with preventative controls, new technologies, and awareness
• Manage and coordinate internal projects to ensure accurate and timely execution of key project/engagement deliverables
• Provide expert security guidance around Cloud solutions, Mergers & Acquisitions, and SDLC
• Develop, implement, and improve Data Security controls in the Cloud (Office 365, Yammer, etc.)
• Implementation of Splunk infrastructure with a focus on Security correlation across the enterprise
• Drive development of Splunk Enterprise Security monitoring, dashboards, and alerts
• Deploy and Administer Symantec Endpoint Protection (SEP) Antivirus across the enterprise
• Create program materials including process documents, training materials, policies and standards, audit systems, reports/forms as well as a central repository for collaboration, distribution, and management of IT Security materials and resources
2015 : 2018
Blue Shield of California
IT Security Engineer / Cybersecurity Assurance Red Team, Lead
● Lead the Information Security Engagement program (internal risk consulting) for the foundation and affiliated entities globally
● Act as a trusted technical security advisor to all levels of the organization for a variety of information security projects (endpoint, mobile, infrastructure, cloud, network, etc.)
● Develop a complete Information Security Training & Awareness program and regularly deliver training to teams and program staff
● Act as a subject matter expert and leader in a technical capacity to drive vision and results that enhance the overall security posture at the foundation
● Relationship development and security alignment with operational and program teams
● Continuously mature the Information Security program to better assess risks and provide innovative countermeasure solutions that appropriately balance security and business objectives
● Evaluation & assessment of compliance to regulations and policies using industry standard methodologies (NIST, PCI, GDPR, etc.)
2019 : Present
Bill & Melinda Gates Foundation
Technical Program Manager, Information Security
Ensures the security of the foundation's information assets and systems through a systematic and proactive approach that balances risk with business requirements and outcomes.
● Engineered and built enterprise solutions (Endpoint Detection and Response (EDR), Email Security, Mobile Security, etc.) to improve security and drive continuous maturity
● Participated in architectural reviews and defined the vision of technologies and services needed for protecting customer data while enabling internal and external users to work more effectively
● Evaluated proposed technology solutions for adherence to documented company standards, policies, and regulatory responsibilities
● Responsible for security logging, endpoint protection, forward proxy, vulnerability management, system hardening, and monitoring technologies for the enterprise
● Executed the mission of the information security program including : risk assessments, controls design, standards development, awareness and communication, and incident response
● Collaborated across all levels of the organization, creating partnerships to decrease or eliminate information security risk
2018 : 2019
Bill & Melinda Gates Foundation
Senior Information Security Consultant
Act as a principal security engineering resource and mature the Platform Security program. Focused on mentoring junior engineers and implementing best practices for policy, process, and documentation while simultaneously leading the organization to the secure adoption of cloud services
● Engineered and built enterprise solutions to provide a secure foundation for continued maturity
● Secured multiple Azure environments by utilizing Azure Security features, custom Proxy configurations (BlueCoat), and the implementation of a Cloud Access Security Broker (CASB)
● Created a Cloud Security Program to prepare and safeguard the organization as it moved more heavily into adopting Cloud Solutions (IaaS, PaaS, and SaaS offerings from various vendors)
● Participated in architectural reviews and defined the vision of technologies and services needed for protecting customer data while enabling internal and external users to work more effectively
● Evaluated any proposed technology solution for adherence to documented company standards, policies, and regulatory responsibilities
● Worked across IT and the business to understand the coming needs for the users so solutions could be developed proactively
● Responsible for security logging, endpoint protection, cloud security, forward proxy, vulnerability management, system hardening, and monitoring technologies for the enterprise
2018 : 2018
Premera Blue Cross
Sr. Information Security Engineer
As a Subject Matter Expert (SME) in Data Protection I focus on Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) technologies, providing strategic guidance on the design, development, functionality, operations, innovation, and management of industry leading Data Protection programs and initiatives for my clients.
• Assess, evaluate, and provide valuable expertise on various DLP and CASB solutions in the market
• Design, build, and tune DLP and CASB policies and rules to meet client requirements
• Administer, support, implement, and operationalize DLP and CASB solutions
• Manage multiple projects and work streams to ensure comprehensive and timely execution against identified requirements and milestones
• Mature existing Data Protection programs/efforts to include greater coverage of sensitive and confidential information
• Create program/project materials including overall design, requirements, and process documents, training materials, reports/forms, and any other documents based on client’s needs
• Manage DLP and CASB infrastructure and provide expertise and guidance regarding upgrades and maintenance
• Gain efficiencies through improvements to processes, education & awareness, relationship building, and training
• Provide strategic guidance to senior management of data security focused companies on industry trends and gaps that could impact the success of business or product
• Innovate and develop new techniques and technologies for the protection of data within a corporate network, on computer endpoints, or on Cloud Storage & Collaboration Platforms
• Design new products focused on identifying and securing data in Cloud Storage & Collaboration Platforms
• Define Product Requirement Documents (PRD) for the development of class leading security products and features
• Communicate effectively and act as a liaison between various technical and non-technical groups within the client’s business, their board members, and external customers
2014 : 2018
JN(R) Consulting
Freelance Data Protection Consultant
Provide guidance/mentorship, architectural design, engineering support, and administration of IT Security controls including Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Anti-Vitus, Splunk Security Incident and Event Management (SIEM), and Metasploit Pro, while creating a Cybersecurity Assurance Red Team function to perform continuous assessments of overall security for the enterprise.
• Provide expert level architecture, engineering, and administrative support IT Security controls
• Creation and improvement of Security policies and procedures to meet IT Security and Business requirements
• Create and lead the Cybersecurity Assurance Red Team to provide constant pro-active security assessment of the entire enterprise and third part partners
• Provide guidance to drive improvement in Cyber Defense, Vulnerability Management, Penetration Testing/Red Team, and Incident Response
• Mentor junior Security resources to increase knowledge, skills, and capabilities within the org.
• Expand Data Protection capabilities with preventative controls, new technologies, and awareness
• Manage and coordinate internal projects to ensure accurate and timely execution of key project/engagement deliverables
• Provide expert security guidance around Cloud solutions, Mergers & Acquisitions, and SDLC
• Develop, implement, and improve Data Security controls in the Cloud (Office 365, Yammer, etc.)
• Implementation of Splunk infrastructure with a focus on Security correlation across the enterprise
• Drive development of Splunk Enterprise Security monitoring, dashboards, and alerts
• Deploy and Administer Symantec Endpoint Protection (SEP) Antivirus across the enterprise
• Create program materials including process documents, training materials, policies and standards, audit systems, reports/forms as well as a central repository for collaboration, distribution, and management of IT Security materials and resources
2015 : 2018
Blue Shield of California
IT Security Engineer / Cybersecurity Assurance Red Team, Lead
Company:
Bill & Melinda Gates Foundation
Years of Experience:
12
Skills
Active Directory, Antivirus, Application Security, Business Continuity, CASB, Cloud Security, Computer Forensics, Computer Security, Corporate Security, Data Loss Prevention, Data Privacy, Data Security, Digital Forensics, DLP, EnCase, Encryption, Endpoint Security, Firewalls, Forensic Analysis, Incident Response, Information Security, Information Security Management, Information Technology, Intrusion Detection, Investigation, Investigations, IPS, ISO 27001, McAfee, Network Security, PCI DSS, Penetration Testing, Physical Security, Private Investigations, Risk Assessment, Risk Management, Security, Security Architecture Design, Security Audits, Security Awareness, Security Information, Security Management, SEIM, Solution Architecture, Splunk, Threat Assessment, Vontu, Vulnerability Assessment, Vulnerability Management, Workplace Violence
About
I am a dedicated Cyber Security professional with a proven record as a technical program manager leading programs such as Data Protection, Risk Management, Security Training, etc. I have in-depth experience providing vision and maturing Cyber Security programs at both the strategic and operational level. My technical expertise includes engineering and administration of a wide breadth of Cyber Security technologies, developing and improving processes, creating thorough documentation, and successfully delivering projects. My knowledge and experience has allowed me to guide companies to establish consistent and measurable approaches to identify and reduce risk. This diverse background positions me to create compelling security strategy, define technical architecture, and mentor teams to meet any company’s goals. Communications and relationship building are two of my most valuable skills for achieving these goals; they allow me to easily liaise between technical and non-technical groups as well as senior leadership and customers.
Profile Photo
