Profiles search

Karl Fritz

Information Security Manager at Mayo Clinic
Rochester, MN, United States

Details

Education: B.S. degree

electrical engineering; electrical engineering courses

University of Wisconsin-Milwaukee

1990 : 1996

St. Veronicas
Experience: 2020 : Present

Mayo Clinic

Information Security Manager

Led assessments to evaluate the security posture of people, processes, and technology used to ensure patient’s needs are being met in the safest manner possible. Worked with leadership and stakeholders to design and perform exercises that evaluate the organization’s security posture against identified risks.

Led the creation of a “Red Team” service line. Assessed the effectiveness of detection and incident response controls at Mayo Clinic that included a report containing technical findings and recommendations. Example controls assessed are custom SIEM alarms, anti-virus (end point and network), data loss protection, and inter-team communication.

2016 : 2020

Mayo Clinic

Principal Information Security Engineer

Responsible for performing vulnerability assessments on Mayo Clinic assets to help ensure that needs of our patients are being met in the safest manner possible. A large part of this task includes performing vulnerability assessments on medical devices, but also includes systems that are an integral part of Mayo Clinic's infrastructure. This is accomplished by way of (but not limited to) manual and automated vulnerability assessments of host configurations, web applications, host applications, network controls, and physical controls.

2013 : 2016

Office of Information Security - Mayo Clinic

Senior Information Security Engineer

Senior Engineer and Project Manager – Systems Design Group

• Designed circuit architectures to protect 1 Tbps network traffic over a public network using independent, parallel architectures using the IPSec (IPv4) protocol framework; One result of this architecture and design activity is that it provided insight into how to process multiple packets each clock cycle

• Developed novel ways to improve throughput performance of parallel AES-GCM hardware; Designed efficient multipliers and right-to-left binary exponentiation circuits to mitigate pipeline stalls typically caused by pre-calculation of variables used in Galois Authentication

• Performed hardware architecture studies to identify size, bandwidth, and location of various IPSec-like security databases within a network appliance that can parallel-process multiple packets in each clock cycle; The result of this study described the resource tradeoffs needed to properly classify and encapsulate /decapsulate multiple packets in a clock cycle at 1 Tbps

• Led multiple projects for both external and internal sponsors with budgets up to $1M, including authoring proposals, white papers and final reports

• Presented progress and results at meetings for Mayo and Government sponsors, stakeholders, and peers, resulting in additional funding for continued work

2011 : 2013

SPPDG - Mayo Clinic

Senior Project Engineer

Team Lead – IC Design Group

• Led Integrated Circuit Design Group by conducting weekly one-on-one sessions, managing individual workloads, providing timely feedback, performing formal performance reviews, and mentoring junior engineers; Result of increased communication with directs resulted in high morale and high level of trust

• Reviewed monthly contract reports, project summary reports, and program proposals for style and grammar; Provided comments where necessary to improve documents destined for external readers

• Managed group resources, including computer aided design and simulation tools (>$1.5M original cost; ~$150k annual maintenance)

• Supported technical efforts through design of analog, digital, and mixed-signal cells and circuits

• Performed transient and digital simulation analysis

2003 : 2011

SPPDG - Mayo Clinic

Team Lead of IC Design Group
Company: Mayo Clinic
Years of Experience: 30

Skills

algorithms, Analysis, architectures, ASIC, circuit design, cmos, electronics, encryption, FPGA, Hardware, hardware architecture, Information Security, Medical Devices, operational security, Programming, Python, reverse engineering, RF, risk assessment, Security, security services, simulations, system architecture, systems engineering, team leadership, unix, verilog, vulnerability assessment

About

Information Security Manager leading a team tasked to improve the security of Mayo Clinic. 24 years of technical and managerial experience in the design and assessment of systems and components for military and medical applications. Likes to stay current with knowledge of information security tools, techniques, and people in the industry that may result in a solution or efficiency for a given problem or task. Experienced with project initiation and management, team management and mentoring, analysis and design, product research and development. Previously held a US Government clearance.