Matt M.

Information Security Leader @ Kemper | Head of Cybersecurity Operations

Dallas, TX, United States

Details

Experience: Responsible for continuous improvement of defensive Cybersecurity Operations, Incident Response, and Vulnerability Management. Major advisor to CISO/CTO/CIO in all Information Security matters.

Current certifications : CISSP, CISM, GCIA, GCED, GSEC, GCCC; GIAC Advisory Board.

2023 : Present

Kemper

AVP Information Security

• Executed a plan addressing attack surface cyber risk reducing cyber insurance costs by 30%.

• Established a risk assessment process to quickly assess and approve requests from business and technology units.

• Established a robust managed detection and response program improving incident response key performance indicators.

• Expanded cybersecurity use cases to detect and contain modern threats to cloud and on-prem business systems.

• Expanded the vulnerability management program to cover a growing cloud footprint increasing asset and vulnerability discovery by 25%.

• Improved enterprise-wide incident response processes facilitating purple team exercises and executive tabletops.

2022 : 2023

Kemper

Director Cybersecurity Operations

I built and led the Cybersecurity Operations Center (CSOC) and Incident Response program for a national ISP-telecom.

• Expanded cybersecurity operations, hiring and maturing a large team of high caliber cyber defenders.

• Established an effective program to train defensive cybersecurity skills in house.

• Fostered an environment of learning and professional growth for all defenders, resulting in an extremely low turnover rate. Something very rare in cybersecurity operations.

• Matured capabilities, processes, and use cases reducing meantime to detect and mean time to respond key performance indicators.

• Established enterprise threat hunting operations to detect Advanced Persistent Threats and zero-day Indicators of Compromise in the environment.

• Led all major cyber incident response efforts across the enterprise containing threat actors before accessing critical data.

• Built a robust user awareness training program from the ground up.

• Major adviser to the CISO and CDIO in all Information Security matters.

• Authored company policies for data classification, system security, and critical controls.

• Gartner CISO Coalition participant.

• Authored and tested the company Incident Response plan.

• Facilitated third-party auditors ensuring successful review of PCI-DSS security controls and monitoring.

• Provided latest threat intelligence in a meaningful way to relevant stakeholders.

• Provided expertise to shape company policy regarding controls, acceptable use, and industry best practices.

2020 : 2022

Frontier Communications

Sr. Manager Cybersecurity Operations

Stopped by for a quick cup of coffee.

2020 : 2020

JCPenney

Sr. Manager Cybersecurity Operations

Established cybersecurity operations for a national telecom/ISP.

• Hired and trained a team of analysts focused on defending the enterprise.

• Defined processes and playbooks for security event triage and response.

• Coordinated Purple Team exercises to train analysts in current threat detection.

• Led Incident Response efforts while working with internal and external stakeholders across organizations.

2019 : 2020

Frontier Communications

Sr. Manager Cybersecurity Operations

Company: Kemper

About

I am a leader with experience in cybersecurity operations, incident response, and vulnerability management for large and complex technology environments. As the AVP Information Security at Kemper, I am a major advisor to the CISO/CTO/CIO in all information security matters, providing risk-based solutions and strategic guidance to protect and enable the business objectives of the organization.

In my previous roles, I have demonstrated my ability to build, expand, and mature effective information security programs from the ground up, achieving significant results and improvements in key performance indicators, such as reducing cyber insurance costs by 30%, increasing asset and vulnerability discovery by 25%, and decreasing mean time to detect and respond to cyber threats. I have also cultivated a culture of learning and professional growth for my team of high caliber cyber defenders, resulting in an extremely low turnover rate. My mission is to leverage my skills, credentials, and domain expertise in cybersecurity to defend technology environments from cyber threats and empower business and technology units with risk-aware solutions.