Profiles search
Scott Kerber
Insider Threat Analyst - Information Security at State Farm ®
Dallas, TX, United States
Details
Experience:
In my current position, I'm a member of the insider threat team responsible for investigating potential and confirmed insider threat incidents. My focus area is insider threat hunting.
2022 : Present
State Farm ®
Insider Threat Analyst - Information Security
In this position, I led a team responsible for supporting and maturing the organization's User and Entity Behavior Analytics (UEBA) solutions and security detection engineering processes for supporting insider threat detection, security incident response, and various other business functions for State Farm.
2019 : 2022
State Farm ®
Security Analytics Analyst - Information Security
In this position, I participated in the creation of a team responsible for supporting and maturing the integrated Information Security Incident Response framework and plans for the organization. These plans outline how key departments work together to respond to Information Security/Cyber Security related incidents.
These responsibilities also include the development of exercises and drills to allow the organization to practice response to these types of incidents in a safe environment and proactively improve the core capabilities for responding and recovering from these types of incidents.
I also coordinate after action evaluations to assess strengths and areas for improvement based on these simulated events and real incidents that occur.
2016 : 2019
State Farm
Security Analyst - Information Security
In this position, I was responsible for providing asset management architecture support for maturing the Information Security Program for State Farm.
My key responsibility was collaborating with security personnel on defining and overseeing the implementation/integration of organizational asset and configuration management systems, and their information, into security program tools and processes.
This information was fundamental for identifying, assessing, and managing the threats, vulnerabilities, controls, and risks associated with groups of assets or individual assets. In this position, I frequently educated my peers and the teams they supported on how this information could optimize or automate various aspects of their daily responsibilities.
2015 : 2016
State Farm
Security Analyst - Information Security Architecture
In this position, I was responsible for providing strategic application, data, and technical architecture direction and support for Asset Management and Configuration Management.
My responsibilities included continually assessing the strengths, new opportunities, and gaps in the organizations asset and configuration Management processes and systems, and supporting the operational teams in escalated risks and issues that we faced.
This involved collaborating with internal business partners from various departments to understand their unique needs, working with third party consulting firms to understand industry trends and best practices, researching consumer out-of-the box software, available internally developed software, and in some cases defining new requirements and specifications for software solutions that needed to be developed to realize improvements or address gaps.
One of my key accomplishments was a multi-year program driving the integration of various complex, internally developed and 3rd party systems and processes to inventory the organizations business processes and the underlying assets that support them. This included defining an approach to classify and prioritize the organizations assets based on various metadata and internal/external relationships to understand those assets that were most critical for supporting the objectives of the organization.
This required understanding the organization of the entire company, it's subsidiaries, and the locations associates and data existed at. It also included learning at a high level the functional use of various internal and 3rd party technologies (e.g. platforms, hardware, operating systems, programming languages, etc.) and the complex inter-relationships between them for supporting organizational risk assessments, control assessments, and maintaining compliance with various regulatory and jurisdictional requirements.
2013 : 2015
State Farm
Technical Analyst - Asset/Configuration Management Strategy Lead
2022 : Present
State Farm ®
Insider Threat Analyst - Information Security
In this position, I led a team responsible for supporting and maturing the organization's User and Entity Behavior Analytics (UEBA) solutions and security detection engineering processes for supporting insider threat detection, security incident response, and various other business functions for State Farm.
2019 : 2022
State Farm ®
Security Analytics Analyst - Information Security
In this position, I participated in the creation of a team responsible for supporting and maturing the integrated Information Security Incident Response framework and plans for the organization. These plans outline how key departments work together to respond to Information Security/Cyber Security related incidents.
These responsibilities also include the development of exercises and drills to allow the organization to practice response to these types of incidents in a safe environment and proactively improve the core capabilities for responding and recovering from these types of incidents.
I also coordinate after action evaluations to assess strengths and areas for improvement based on these simulated events and real incidents that occur.
2016 : 2019
State Farm
Security Analyst - Information Security
In this position, I was responsible for providing asset management architecture support for maturing the Information Security Program for State Farm.
My key responsibility was collaborating with security personnel on defining and overseeing the implementation/integration of organizational asset and configuration management systems, and their information, into security program tools and processes.
This information was fundamental for identifying, assessing, and managing the threats, vulnerabilities, controls, and risks associated with groups of assets or individual assets. In this position, I frequently educated my peers and the teams they supported on how this information could optimize or automate various aspects of their daily responsibilities.
2015 : 2016
State Farm
Security Analyst - Information Security Architecture
In this position, I was responsible for providing strategic application, data, and technical architecture direction and support for Asset Management and Configuration Management.
My responsibilities included continually assessing the strengths, new opportunities, and gaps in the organizations asset and configuration Management processes and systems, and supporting the operational teams in escalated risks and issues that we faced.
This involved collaborating with internal business partners from various departments to understand their unique needs, working with third party consulting firms to understand industry trends and best practices, researching consumer out-of-the box software, available internally developed software, and in some cases defining new requirements and specifications for software solutions that needed to be developed to realize improvements or address gaps.
One of my key accomplishments was a multi-year program driving the integration of various complex, internally developed and 3rd party systems and processes to inventory the organizations business processes and the underlying assets that support them. This included defining an approach to classify and prioritize the organizations assets based on various metadata and internal/external relationships to understand those assets that were most critical for supporting the objectives of the organization.
This required understanding the organization of the entire company, it's subsidiaries, and the locations associates and data existed at. It also included learning at a high level the functional use of various internal and 3rd party technologies (e.g. platforms, hardware, operating systems, programming languages, etc.) and the complex inter-relationships between them for supporting organizational risk assessments, control assessments, and maintaining compliance with various regulatory and jurisdictional requirements.
2013 : 2015
State Farm
Technical Analyst - Asset/Configuration Management Strategy Lead
Company:
State Farm ®
About
Experienced security analyst skilled in user & entity behavior analytics (UEBA), threat hunting, insider threat detection and response, cyber exercise design, security incident response, risk management, asset management, software asset management, software license management, configuration management, IT service management, and IT strategy. Strong information technology professional with 19 years+ experience with a Fortune 40 corporation.
Profile Photo
