Shane Roberts
Details
RiskLens Platform Training
2023 :
Risk Management
RiskLens FAIR Analysis Fundamentals
2023 :
Splunk 7.x Fundamentals II
2019
Splunk 7.x Fundamentals I
2019
McAfee Data Loss Prevention Endpoint 11.0 Essentials
2018 :
• Advise business segment leadership on execution of best-in-class information security and compliance adhering to company policies and standards aligning to NIST 800-53, SOC2, PCI, SOX, ISO, CIS.
• Senior ISM oversight of on-premises datacenters, GCP, AWS, AZ.
• Monitor new and emerging threats and report on corporate and business segment vulnerability management to include proprietary scored CWE/CVE/SCA/QID risk rankings.
• Coordinate and report on proactive application SAST/DAST/SCA scans and Manual Penetration Test (MPT) results.
• Act as Security Incident Commander.
• Perform risk assessments based on NIST and FAIR models.
• Monitoring global countries risk classifications and encryption regulations.
• Security and compliance waiver management.
• ISM review and approval of business segment Change Management activity.
• Contributor to corporate policy and standards.
• Provide guidance over B2B client and vendor contract Information Security verbiage.
2022 : Present
CoreLogic
Principal, Corporate Information Security Manager
• Align business objectives with security and compliance requirements.
• Measure and self-attest to NIST 800-171, CMMC Level 2 and CIS IG3.
• Subscribed member of CIS secure suite participating and adhering to CIS benchmarks and controls.
• Responsible for SOC monitoring SIEM (Perch), Threat Hunting (Huntress), EPP/EDR (SentinelOne), Darkweb ID monitoring, File Integrity Monitoring Data Discovery and Classification (Netwrix), and Incident Response.
• Serve as Governance, Risk and Compliance Manager, including implementation of a new KnowBe4 GRC solution at 450% savings within budget.
• Primary security change agent promoting change management process improvement.
• Oversee Cybersecurity Awareness Training and Simulated Phishing (InfosecIQ).
• Provide Vulnerability Management (Tripwire IP360, Nessus, Nucleus), including transition to a new scanning and reporting solution at 55% savings within budget.
• Offer Security Risk Assessments aligning to CIS top eighteen, NIST CSF and 800-53.
• Support third-Party client compliance audits and assessments aligning to PCI, SOC2, HIPAA, NIST.
• Offer full MSSP services to subscribing client businesses.
• DKBInnovative awarded #107 of MSSP Alert’s Top 250 MSSPs list for 2021.
2020 : 2022
DKBInnovative
Chief Information Security Officer
• Manage three teams totaling sixteen staff supporting 25k global Windows and Red Hat Linux servers.
• Infrastructure Orchestration
o Design and implement automation for remediation of server vulnerabilities and Desired State Configuration of Security Baselines. Chef Effortless.
o Vendor relations, product life-cycle management, enterprise support.
o Negotiated a new development and automation contract 10% under budget.
• On-Demand Remediation
o Implement in-house developed ad-hoc remediation of vulnerabilities not managed by the Enterprise Patching program. Qualys, Tanium and various platform scripting.
• Global Server Endpoint Protection
o Anti-malware, host-based firewall, intrusion prevention, integrity monitoring, application control, and scanning of enterprise NAS storage. CrowdStrike and Trend Micro.
o Vendor relations, product life-cycle management, enterprise support.
o Negotiated a more comprehensive product and support contract renewal while decreasing run rate 15%.
2019 : 2020
AIG
Director - Infrastructure Remediation and Orchestration
• Drive solutions design and implementation involving several security teams.
• Engineered comprehensive, compliant, and consistently stable securities that meet or exceed requirements :
o Advanced auditing, group policy objects, account and group, user rights, event logs, services, registry, file and folder, disk encryption, firewall, task scheduler, and hardening.
o 55k Windows servers and 350k Windows workstations.
• Initiated research, product evaluations, and certifications to combat emerging threats.
• Delivered complex, integrated solutions by partnering with all disciplines and product owners.
• Created robust Windows security scripts to automate system administration tasks.
• Achieved critical reduction of Active Directory threat vector by constructing a Microsoft Privileged Access Workstation (PAW) security configuration.
• Designed PowerShell hardened security and advanced audit policy providing the Security Operations Center additional investigative and threat hunting ability.
• Developed tactical removable media storage solutions and user access controls.
2016 : 2019
Citi
Global Lead - VP, Microsoft Windows Host Security Architecture
• Manage four teams totaling fifty-five staff.
• Global managed print L3 support - 15k printers, 28k queues, 20k fax numbers.
o Proactively coordinated consolidation and cleanup, resulting in $5MM savings :
o 80% print server reduction.
o 27% print queue reduction.
o 86% HP digital sending software server reduction.
o $3MM saved through reduction and standardization of onsite printers.
• Regional NAM / EMEA server L2-3 support - 700 servers, 70 volumes, 35TB data, 5k shares.
o Developed automation to remotely enumerate server activity and health data and deliver structured reports for proactive issue remediation resulting in a 35% incident reduction.
o Managed cleanup of duplicate and terminated user data resulting in $1.5MM annual savings.
• Regional NAM / EMEA NAS data L1-2-3 support - 2300 volumes, 500TB data, 11k shares, 90k users.
o Managed hardware refresh of 15 NAS devices with zero incidents resulting in $14MM savings.
• Global HP Radia application L2 support - 3000 servers.
• Managed the migration of physical to virtual servers, resulting in 50-70% annual savings.
2011 : 2016
Citi
Infrastructure Senior Manager - VP, End User Computing Infrastructure
Skills
Artificial Intelligence (AI), Change Management, ChatGPT, Cloud Security, Collaboration, Cybersecurity, Cybersecurity Incident Management, Enterprise Architecture, Ethical Hacking, GitHub, Governance Risk & Compliance, Information Security Management, Information Technology, Infrastructure as code (IaC), Infrastructure Management, ITIL, IT Operations, IT Risk Management, Leadership, Managed Print Services, Microsoft Excel, Microsoft Outlook, Microsoft PowerPoint, Microsoft Security and Compliance, Microsoft Word, Pair Programming, Relationship Building, System Administration, Vendor Management, Vulnerability Management, Web Application Security, Windows Server
About
Important to me:
-Try not to become a person of success, but rather a person of value.
-Anyone who has never made a mistake has never tried anything new.
-Do what is right, not what is easy nor popular.
Recommendations:
-Understand desired vs required compliance.
-How business objective dictates compliance which then influences and guides your solutions.
-Technology alone is not sufficient.
-Establish and follow standards, frameworks, policies, and procedures that serve as your roadmap and checklist.
-GRC and security seems intimidating, but anyone can accomplish this by leveraging public industry guidance such as NIST and CIS.
-Leverage qualitive and quantitative risk management.
-If your business develops any code, you should perform SAST/DAST/SCA scans because even development by top talent includes security flaws and vulnerabilities. Your business compliance may even require it.
-Your company may need to have Manual Penetration Tests (MPT) performed and the minimum frequency depends on your business compliance requirements. Self-identification and remediation of vulnerabilities is a great first step but inadequate to fully validate your full environment; applications, infrastructure, network (public and private).
-Train your employees to understand how their actions directly contribute to your business risk. Cybersecurity awareness training is one of the most cost effective and beneficial steps to lower risk.
-Have a cybersecurity insurance policy but perform your due diligence. If your business has a compliance requirement and you did not satisfy your requirements, then there is a high probability your coverage can be impacted. The average cost of a single breach ranges from thousands to millions of dollars up front, and the longer-term branding and reputational damage can be more.
-Figure out your Return on Security Investment (ROSI). I encourage you to explore the formula and calculate your ROSI.
-Hold your third-party vendors and service providers accountable for attesting to some formal compliance such as SOC2, CMMC, NIST, etc. Self-assessment is great but doesn’t independently validate true status.
Profile Photo
