Summary
Overview
Work History
Education
Skills
Websites
Presentations
Certification
Timeline
Generic

BEN BUTZ

Auburn,WA

Summary

Objective
To leverage my Executive MBA to lead a security organization that aligns cybersecurity strategy with business objectives, enabling operational excellence, fostering high-performing teams, and driving sustainable growth in a dynamic and evolving threat landscape.

Overview

20
20
years of professional experience
1
1
Certification

Work History

Security Operations Manager

New York Digital Investment Group (NYDIG)
03.2022 - Current
  • Lead the Intelligence, Detection, and Response team for a vertically integrated Bitcoin investment firm, specializing in mining, custody, and derivatives trading.
  • Directed the transition from a managed security services provider (MSSP) to in-house operations, achieving improved detection, faster response, and higher fidelity alerts.
  • Established aggressive Service Level Objectives (SLOs) for incident response, achieving a 2-hour acknowledgment time for high-severity incidents.
  • Enhanced detection capabilities by transitioning SIEM maintenance to Infrastructure as Code (IaC), enabling faster implementation and tuning of detection logic.
  • Conducted blind red team engagements and led the organization's first Tabletop Exercise, improving preparedness against advanced adversaries.
  • Overhauled threat intelligence workflows, informing detection efforts with TTPs of relevant threat actors, enabling proactive coverage gap identification and investment.
  • Executed multi-business-unit incident response efforts, achieving containment and eradication before adversaries reached critical objectives.

Senior Manager, Security Engineering and Incident Response

Zillow Group
03.2019 - 03.2022
  • Architected and led the implementation of signals collection including enterprise logging, network traffic and endpoint forensic artifacts necessary for security event detection and investigation
  • Achieved a 4 hour mean time to contain security incidents through playbook standardization, process improvement and automation
  • Improved enterprise systems readiness by drafting and implementing policy and standards for enterprise logging and secure configuration in line with NIST standards
  • Ensured successful and timely merger and acquisition by rapidly deploying security controls, assessing, and reducing risk
  • Led Zillow's Indigenous People's Network facilitating cultural awareness, career development and inter-organizational connections - Achieved highest hiring percentage of ERG sourced referrals

Adjunct Professor

Century College
06.2018 - 06.2019
  • Developed and delivered curriculum designed to bolster the skillset of the Minneapolis area information security talent pool

Incident Handler / Lead Information Security Analyst

Target Corporation
06.2014 - 03.2019
  • Envisioned and then executed on Target's current host-based containment strategy reducing containment times to under two hours
  • Trained and mentored over 30 CSIRT analysts providing training in hostbased forensics, enterprise logging, and packet capture analysis - improving overall quality of casework
  • Created Target's cyber deception strategy and implemented five innovative use cases designed to counter advanced adversaries
  • Oversaw development of Target's primary forensic evidence collection and analysis tool, reducing artifact collection times from 2 hours to under 20 minutes

Sr Information Security Analyst

Alliant Techsystems
08.2010 - 06.2014
  • Led incident response efforts driving the maturation from a reactive to proactive model enabling successful APT detection and removal
  • Implemented companywide phishing awareness program, demonstrably limiting the impact of advanced phishing campaigns
  • Analyzed malware to discover adversary TTPs used to enhance detection, attribute adversary activity, and share with industry partners
  • Designed and implemented SIEM correlation rules for alerting and hunting activity

Information Security Manager

United States Army
09.2004 - 08.2010
  • Maintained Information Assurance Vulnerability Management (IAVM) compliance for six Brigades Combat Teams in combat
  • Recognized by MNF-I Commanding General for APT mitigation
  • Developed subordinate soldiers professionally, resulting in the promotion of four soldiers to noncommissioned officers
  • Led Commanding General's Information Management Office, planning and executing asset refresh and procurement for the upcoming yearlong deployment

Education

MBA -

FOSTER SCHOOL OF BUSINESS, UNIVERSITY OF WASHINGTON
Seattle, WA
06-2024

BS - INFORMATION ASSURANCE AND SECURITY

CAPELLA UNIVERSITY
Minneapolis, MN
01.2014

Skills

  • Leadership & Team Development
  • Incident Response & Threat Detection
  • Network & Host Forensics
  • Security Operations Strategy
  • Threat Intelligence & Threat Hunting
  • Cloud Security (AWS, Azure)
  • Process Optimization & Automation

Presentations

  • Incident Response, More than a Plan, BrrCon, 2018
  • From SOC to CSIRT, Bsides Las Vegas, 2017

Certification

CISSP, CFR GCIH, GCIA, Security+

Timeline

Security Operations Manager

New York Digital Investment Group (NYDIG)
03.2022 - Current

Senior Manager, Security Engineering and Incident Response

Zillow Group
03.2019 - 03.2022

Adjunct Professor

Century College
06.2018 - 06.2019

Incident Handler / Lead Information Security Analyst

Target Corporation
06.2014 - 03.2019

Sr Information Security Analyst

Alliant Techsystems
08.2010 - 06.2014

Information Security Manager

United States Army
09.2004 - 08.2010

MBA -

FOSTER SCHOOL OF BUSINESS, UNIVERSITY OF WASHINGTON

BS - INFORMATION ASSURANCE AND SECURITY

CAPELLA UNIVERSITY

Similar Profiles

CREATE PROFILE
BEN BUTZ