Bistra Lutz
Philadelphia,PA
Summary
Proven security technologist with a passion for innovations and drive to promote robust cybersecurity practices across diverse business landscapes. Possesses deep technical knowledge encompassing various facets of information security and excels in assessing and optimizing security measures. A team-oriented leader dedicated to talent development, coaching, and providing expert guidance on diverse security domains. Proficient in bridging the communication divide between Lines of Business and technical teams to ensure secure, uninterrupted business processes.
Overview
13
13
years of professional experience
1
1
Certificate
2
2
Languages
Work History
Global Director Security Operations
Crown Holdings
04.2022 - Current
- Strategic Leadership and Planning - develop and communicate a global security vision, strategy, and roadmap aligned with organization's overall business objectives
- Security Operations Management - Lead a global team of security analysts and engineers responsible for monitoring, incident response, threat analysis, and security operations.
- Manage Cross-Functional GRC and Security Awareness Teams to design and operate Security governance across all Company divisions and departments.
- Security Technology and Infrastructure - Evaluate, implement, and manage security technologies and infrastructure that support global security operations, including SIEM, endpoint detection, vulnerability management, and identity and data protection
- Compliance and regulatory oversight - Ensure compliance with global cybersecurity laws, regulations, and industry standards applicable to organization's operations across different region. Liaise with Legal and Internal Audit departments to ensure regulatory compliance.
- Budgeting and Resource Management - Develop and manage global security operations budget, ensuring optimal allocation of resources to meet security objectives efficiently. Provide leadership and oversight in negotiating contracts, purchasing security tools, and managing vendor relationships in a cost-effective manner.
- Executive Reporting and Communications - Regularly report on organization's global security posture, incidents, vulnerabilities, and risk assessments to executive leadership and board of directors. Communicate security risks, threats, and strategies effectively to key stakeholders, ensuring a clear understanding of organization's security posture and initiatives.
Sr. Manager Security Operations
Gitlab
01.2021 - 04.2022
- Security Operations Management - Oversee day-to-day security operations, including incident detection, investigation, and response to security incidents and breaches. Develop and maintain incident response plans, procedures, and playbooks to ensure a consistent and effective response to security events.
- Security Monitoring and Detection Engineering - Enhance and optimize security monitoring capabilities, leveraging industry-leading tools and techniques to detect and respond to security threats effectively. Develop and implement Detection Engineering practice to enhance proactive measures taken against threats to the environment
- Incident Response and Threat Mitigation - Lead and coordinate incident response efforts, working closely with cross-functional teams to contain, eradicate, and recover from security incidents. Develop and maintain incident response playbooks and conduct regular incident response exercises to improve team's preparedness and effectiveness
- Reduced costs, optimized resource allocation, and improved efficiency in managing projects.
- Team Leadership and Development - Lead and manage Security Operations team, providing guidance, mentorship, and support to team members for career growth and skill development.
Sr. Manager Security Operations Center
Penn Medicine
01.2019 - 01.2021
- Managing Security Operation for a world-renowned academic medical center in Philadelphia. Responsibilities include leading and managing daily operations of SOC team, ensuring effective monitoring, detection, and response to security incidents.
- Team Leadership and Development - Lead and manage SOC team, providing guidance, mentorship, and coaching to team members for career growth and skill development. Foster a collaborative and high-performance team culture, encouraging proactive problem-solving and knowledge sharing within SOC team and across security organization.
- SOC Operations and Process Improvement - Establish and maintain standard operating procedures (SOPs) for SOC operations, ensuring efficiency and effectiveness in monitoring and response activities. Continuously improve SOC processes and workflows based on lessons learned from security incidents, industry best practices, and changing threat landscapes.
- Threat Intelligence and Knowledge Sharing - Drive integration of threat intelligence into SOC operations to enhance threat detection and response capabilities. Encourage knowledge sharing and collaboration within SOC team and with other security teams to improve collective expertise and response to emerging threats
Sr. Consultant - Strategic Accounts
Security Risk Advisors
08.2017 - 01.2019
- Client Engagement and Relationship Management - Engage with clients to understand their business objectives, security needs, and risk profile, establishing strong and collaborative relationships. Act as a trusted advisor to clients, providing expert cybersecurity guidance and recommendations to address their specific security challenges effectively. Delivered high-quality solutions for clients through comprehensive research and analysis of industry trends.
- Cybersecurity Assessment and Analysis - Conduct comprehensive cybersecurity assessments and audits, evaluating clients' existing security measures, policies, and procedures to identify vulnerabilities and gaps. Analyze assessment results and present findings to clients, recommending appropriate security controls and improvements to enhance their security posture.
- Threat Identification - performs purple team exercises and threat modeling based on MITRE attack framework. Evaluates detection controls based on Lockheed Martin cyber kill chain, builds out preventative measures and automation for efficient threat identification proactive response.
- Client Engagement - Maintains client SLAs and client communications, creates monthly metrics status reports and dashboards. Responsible for staff onboarding, daily allocations and training. Initiates corrective measures required for optimal SOC operations
- Threat Intelligence and Knowledge Sharing - Drive integration of threat intelligence into SOC operations to enhance threat detection and response capabilities. Encourage knowledge sharing and collaboration within SOC team and with other security teams to improve collective expertise and response to emerging threats.
Digital Forensic Specialist and Cloud Technology T
Capital One
06.2013 - 08.2017
- Incident Management and investigations - Caseload ranged from Malware investigation, identification of Indicators of Compromise, phases of infection, threat vectors and dissemination techniques, and reverse engineering of malware samples. Recovery and examination of data retrieved from computers and other electronic devices; technical report write up detailing investigative process.
- Managing Forensic Lab – Keeping equipment up to date with patches and upgrades.
- Policy Violations - Instrumental in developing alerts for monitoring policy violations, training first level Security Intelligence Center (SIC) members, providing third level technical support and expertise for cyber incidents
- Cloud Technology Transformation - Successfully Developed a Cloud adoption strategy for incident response, including a Standard Operating Procedure for incident handling and Incident Response Framework for Cloud Technologies Network Security Monitoring - instrumental in maturing Company's security monitoring program and protecting information assets. Planned, implemented, monitored and troubleshot internal information technology security policies, application security, access control, and corporate data safeguards. Responsible for maintenance and updating of Security Information and Event Management (SIEM) appliance, gathering data assets inventory
Security Monitoring Analyst
ING Direct
05.2011 - 06.2013
- Security Monitoring and Incident Detection - Monitor security events using security information and event management (SIEM) systems and other tools to identify potential security incidents. Analyze alerts and anomalies, investigating suspicious activities to determine if they pose a security risk and require further action.
- Incident Response and Investigation - Participate in incident response activities, working closely with the incident response team to contain, eradicate, and recover from security incidents. Conduct detailed investigations into security incidents, documenting findings, and recommending preventive measures to avoid similar incidents in the future.
- Security Tools and Technology - Assist in the evaluation, implementation, and management of security tools and technologies, ensuring they are effectively configured and utilized to maximize security posture. Contribute to the tuning and optimization of security tools for optimal performance and accuracy.
Education
Bachelor of Science - Computer And Network Security
Wilmington University
New Castle, DE05.2011
Skills
- 15 Cyber Security Technical Experience
- Endpoint Security
- Security Infrastructure - SIEM, EDR,
- IDS, WAF, IAM
- Cloud Security
- Budgeting and Resource Management
- Contract negotiations
- Leading and inspiring teams
- Risk Mitigation
- Organizational Development
- Strategic Planning
- Digital Transformation
Certification
- CISSP
- EnCE
- GCHI
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Timeline
Global Director Security Operations
Crown Holdings
04.2022 - Current
Sr. Manager Security Operations
Gitlab
01.2021 - 04.2022
Sr. Manager Security Operations Center
Penn Medicine
01.2019 - 01.2021
Sr. Consultant - Strategic Accounts
Security Risk Advisors
08.2017 - 01.2019
Digital Forensic Specialist and Cloud Technology T
Capital One
06.2013 - 08.2017
Security Monitoring Analyst
ING Direct
05.2011 - 06.2013
Bachelor of Science - Computer And Network Security
Wilmington University
Similar Profiles
Jason SellersJason Sellers
Forklift Operator at Crown HoldingsForklift Operator at Crown Holdings
James HilmerJames Hilmer
Mechanic at Crown HoldingsMechanic at Crown Holdings
Ahmad ZbibAhmad Zbib
Supply Chain Analyst at Crown HoldingsSupply Chain Analyst at Crown Holdings