BRIAN WEBER

Cybersecurity

• Oversee health, operation, and security of IT infrastructure including firewalls, switch fabric, wireless networks, security systems, vulnerability scanning, patch management, remote access, zero-trust and legacy VPN technologies.
• Manage GDPR team efforts to ensure systems remain compliant with international and domestic privacy regulations including GDPR, CCPA, PIPEDA, etc.
• Oversee administration of security devices, end-point protection, web and email filtering, advanced threat protection rules, threat management education and mitigation, security awareness training and deployment of phishing, campaigns to test and educate staff in threat awareness and identification.
• Incident response team lead. Maintain Incident Response Plan (IRP), team membership, tabletop exercises, and plan execution, and lessons learned sessions.
• Develop and communicate IR procedures to team and ensure incidents are properly documented with event details to include implementing mitigation efforts.
• SME responsible for communicating operational and cyber incidents to management accurately explaining cause, damage, and remediation in a clear, concise way in terms audience will understand.
• Develop and present presentations in areas of data security, privacy, risk management, and data classification.
• Lead technical writer for technology and internal controls policies and procedures ranging from acceptable use and sensitive data handling to GDPR compliant privacy policies and DSAR process implementation.
• Responsible for periodic testing of in-house BCP/DR plan, meeting with auditors and general counsel to discuss security posture, audit findings, and to suggest control improvements where necessary.
• Manage network assessments and penetration testing by third party vendor to ensure sufficient internal network controls. Coordinate vulnerability mitigation and system hardening efforts. Responsible for presenting assessment findings to executive management team.
• Work directly with forensics teams and attorneys during incidents involving potential data leaks or potential breaches in privacy.
• Lead risk mitigation team comprised of web and applications developers, network engineers, and finance staff to correct vulnerabilities revealed during pen testing.
• Responsible for creation and maintenance of all data security documentation to include compliance and security policies, best practice information, security awareness communications, and process and procedure documentation.

Management

• Supervise help desk support staff, network and AV engineers, UcaaS and DevOps admins.
• Platform administrator for the following cloud tenants: Microsoft O365, Microsoft Teams, RingCentral UcaaS, ZoomOne, Kastle Security Systems, Cisco Meraki, SharePoint, Exchange, and OneLogin SSO, organizational signage, room booking platform.
• Responsible for health, maintenance, and uptime of onsite data center to include cooling, temperature probes, UPS and generated power, EM panels, EPO functions, and pre-action dry shrinker system.
• Lead SCRUM and whiteboarding sessions to promote discussions, uncover and highlight individual team member talents and skills, and build synergy where collaboration and teamwork is lacking.
• Perform staff performance reviews, ensure objectives are accomplished, verify time and attendance, and assist in work plan development.
• Member of VP/SVP leadership team responsible for providing overall leadership to IT infrastructure.
• Manage CAPX and OPEX budgets, contract management, expenses, and approvals to including purchasing, invoicing, tracking service contracts, RFP, contract negotiations, vendor assessments, and billing.
• Strong technical background with a history of delivering outstanding customer service.
• Skilled in bringing together and leading diverse and dissimilar groups of professionals to attain common goals·