Brian W. Rainey

Advise and assist corporate clients in EDR/XDR technology adoption and implementation.

Build continuing and sustainable practice to support client Endpoint Security needs.

Develop tailored/custom Statement of Work and implementation plans for Endpoint Security engagements.

Design EDR/XDR architectures for global corporate clients

• Collaborate with Family of Companies to identify gaps in data loss prevention stance (people, process and technology) as compared to Allstate Corporate
• Expanded cross-functional organizational activity by collaborating across departments on priorities, functions and common goals
• Performance managed low performing personnel to build higher performing team.
• Identified significant gaps and data loss vectors in current DLP posture and designed solutions to remediate
• Improved poor relationship between Data Protection Services organization and other areas of the company
• Built work intake process to improve management of workflow
• Performed industry review of DLP technology and executed VAR lab testing against 630+ requirements of 3 key vendors for potential replacement of incumbent solution
• Identified KRI and KPI metrics that would tell risk-based story of DLP stance for CISO and BoD reports

• Successfully designed and led integration of security controls and technology for endpoint and DLP during acquisition of another company
• Worked closely with security and business leadership to strategically improve data and system security by creating 3-yr roadmap for endpoint and DLP
• Restructured responsibilities of security engineering team to focus on efficacy and compliance of security controls. Improved compliance of endpoint security controls from average of 63% to over 99%
• Identified dozens of critical gaps in endpoint and DLP posture. Developed strategy which addressed and prioritized gaps; created solutions to remediate
• Improved existing vendor relationships achieving deep discounts on vended security solutions
• Realized dramatic yearly cost savings through implementation of architected endpoint and DLP solutions and consolidating engineering and lifecycle work
• Restructured engineering resources to better support security needs. Creating endpoint security team under security; moving them from existing infrastructure organization. Focused efforts towards engineering security controls to protect corporate and customer assets rather than software support without increasing headcount

• Analyzed enterprise requirements and designed solution to malware scan incoming files through multiple vectors (on-prem and cloud - including ICAP, API and Amazon S3) as scalable and reusable service
• Designed and implemented endpoint security solutions including people, process and technology components for: antivirus (OS and NAS), Endpoint Detect and Response, firewall, device control and Data Loss Prevention
• Improved operations of security technologies reducing team involvement in enterprise outages from 2-3 times per week to 3-4 times per year
• Influenced improvements to application design, asset management and endpoint build processes, significantly reducing scope of and effort required to maintain PCI compliance
• Designed and implemented device control solutions on Windows and Mac platforms minimizing risk of data loss through offline and personal storage devices
• Drove hardening of corporate systems to point where Red Team required less restrictive policy/config to effectively continue penetration efforts
• Designed and implemented privileged/elevated access management and application isolation to reduce threat of unauthorized applications or malicious content execution on endpoints
• Identified and eliminated numerous rogue labs and brought them in to endpoint security and lifecycle compliance
• Acted as trusted adviser to all security teams lending experience and expertise to improve success of corporate security; people, process and technology
• Exploited information from cross platform tools to identify non-compliant systems and improve general security compliance

• Restructured and rebuilt Infrastructure organization, including: desktop and application support, database administration, operating system build/design and help desk. Created modular, effective model to support changing needs of organization and reduce staffing requirements by ~25%
• Implemented internal VPN to ensure isolation, SEC and PCI compliance of investments trading applications after identifying risks in security across flat Allstate network
• Eliminated onsite infrastructure costs by 30% through transition to cloud-based vended trading platforms
• Drove culture transformation from slow followers to forward leaning by using Investments Co as early adopter of new technologies
• Aligned "rogue IT" elements with enterprise processes ensuring delivery/SLAs for demanding trading and investments operations
• Implemented change management practices, aligned with enterprise ITSM strategy
• Eliminated redundant applications and versions, streamlining lifecycle requirements
• Created leadership development track and aligned Investments IT with enterprise leadership development opportunities

• Influenced structure, goals and deliverables for task force designed to improve continual drop in application availability across enterprise
• Significantly improved availability for key applications by executing availability reviews; directing changes to reduce complexity of application infrastructure, eliminating single points of failure and improving support procedures

• Identified root cause and drove correction of critical system outages across Allstate enterprise
• Designed support processes to on-board offshore support personnel
• Managed all Critical Situation (Severity 1) outages including executive reports and business leadership interaction

• Drove solution design and implementation for project management and timekeeping systems that would become enterprise standard solutions
• Designed first web hardening standards (IIS) for Allstate that were adopted as enterprise standard

• Responsible for troubleshooting of network, operating system and application outages across enterprise
• Co-designed first application monitoring organization (web ops) and basic application availability alerting improving visibility in to enterprise outages and improving response time and MTTR by more than 60%

• Designed and implemented first local area network-based email system (CC:Mail) on Novell network. Implemented same at 5 other installations across southern Europe
• Designed remote access capability for network enabling access to non-secure messaging for officers and senior staff
• Provided critical Novell support for all US installations in Mediterranean
• Created first program for base-wide end user learning including; office applications and general network/computing content