Corey Null

• Established measures, metrics, thresholds and targets to drive performance in alignment with security and other business strategies.
• Researched, reviewed and recommended equipment, materials and supplies to prepare and maintain security expenses within approved budget.
• Developed and grew staff competencies through team development, implementation and support of specific training for various responsibilities.
• Directed security services and safety functions to align key processes with goals and objectives of organization and regulatory compliance.
• Recommend improvements in security systems and procedures.
• Performed risk analyses to identify appropriate security countermeasures.
• Goal-oriented professional with proven success in applying analytical skills to solve complex problems and overcome challenges. Dedicated to enhancing team performance and driving business success.

• Responsible for leadership and direction of the following teams within the Office of the CSO: Security Architecture & Engineering (including Threat and Vulnerability Management), Application Security, and Identity and Access Management
• Directly led a team of architects in risk analysis, use-case and requirements gathering, design, and deployment of risk appropriate security solutions.
• Developed technical and architectural standards and provided consultation and education to the organization and other groups in support of maintaining an industry best practice for security.
• Developed a new cloud-centric security architecture capability, justified additional headcount and hired the organization’s first Cloud Security Architect.
• Directly led a team responsible for overall product security and integration with Security Development Life Cycle (SDLC) and CI/CD Pipeline, perform threat modeling and integrated threat modeling practices into the product life cycle, conducting application architecture and source code reviews, penetration testing of custom web applications, complex cloud environments and web services.
• Partnered cross-functionally with key business partners to influence and ensure that security was integrated by design throughout the entire product lifecycle while delivering and realizing organizational objectives.
• Led the Manager of Identity and Access Management team, comprised of business analysts and identity and access management professionals.
• Worked with the Manager if Identity and Access Management to create operational efficiencies within the function and justify additional headcount to address a significant and growing backlog.

• Successfully led the organization through a BCP-level Ryuk ransomware incident in March 2020 – from detection to containment, eradication and recovery with only 72 hours of downtime and zero customer data loss, saving the organization millions of dollars in expense and reputation damage while enabling numerous activities to improve the security posture of the enterprise.
• Quickly scaled Cyber Operations and Incident Response team from 2 to 8 members within 90 days while onboarding new hires and mentoring newly appointed leader. Total team headcount is now 17.
• Developed and executed short-term (30-60-90 day) and moderate-term (1-3 years) strategic plans to build and mature Information Security program capabilities using a combination of industry-standard risk and gap analysis, roadmap development and metrics analysis and reporting.
• Spearheaded security control capability review and acted as project owner of subsequent projects, resulting in the replacement of 6 underperforming cloud and on-prem technologies in approximately 10 months and the completion of an RFP to replace 2 managed security service providers with a single vendor. While the new technologies and capabilities are already much more cohesive and mature, CapEx (in renewals) and overall OpEx was slightly reduced.
• Normalized job descriptions, titles and improved equitability across Security Architecture and Engineering team while identifying required skills, performing a skills gap analysis and working with HR and staff to increase training and make other adjustments to close the gaps.
• Justified 3 additional headcount to the Security Architecture and Engineering team with another 3 budgeted for 2121, increasing the team size to 11 from 5 in approximately 12 months.

• After the acquisition of Harland Financial Solutions by D+H, the Security Operations and Network Security teams were combined under my leadership. The new Security Operations team was made up of 9 full-time Security Specialists, focusing on enterprise network security management infrastructure, including firewalls, site-to-site and remote access VPNs, web proxies, intrusion detection and prevention systems, and data loss prevention systems.
• Developed and executed short-term (30-60-90 day) and moderate-term (1-3 years) strategic plans to build and mature the Information Security program, including the formulation of metrics for measuring effectiveness reported to executive team members.
• Established Computer Security Threat and Incident Response and Management capability within the Security Operations team.
• Provided close oversight of vulnerability management program and lead a distributed team of IT personnel in addressing vulnerability patching and mitigation.
• Rebuilt damaged relationship with Managed Security Service Provider (MSSP) and led effort to tune actionable events and alerts from zero to 25+ weekly in a multimillion event per second environment.
• Revitalized the Information Security department, transforming its reputation within the company from a hindrance to an essential partner and business enabler.
• Security technical lead and functional architect on $6M project to upgrade three geographically dispersed firewall clusters.

IT Network Security Analyst Lead / Network Security Management Team, 4/2008 – 4/2010

IT Systems Analyst Lead, 2/1998 – 4/2008