Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Nick Nero

Richmond,VA

Summary

Seasoned cybersecurity expert with more than 20yrs experience in the field. I was among the first 3000 CISSPs globally, attained the CISM in 2008 as well as numerous other technical certifications. I've spent years as a cybersecurity consultant drafting policies for small/medium-sized business, performing risk assessments as well as ethical hacking/pen-testing engagements. I'm an IT professional with a deep technical understanding of networks, servers and cloud platforms. I've done everything from designed a PKI solution for Fortune 50's to designing cryptography/DRM solutions for consumer products.

Overview

22
22
years of professional experience
1
1
Certification

Work History

Head of Cybersecurity/CISO

Clareto, LLC
07.2022 - 09.2024
  • Created ISO 27001 Compliant information security management system from scratch with policies for all relevant areas - Mobile Device Management, Risk Management, Asset Control, Encryption Standards, etc
  • Managed yearly audits, both internal assessment by parent entity and external SOCII audits
  • Conducted annual security training on basic security awareness, secure software development practices and others
  • Evaluated new technologies and vendor products for security compliance as well as conduct 3rd party risk assessements
  • Responsible for secure cloud security architecture in a fully cloud based software company using Microsoft Azure
  • Point-of-Contact to parent company CISO for all security or risk related issues
  • Responsible for official responses from vendors and business partners conducting 3rd party risk assessments or cybersecurity audits
  • Managed the security standards of our external IT contractor ensuring the vendor maintained compliance with corporate standards
  • Routinely met with customers to discuss security concerns or new product ideas that involved new security technologies or processes
  • Represented Clareto to parent company's Cyber Security Task Force

Sr Cybersecurity Consultant

Striker Advisory, LLC
01.2017 - 03.2019
  • Security consultant offering vCISO services for small to medium-sized businesses
  • Develop information security management systems for clients
  • Conduct quarterly risk assessments for clients
  • Perform ethical hacking/pentesting activities for clients lacking internal red team expertise

Sr. Technology consultant

20th Century Fox, Fox Filmed Entertainment
03.2011 - 12.2016
  • Dual reporting relationship to CIO and SVP of Technology Strategy designing and evaluating secure media streaming delivery platforms and cloud-based asset management systems
  • Develop secure distribution strategies for digital media including DRM, CDN and other content management strategies
  • Served as Fox's representative to industry standard fora such as AACS, a copy protection standard
  • Developed and maintained a risk assessment and management framework with FFE internal security team to ensure compliance with existing enterprise standards and practices
  • Designed and evaluated secure cloud computing platforms for the migration of on-site services into the cloud

Director of Advanced Technology

The Walt Disney Company
06.2002 - 03.2011
  • Lead on copy protection and DRM protections for new video streaming platforms including in depth vulnerability analysis
  • Conducted security assessments of secure online video delivery platforms and track DRM vulnerabilities and lead remediation efforts with platform providers (Adobe, Amazon, Google, Netflix, etc)
  • Corporate representative to industry-wide standards bodies (AACS for digital encryption, Blu-ray Disc Association for logical/physical format specification) and co-author of their respective international standards publications
  • Built and maintained Disney’s first Windows Active Directory infrastructure
  • Lead system engineer on team that build and deployed 2,000+ servers in one of the largest privately owned datacenters in North America handling Disney.com, ESPN.com, and ABC.com
  • Developed Disney’s first encryption practices and procedures for PCI compliance
  • Built and deployed Walt Disney’s first PKI solution for enterprise encryption, authentication and digital signing
  • First CISSP and CISM at Walt Disney Corporation

Education

Bachelor of Arts - Biology (Pre-Medicine)

Berea College
Berea, KY

Skills

  • Identity and Access Management
  • Operating System Security
  • Data Loss Prevention
  • Public Key Infrastructure
  • Security Information and Event Management
  • Wireless Network Security
  • Encryption Technologies
  • Penetration Testing & Ethical Hacking
  • Threat Intelligence Analysis
  • Information Security Policies

Certification

  • CISSP
  • CISM
  • Advanced - Certified Scrum Product Owner

Timeline

Head of Cybersecurity/CISO

Clareto, LLC
07.2022 - 09.2024

Sr Cybersecurity Consultant

Striker Advisory, LLC
01.2017 - 03.2019

Sr. Technology consultant

20th Century Fox, Fox Filmed Entertainment
03.2011 - 12.2016

Director of Advanced Technology

The Walt Disney Company
06.2002 - 03.2011

Bachelor of Arts - Biology (Pre-Medicine)

Berea College
  • CISSP
  • CISM
  • Advanced - Certified Scrum Product Owner
Nick Nero