Sean Tierney
Puyallup
Summary
High-impact, results-driven cybersecurity professional and U.S. Army veteran with a career focused on innovation and delivering excellent results. Skilled in managing large teams and developing effective strategies. Possess strengths in strategic leadership, vision-driven change management, and robust business acumen. Successfully driven operational efficiency and fostered cross-departmental collaboration within previous organizations. Dedicated to seeking out untapped, overlooked, and undervalued opportunities to improve the organization's security posture and increase the efficiencies of information technology programs. Recognized as an enthusiastic team player and quick study. Appreciated by others for willingness to take on new challenges and cover new responsibilities. Well-respected for galvanizing security teams to embrace a singular vision and oneness of purpose, making staff training and mentoring a high management priority. Also, serve as a strong and collaborative influencer among executives, thought leaders, and key stakeholders. Proven capacity to clearly and effectively communicate to audiences from a variety of backgrounds. Poised to make a significant impact in the field of cybersecurity.
Overview
16
16
years of professional experience
1
1
Certification
Work History
Senior Director Cyber Security Operations & Incident Response
CENCORA
05.2023 - Current
- Lead the global Cyber Defense team responsible for continuous security monitoring, investigation, threat hunting and computer security incident response
- Lead the response to incidents, overseeing containment, mitigation, and remediation of the consequence
- Publish incident reports, metrics and KPIs to executive leadership
- Organize and execute cross-functional tabletop exercises (TTX) and drills to ensure response plans are understood and improved
- Merged three regional teams into a single cyber security operations and incident response organization
- Rewrote the company’s Cyber Security Incident Response Plan (CSIRP)
- Initiated the reorganization and update of SecOps and IR processes, procedures, and playbooks
- Built relationships with senior leaders, business units, and technology teams across the company to develop effective, cross-departmental investigation and response capabilities
Vice President Security Operations & Threat Intelligence
CONSTELLA INTELLIGENCE INC
09.2021 - 10.2022
- Established a Security Operations organization with 27x7 continuous security monitoring and incident response to attacks against the executive and corporate customers on our multi-tenant Digital Risk Protection Services (DPRS)
- Developed and maintained deterministic and probabilistic AI/ML models to detect activity related to account take over, impersonation, identity theft, sale of exposed credentials, and targeted attacks on our customer’s brands, executives, and employees
- Reorganized the threat hunting and data engineering resources into a cohesive team to recover exposed credentials, collect, analyze, curate, and publish actionable intelligence and real-time alerts for Enterprise DPRS customers and OEM/B2B Identity Theft notification
- Developed and executed threat hunting and intelligence requirements to drive the company’s overall data and technology strategy covering breach data, malware, public records, open-source, surface web, deep web, and dark web
- Spearhead the design and delivery for client engagements in cybersecurity, threat intelligence, investigations, and analysis
- Lead research into methods and practices to recover customer’s credentials stolen by malware and phishing
- Established OverWatch program to ensure optimal performance of DPRS and SIEM, deliver customer requested investigation reports, conduct customer facing POCs, and assist Sales Engineering team
- Managed delivery of customer facing finished intelligence, recovery of customer’s exposed records from data breaches, identity theft, phishing, botnets, ransomware, and other malware
- Re-architected security data ingestion, reducing time from acquisition to DPRS alerting from weeks to hours
Senior Director Cybersecurity
INFOBLOX, INC.
10.2015 - 09.2021
- Built and lead the organization to secure and defend Infoblox cloud IaaS, PaaS, and SaaS
- Including security operations, engineering, and architecture
- Established and lead SaaS Computer Security Incident Response (CSIRT) and the Product Security Incident Response (PSIRT), responsible for aligning Infoblox cloud security disciplines such as SecOps, incident response, monitoring, logging and analysis, application security and vulnerability management with internationally accepted best practices
- Managed SaaS Security architects and Analytics architects
- Managed the SaaS Security products software development organization responsible for development of Infoblox BloxOne suite of SaaS applications
- Oversaw selection and implementation of security controls and other information security activities for FedRAMP and SOC2 3rd Party Audits of Infoblox SaaS offerings, consistent with NIST 800-53 and NIST 800-171
- Documented and implemented security program policies and standards across Engineering dept
- Led architecture, engineering, implementation, and ongoing support of threat data curation for Infoblox branded intelligence, aligned with MITRE ATT&CK
- Established the Pivot-Farm-Mine threat intelligence methodology to guide the team in improving threat research practices
- Developed new indicator dataset as a critical component of the DNS firewall product
- Manage team of Data Scientists developing machine learning models for all Infoblox product lines
- Managed program for data lake design and implementation
Executive Director Security Operations & Incident Response
MORGAN STANLEY
06.2013 - 10.2015
- Global head of Security Operations (SOC), Computer Security Incident Response (CSIRT) and Threat Intelligence (CTI), leading a multi-tiered organization for continuous security monitoring, detection, containment, and mitigation for security incidents
- Directed cyber intelligence in the synthesis of intelligence and identification of threats internally and beyond the firm’s perimeter
- Deployed platforms for malware and malicious activity detection and analysis
- Designed Cyber Intelligence program, operational framework, and procedures
- Implemented enterprise platform for fusion, analysis, curating, and sharing threat intelligence
- Lead architecture and design of Morgan Stanley Security Fusion Center in Manhattan
- Reorganized Security Operations Center (SOC) and Threat Intelligence Teams across five countries to operate more closely with Computer Security Incident Response Team (CSIRT)
- Redesigned the framework for security event handling and incident response process
- Developed uses cases and correlation rules for new Security Information and Event Management (SIEM) system
- Directed the selection and implementation of network security and threat management technologies including Network Based Anomaly Detection, Forensics and Incident Response solutions, Email malware detection, network malware detection, and threat intelligence platform
- Oversaw the selection and onboarding of threat intelligence vendors
Director Cyber Threat Intelligence
UBS AG
08.2012 - 06.2013
- Provided detailed, threat centric information to defend the enterprise, support strategic decision-making, and drive security operations
- Developed sources and methods for intelligence collection and analysis
- Perform hands-on, day-to-day intelligence duties
- Drive security analytics, anti-malware, and anti-phishing efforts
- Prepare and deliver executive briefings and employee training
- Write whitepapers, reports, and other material to support decision-making, education, and awareness for information security related threats
- Developed and implemented from the ground up the intelligence program at UBS AG
- Designed Threat Intelligence operational framework, and procedures
- Created a network reputation monitoring solution for 3rd Party Oversight / Risk Management
- Implemented an intelligence fusion, analysis, and visualization solution
Director Cyber Threat Intelligence
JPMORGAN CHASE
09.2008 - 08.2012
- Responsible for the overall management of the intelligence and threat management program
- Recruited, led, and trained team which performed the collection, analysis, and alerting for external indicators and warnings
- Executed hands-on intelligence analysis, incident response, investigations, and security assessments
- Drove security analytics, anti-malware, and anti-phishing efforts
- Prepared and delivered executive briefings and employee training
- Led intelligence sharing and outreach initiatives
- Established the Threat Intelligence Team
- Implemented Threat Horizon Initiative to mitigate threats outside the enterprise perimeter
- Developed methodology for monitoring and evaluating 3rd party technical risks
- Designed intelligence fusion, analysis, and visualization system
- Constructed and implemented malware and malicious activity analysis environment
Education
Master of Science - Computer Science
University of Washington
Seattle, WABachelor of Science - Computer Science
Saint Martin’s University
Lacey, WASkills
- Cybersecurity leadership
- Cybersecurity incident response
- Cybersecurity Operations
- Cybersecurity Engineering
- Security Architecture
- Cloud Security
- Product management
- Cyber threat intelligence
- Threat hunting
- Data Analytics
Accomplishments
US US9038177 - Method and System for Multi-level Data Fusion | United States Patent and Trademark Office
Certification
- Certified Information Systems Security Professional (CISSP), Intl Information System Security Cert Consortium
- GIAC Certified Incident Handler (GCIH), SANS
Patents
US9038177, Method and System for Multi-level Data Fusion, United States Patent and Trademark Office
Timeline
Senior Director Cyber Security Operations & Incident Response
CENCORA
05.2023 - Current
Vice President Security Operations & Threat Intelligence
CONSTELLA INTELLIGENCE INC
09.2021 - 10.2022
Senior Director Cybersecurity
INFOBLOX, INC.
10.2015 - 09.2021
Executive Director Security Operations & Incident Response
MORGAN STANLEY
06.2013 - 10.2015
Director Cyber Threat Intelligence
UBS AG
08.2012 - 06.2013
Director Cyber Threat Intelligence
JPMORGAN CHASE
09.2008 - 08.2012
Bachelor of Science - Computer Science
Saint Martin’s University
Master of Science - Computer Science
University of Washington
Similar Profiles
Lynn FordLynn Ford
Master Data Management at CencoraMaster Data Management at Cencora
LaSonja LearyLaSonja Leary
Quality Analyst at CencoraQuality Analyst at Cencora
Helen JacksonHelen Jackson
Clinical Operations Analyst at CENCORAClinical Operations Analyst at CENCORA
Samarian JonesSamarian Jones
Case Manager/Interim Manager/Fields Specialist at CencoraCase Manager/Interim Manager/Fields Specialist at Cencora
Zakia AminZakia Amin
Crew Trainer at McDonald'sCrew Trainer at McDonald's