Steve Meckl

Executive leader of Global Security Operations organization consisting of over 230 security analysts, cyber threat intelligence experts, threat hunters, SOAR engineers, and incident responders providing enterprise grade 24/7 cyber detection and response services to large enterprises.

• Restructured SOC to create a culture of customer accountability, reduce overhead, and improve overall efficiency.
• Increased NPS score for overall delivery by 47 points in less than18 months.
• Achieved 99.8% SLA compliance across millions of alerts handled by SOC.
• Maintained consistent growth in contribution margin and operating profit.
• Developed measurement tools, dashboards, and reports to track metrics on adoption and effectiveness of initiatives.
• Led development and launch of next-generation SOC workbench and automation platform powered by generative AI.
• Collaborated with senior management to develop strategic initiatives and long term goals to improve customer security outcomes and add net new value to the Managed Services portfolio.
• Presented on webinars, RFP responses, and customer QBRs to drive demand and win new business.

Responsible for building Google-led solution enabling the world's largest organizations to realize the vision of Autonomic Security Operations (ASO) in their Google Cloud, multi-cloud, and hybrid enterprises, leveraging ASO's automation-first methodology to execute their detection and response missions at scale and with provable ROI.

• Grew ASO solution revenue by 25% and generated $500m in pipeline for H1 2023
• Security Operations expert advisor on over $700m in deals in 2022
• Created ASO maturity model and ASO Discovery Assessment to identify customers' SecOps maturity and provide a strategic roadmap for improvement
• Developed and executed Assessment-led sales strategy, providing a consistent and proven process for Cloud sales representatives to sell ASO solutions at scale
• Led development of a suite of professional services to help customers lacking SecOps maturity to improve their ability to detect and respond to threats at scale
• Developed network of partners to deliver services in the ASO solution space
• Developed and delivered ASO Workshop to educate customer security operations teams on ASO implementation within their programs
• Globally recognized thought leader frequently requested for speaking engagements including delivering a keynote at the 2022 American Petroleum Institute Conference and a SecOps track presentation at mWISE 2022

Responsible for Security Operations organization of over 250 threat intelligence professionals, security analysts, and security engineers in eight countries delivering advanced security monitoring, detection, and response services to the Global 1000

• Successfully led Symantec CSS global team through two acquisitions, landing the team at Accenture Security with over 80% client retention rate and less than 10% employee attrition
• Transitioned team to 100% work-from-home posture globally in response to COVID-19 pandemic with zero service outages and zero drop in delivery quality
• Launched Cyber Training Academy program to build Security IQ of both Accenture MxDR employees and client IT Security teams
• Built and led Advanced Endpoint Response service, offering Tier 2 triage, Tier 3 investigation, and threat remediation services leveraging market leading EDR products
• Established world-class Intelligence Operations team responsible for curation of cyber threat intelligence from over 90 threat feeds and creation of security detection capabilities across all supported MDR platforms
• Led creation and launch of new User/Entity Behavior Analytics (UEBA) and data visualization capability for MxDR, providing best-in-class intel-driven detection of sophisticated threats based on actor behavior, fast data exploration, and live dashboard creation for clients
• Designed and led creation of mySecurityPosture tool, which leverages MxDR's unique global sight picture to create unique insights into clients' security posture and provide strategic guidance for improving their SecOps effectiveness
• Led implementation of automation strategy to achieve over 90% automation of Tier 1 analysis and 25% automation of Tier 2 analysis, increasing ability to scale at high margin

Responsible for global team of engineers and security analysts who provided advanced security monitoring, detection, and response services for global energy, financial services, transportation, and manufacturing clients

• Led development and launch of Managed Endpoint Detection and Response (MEDR) service, providing turnkey threat hunting program, Tier 2 incident triage, and threat remediation services for large enterprises
• Achieved 91% customer retention rate over three-year period
• Created training and career development program serving over 200 security engineers and analysts, leading to historic low attrition rate
• Grew customer count and revenue by 25% annually
• Thought leader in threat detection, threat hunting, and cyber threat intelligence
• Responsible for security monitoring of over 800k endpoints and servers globally

• Led Incident Response (IR) business for North and South America
• Responsible for pre- and post-sales support, revenue growth, talent recruitment and retention, and delivery of post-breach response services for Fortune 2000 organizations
• Doubled annual IR revenue in first year
• Established long-term technical and business strategy for incident response service offering
• Launched suite of security readiness and advisory services to compliment core IR offering
• Led development and launch of Advanced Threat Hunt service offering
• Led incident response investigations for high profile cases

Led team of 40 engineers and Supervisory Special Agents responsible for Cyber Division's National Incident Response program and strategic development of capabilities enabling cyber denial and deception operations targeting highly sophisticated Advanced Persistent Threat (APT) actors

• Created Technical Operations Unit, responsible for denial and deception mission within FBI Cyber Division
• Grew Unit size to 40 engineers and Supervisory Special Agents over two years due to success of the mission
• Established long-term strategic vision for development of capabilities allowing rapid deployment of technical operations in support of computer intrusion events
• Collaborated with FBI and Department of Justice legal experts to identify framework of authorities allowing deployment of technical countermeasures to disrupt APT intrusion activity
• Led team responsible for creation of Cyber Division's Five-year Technology Strategy
• Expanded mission to include oversight of the Cyber Action Team (CAT), FBI's premier post-intrusion investigative response team
• Led effort to professionalize CAT program by improving team member skill sets, establishing training standards, and improving tool sets to increase investigative efficiency
• Led design and development of next-generation remote collaboration and data analytics platform
• Developed strategy plan and lead implementation of program to fuse post-intrusion incident response and cyber denial and deception programs
• Led dozens of successful IR investigations and technical operations targeting nation-state actors

• Coordinated and managed multi-agency international investigations into highly sophisticated state-sponsored cyber threat actors
• Created and led interagency Technical Operations Working Group, combining strengths and authorities of partner agencies to develop technical capabilities required to address APT intrusions
• Led development and deployment of first active network security countermeasures deployed by FBI Cyber Division to disrupt state sponsored APT intrusion activity
• Secured support and funding from outside agencies for development of FBI technical operations capabilities
• Created strategic partnerships with foreign law enforcement agencies to share intelligence and coordinate operational activity, maximizing effect on state sponsored intrusion threats
• Provided briefings to FBI executive staff, members of Congress, and private sector executives on cyber security threats and FBI's National Security Computer Intrusion program

• National Security computer intrusion investigator covering Washington, DC and Northern Virginia
• Conducted investigations of APT intrusions into US National Critical Infrastructure targets
• Briefed executives of victim organizations to gain support and cooperation in FBI investigations
• Provided briefings to US Government agencies, cleared defense contractors, and other private organizations on emerging cyber security threats and mitigation measures
• Collaborated with intelligence and law enforcement partners on sophisticated international cyber crime investigations
• Developed platform for analysis of large volumes of network data captured as part of computer intrusion investigations
• Partnered with US National Laboratories to develop technology in support of FBI operations

Special Agent Forensic Examiner responsible for collection and analysis of digital evidence in support of FBI investigations, supporting computer intrusion, counterterrorism, financial fraud, health care fraud, Innocent Images, and public corruption programs

• Qualified as expert witness for court testimony
• Conducted dozens of successful computer forensic investigations to support prosecution of Federal crimes
• Created approved procedures for extraction and reverse engineering malware in computer intrusion investigations
• Mentored new examiners on technical issues related to CART training and forensic examinations
• Created procedures for rapid collection of Wi-Fi evidence during criminal search warrants

Member of Common Client engineering team involved in design and development of shared software components for use in all consumer and enterprise endpoint security software

• Mentored new Engineers to familiarize them with Symantec's products and software development process to ensure rapid integration into development team
• Lead develop on core security components of Norton Personal Firewall
• Championed test-first software development program within Consumer Products Division
• Researched malware, spyware, virus, and network attack methodologies
• Researched and developed software solutions for new and existing computer security threats