Josh Stewart

• Collaborated with IT Operations to ensure seamless integration of security systems with existing infrastructure.
• Developed and implemented Strategic Roadmap Plans designed to improve security posture and minimize risk to the organization.
• Coordinated penetration testing exercises and 3rd party audits using results to drive Strategic Roadmap Plans for mitigating vulnerabilities and risk.
• Cultivated a culture of shared responsibility among direct reports maintaining a secure digital work environment.
• Raised employee awareness on cybersecurity best practices through monthly news letter, all staff notifications, LMS training modules and monthly phish campaigns.
• Reduced cyber attack incidents by developing custom detections and deploying automated response solutions.
• Spearheaded development of data classification labels and DLP policies enhancing data protection capabilities.
• Evaluated emerging cybersecurity technologies such as DSPM, CASB and SA Training platforms for potential adoption into company''s security framework.
• Provide oversight of SaaS Applications and Cloud Hosting environments identifying potential vulnerabilities and work in cooperation with various business units to recommend and implement proactive safeguards to mitigate risks.
• Conducted thorough risk assessments, addressing identified weaknesses in a timely manner to maintain optimal protection levels.
• Developed company-wide information assurance, security policies and standards in addition to building automated annual reviews in GRC solution.
• Oversaw daily operations of IT Security Team and 24/7 MDR Service.
• Mentored direct reports in their career development, sharing knowledge from years of experience in the field.
• Identified operational inefficiencies and implemented corrective measures to optimize tools and processes.
• Led successful projects through to completion under tight deadlines, coordinating effectively across multiple teams and reporting progress to business leadership and CISO of Mutual of Omaha Insurance.
• Successful developed working relationships with business leadership, legal and compliance gaining the support needed to expand oversight functions across the enterprise.

• Enhanced network security by continuously evaluating and configuring recommended configuration changes in intrusion detection and prevention systems.
• Deployed EDR agents to over 460 endpoints in addition to network sensors on all VLANs for detecting and investigating alerts and incidents.
• Performed and reviewed technical security assessments to identify points of vulnerability and non-compliance with established information security standards and recommend mitigation strategies to CIO and IT Director.
• Provided technical leadership focused on IT Security best practices.
• Championed ongoing improvements in IT Security platforms such as updating vulnerability scanner for new store locations, installing endpoints agents for local scans and configuring cloud connector for passively scanning virtualized assets in AWS resulting in the discovery and remediation of dozens of critical vulnerabilities.
• Designed and executed employee training programs to promote a culture of cybersecurity awareness.
• Lead project for implementing continuous and automated patching via existing MDM solutions and native cloud services for patching cloud-based windows and linux VM servers.
• Manually remediated critical vulnerabilities associated with log4j, use of default admin credentials in use on network appliances and inbound security group rules attached to cloud-based servers with public IP’s allowing all internet traffic to ports that shouldn’t be open to the internet.

• Plan, implement and upgrade security measures and controls.
• Protect digital files and information systems against unauthorized access, modification or destruction.
• Maintain data integrity and monitor security access.
• Manage network intrusion and preventions systems.
• Investigate and respond security incidents.
• Vulnerability Management Lead
• Conduct Security Awareness Training.
• Prepare status reports on security matters to develop risk analysis scenarios and response procedures.
• Responsible for tracking, monitoring and reduction of security incident tickets.
• Create, update and audit user accounts and access permissions.
• Provide direct support and guidance to business operations and IT staff on security related issues.
• Assist with development of security procedures and business continuity plans.