Scott Harrison

Education: Associate of Science (A.S.)

Computer Science

ITT Technical Institute-San Antonio

2002 : 2004

Experience: Information Security Manager responsible for implementing and guiding a comprehensive security program for an entertainment software development company. Responsibilities include, daily security operations, risk and vulnerability analysis, communication with the C-suite about risks, creating and maintaining a security awareness training and education program, managing cloud and onsite cybersecurity posture and working with business leaders for anything security related and advising the company to the best of my ability.

2021 : Present

Certain Affinity

Senior Manager Information Security

Responsible for creating and delivering excellent customer engagement and technical expertise to ensure the success of our products within their environments.

Function as subject matter expert in Security Operations for Network Intrusion Detection training analysts on the use of the Bricata Platform.

Create and maintain cloud based trainings for security software for Azure and AWS.

Tune Bricata platform using Zeek Scripting language.

Monitor threats to the enterprise for our largest health care customer and create rules that trigger alerts for those threats.

Advise on implementation and use of NIDS, HIDS and other security software suites.

2019 : 2021

Bricata

Principal Consultant

Lead a team of Cyber Security Professionals in Cloud and Data Center Security Practices.

Responsible for creating global risk management strategies for online resources provided to customers from all development studios.

Advises executive leadership on key security initiatives that reduce risk without impacting business operations and development.

Provides leadership and governance for managing threats and evaluating solutions to mitigate risk to business operations.

Oversees development of security training requirements enterprise wide for all development engineers.

Responsible for creating corporate strategies for handling regulatory compliance.

Implement security practices and standards for all data center information systems and applications in anticipation of new product releases by Zenimax Media subsidiaries.

2016 : 2019

ZeniMax Media

Sr. Manager Information Security

Create security solutions for monitoring cloud computing access and systems in Amazon Web Services. Cloud Tools : Security Monkey (Netflix OpenSource), Evident.io (Cloud Monitoring Solution)

Write and maintain Information Security Policies for live environments and publishing systems.

Architect Distributed Denial of Service (DDOS) attack mitigation strategies with purchased equipment and ISP services.

Audit security miss-configurations in Amazon Web Services, help the organization move into cloud resources with limited security liability.

Implement and maintain F5 security products such as Application Security Manager, which is a Web Application Firewall, the F5 Access Policy Manager, which is an access control system for internal applications. (F5 ASM/APM)

Create and maintain python scripts for automated processes triggered by Splunk alerting and calling JSON endpoints to automate remediation of in-game security issues.

Create Splunk searches and alerts that aggregate into behavioral analysis of in-game account actions to determine account intention and use of in-game mechanisms.

Maintain 2-factor access to data center resources using DUO and resource assigning with LDAP groups/permissions.

Deployed OSSEC and Linux Auditd data center wide, grooming the data for Splunk consumption and enriching the logs to make them human readable.

Implement and maintain Network Security Monitoring using Gigamon, Bro IDS, Security Onion technologies reporting to Splunk via syslog-ng or Splunk forwarding.

2013 : 2016

Zenimax Media

Sr. Security Engineer

Evaluate and implement security system products across the IT Enterprise. Monitor and report IT anomalies resulting in poor security practices. Engineer and evaluate security posture for all enterprise systems hosting customer services.

Maintain security for released intellectual properties developed by Trion Worlds inc. including Rift and Defiance, as well as IP that is not currently released or public knowledge.

2012 : 2013

Trion Worlds, Inc.

Sr. Security Analyst

Company: Certain Affinity

Years of Experience: 27