Scott Harrison
Education:
Associate of Science (A.S.)
Computer Science
ITT Technical Institute-San Antonio
2002 : 2004
Experience:
Information Security Manager responsible for implementing and guiding a comprehensive security program for an entertainment software development company. Responsibilities include, daily security operations, risk and vulnerability analysis, communication with the C-suite about risks, creating and maintaining a security awareness training and education program, managing cloud and onsite cybersecurity posture and working with business leaders for anything security related and advising the company to the best of my ability.
2021 : Present
Certain Affinity
Senior Manager Information Security
Responsible for creating and delivering excellent customer engagement and technical expertise to ensure the success of our products within their environments.
Function as subject matter expert in Security Operations for Network Intrusion Detection training analysts on the use of the Bricata Platform.
Create and maintain cloud based trainings for security software for Azure and AWS.
Tune Bricata platform using Zeek Scripting language.
Monitor threats to the enterprise for our largest health care customer and create rules that trigger alerts for those threats.
Advise on implementation and use of NIDS, HIDS and other security software suites.
2019 : 2021
Bricata
Principal Consultant
Lead a team of Cyber Security Professionals in Cloud and Data Center Security Practices.
Responsible for creating global risk management strategies for online resources provided to customers from all development studios.
Advises executive leadership on key security initiatives that reduce risk without impacting business operations and development.
Provides leadership and governance for managing threats and evaluating solutions to mitigate risk to business operations.
Oversees development of security training requirements enterprise wide for all development engineers.
Responsible for creating corporate strategies for handling regulatory compliance.
Implement security practices and standards for all data center information systems and applications in anticipation of new product releases by Zenimax Media subsidiaries.
2016 : 2019
ZeniMax Media
Sr. Manager Information Security
Create security solutions for monitoring cloud computing access and systems in Amazon Web Services. Cloud Tools : Security Monkey (Netflix OpenSource), Evident.io (Cloud Monitoring Solution)
Write and maintain Information Security Policies for live environments and publishing systems.
Architect Distributed Denial of Service (DDOS) attack mitigation strategies with purchased equipment and ISP services.
Audit security miss-configurations in Amazon Web Services, help the organization move into cloud resources with limited security liability.
Implement and maintain F5 security products such as Application Security Manager, which is a Web Application Firewall, the F5 Access Policy Manager, which is an access control system for internal applications. (F5 ASM/APM)
Create and maintain python scripts for automated processes triggered by Splunk alerting and calling JSON endpoints to automate remediation of in-game security issues.
Create Splunk searches and alerts that aggregate into behavioral analysis of in-game account actions to determine account intention and use of in-game mechanisms.
Maintain 2-factor access to data center resources using DUO and resource assigning with LDAP groups/permissions.
Deployed OSSEC and Linux Auditd data center wide, grooming the data for Splunk consumption and enriching the logs to make them human readable.
Implement and maintain Network Security Monitoring using Gigamon, Bro IDS, Security Onion technologies reporting to Splunk via syslog-ng or Splunk forwarding.
2013 : 2016
Zenimax Media
Sr. Security Engineer
Evaluate and implement security system products across the IT Enterprise. Monitor and report IT anomalies resulting in poor security practices. Engineer and evaluate security posture for all enterprise systems hosting customer services.
Maintain security for released intellectual properties developed by Trion Worlds inc. including Rift and Defiance, as well as IP that is not currently released or public knowledge.
2012 : 2013
Trion Worlds, Inc.
Sr. Security Analyst
Company: Certain Affinity
Years of Experience: 27
I have provided security solutions for massively multi-player online games, such as World of Warcraft, Diablo 3, Defiance, Rift, and Elder Scrolls Online as well as security solutions for other intellectual property created by Zenimax Media Inc, Trion Worlds Inc and Blizzard Entertainment.
I have worked on data intelligence programs for large scale game platform projects such as Battle.net, Bethesda.net, and RedDoor.
I joined the USAF after graduating from high school and was honorably discharged from the Air Force after serving four years working in military intelligence at Lackland AFB in San Antonio, TX. After parting with the military I worked as an intrusion detection/information systems analyst for the Air Force Computer Emergency Response Team (AFCERT) at the Air Intelligence Agency.
I have experience meeting and exceeding regulatory government compliance such as Sarbanes-Oxley (SOX) and Payment Card Industry (PCI) compliance.
I have provided information security governance through policies and training programs as well as risk management and evaluation for multiple software development companies with both cloud and data center online presence. I am familiar with IT governance programs such as ITIL and COBIT, as well as project management software development methodologies such as Agile.