Darren Cook

Experience

• 

  Datapipe

  May 2002 - Nov 2017

  Joined during the formative stages and rapidly ascended through various security leadership roles, contributing to the company's rise as an industry-leading multi-cloud MSP, culminating in acquisition by Rackspace Technology in November 2017.Played a pivotal role in establishing and scaling the security and GRC program since the company's inception, supporting 850 employees across 11 offices in the US, UK, and Asia.Developed an industry-leading MSSP and regulatory compliance platform (PCI, HIPAA), trusted by large enterprises, including Fortune 500 companies, to secure mission-critical workloads and ensure continuous compliance.Directed a global team of 12 security engineers, oversaw round-the-clock operations encompassing threat detection, incident response, vulnerability management, compliance monitoring, security awareness training, and customer support.Managed security service operations for clients, ensuring seamless implementation, continuous monitoring, and effective incident response across more than 10 leading enterprise controls, including WAF, IDS, IPS, FIM, MFA, and SIEM.Successfully led compliance initiatives for PCI DSS, SSAE16, SOC 2, and ISO 27001, fostering heightened customer trust and driving business expansion.Guided pre-sales engagements, effectively highlighting the value proposition of security services, and providing vendor security assurances by demonstrating compliance with industry standards. Show less

  • Director of Information Security

    May 2016 - Nov 2017

  • Information Security Manager

    Mar 2011 - May 2016

  • Senior Security Engineer

    Jun 2005 - Mar 2011

  • Senior Windows Systems Administrator

    May 2002 - Jun 2005
• 

  Rackspace Technology

  Nov 2017 - Jan 2019

  Director of Information Security at Rackspace

  Maintained leadership continuity post-Datapipe acquisition, driving the strategic alignment of global security center operations (SOC), managing a high-performing security and GRC team, and overseeing a multi-million dollar Managed Security Service Program (MSSP) to support evolving business objectives while upholding stringent security standards.Appointed by the Integration Management Office (IMO), spearheaded the development and implementation of a comprehensive security integration plan, aligning and integrating security measures and protocols through cross-functional collaboration.Oversaw security services management for 100+ legacy security customers, ensuring service continuity, deliverables, and compliance with contractual obligations, enhancing customer satisfaction and trust. Show less

• 

  Effectual

  Jan 2019 - now

  Chief Security Officer (CSO) & Co-Founder

  Co-founded the company and spearheaded security strategy and program development, contributing to our recognition as an AWS Premier Consulting Partner and achieving AWS MSP Competency, culminating in our acquisition by SDC Capital in December 2022.Directed the establishment and enforcement of security policies, procedures, and technical controls aligned with industry standards such as PCI DSS and NIST 800-53, and frameworks including CIS and NIST CSF.Achieved and maintained PCI DSS Level 1 and SOC 2 compliance across multi-cloud environments (including Microsoft Azure and AWS) since the company's inception, fostering a high level of customer trust and driving significant business growth.Founded and led a high-performing cross-functional security and GRC team, overseeing both organizational and MSP operations, safeguarding critical assets, mitigating risk, and driving compliance management initiatives.Led successful vCISO engagements, architecting comprehensive security programs, conducting in-depth risk assessments, and enhancing overall security and compliance readiness.Spearheaded the development and implementation of a comprehensive security awareness training program, significantly enhancing employee readiness in cyber threat awareness, policy compliance, and the secure use of both traditional and emerging technologies.Executed security due diligence for two major acquisitions, assessing cybersecurity readiness and risks, ensuring seamless and secure post-acquisition integrations.Designed and implemented a zero-trust architecture, mitigating risk and enhancing the security posture of the SaaS ecosystem, data estate, and mobile devices (including BYOD) in a hybrid workforce environment.Collaborated with the legal team to develop and implement a privacy program using automated tools for data discovery, classification, and protection of PII, ensuring compliance with regulations including GDPR and CPRA, while fostering a strong privacy culture. Show less