Jason Berry

Experience

• 

  GoDaddy

  Jan 2011 - Oct 2023

   Led a team of Principal Engineers and Junior Engineers, offering mentorship and guidance to ensure the successful delivery of high-quality projects with a strong emphasis on cybersecurity through an agile methodology. Championed a culture of continuous learning and professional development within the security team, advocating active participation in workshops, conferences, and industry events to stay abreast of the latest security trends and technologies. Orchestrated the seamless migration of SIEM technologies to Splunk, minimizing operational disruption of the 10 TBS/day log volume, and elevating the organization's security posture through increasing MTTD. Pioneered the Security Partners Program, fostering collaboration with Product Teams to enhance security outcomes and adopt a holistic "Shift Left" approach to cybersecurity. Provided strategic guidance for the implementation of Application Security Testing (AST) tools and processes, focusing on early identification and mitigation of security vulnerabilities in the software development lifecycle reducing vulnerable code to production. Developed strategic roadmaps for the Product Security team, aligning them with CISO goals and the organization's strategic objectives. Worked globally across product teams in adopting secure practices within AWS, emphasizing secure design principles, and conducting rigorous threat modeling and security architecture reviews. Show less  Successfully architected and implemented a highly available IOC Datastore using AWS services. This strategic initiative greatly empowered our threat intelligence efforts, allowing us to proactively identify and respond to emerging security threats. The result was a significant enhancement in our organization's ability to stay ahead of potential risks and bolster our cyber defense capabilities. Key role in developing a proof-of-concept Malware Analysis machine in AWS to identify and mitigate security threats. Mentored junior team members on secure design methods and conduct code reviews. Show less  Leveraged AWS to design and implement a scalable logging architecture, enabling our organization to seamlessly accommodate the growing log volume. This move not only enhanced our threat monitoring and response capabilities but also showcased proficiency in harnessing cloud technology for scalability and high availability. Successfully maintained SIEM alerts to meet audit requirements and ensure regulatory compliance, with a dedicated focus on cybersecurity remediation. Provided valuable support to product teams in adopting secure practices within AWS and conducted thorough security assessments, emphasizing secure design principles through architecture review, threat modeling and adhering to security policies. Skillfully configured Web Application Firewall (WAF) for product team deployments, effectively reducing the risk of security breaches and cyberattacks due to OWASP misconfigurations. Show less

  • Manager - Information Security

    Nov 2021 - Oct 2023

  • Sr Security Engineer - Threat Research

    Aug 2021 - Nov 2021

  • Cloud Security Engineer

    Sept 2018 - Aug 2021

  • Information Security Engineer

    Mar 2017 - Sept 2018

  • Information Security Analyst

    Jun 2013 - Mar 2017

  • Hosting Operations & Security Team

    Jan 2013 - Jun 2013

  • Advanced Hosting Support

    Jan 2012 - Jan 2013

  • Hosting Support

    Jan 2011 - Jan 2012
• 

  Lakeshore Learning Materials

  Jan 2024 - now

  Information Security Manager