Jason Roth - CEO & Founder, NetAssurity Inc.

Feedback from Jason’s ex-colleagues

Let me see

Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app

Work Background

Holland & Knight LLPIT Risk Manager

Dec. 2018 - Apr. 2023Key Responsibilities Include: • Assist in the maturation and management of the Threat and Vulnerability Management program. • Scan systems for known vulnerabilities and provide support in the remediation of any vulnerabilities found. • Identifies areas of security risk, determines risk level and assists with efforts to mitigate those risks to an acceptable level. • Measure and report on security posture through the ongoing development and refinement of security metrics. • Performs issue and problem resolution and general security operations support. • Assists with security-related investigations and incident response activities and provides system forensics and investigative services. • Provide periodic “on-call” support of security operations during non-business hours. • Review change requests from a security perspective, understand and determine associated risk levels and make recommendations for approval or denial based on the risk presented. • Review, recommend and assist in implementing proper security diagnostic and access tools to enable the analysis, reporting and escalation of security events. • Act as a point of contact for execution for vulnerability testing of networks, systems and applications as requested. • Assist in the growth and development of the incident response team to act quickly and accurately during emergency situations. • Participate in the development, and delivery of an information security awareness program. • Approaches all problems, projects, and incidents with a high level of professionalism, objectivity and an open mind to new ideas and solutions. • Analyzes and identifies areas where automation can be used in the deployment of new technology to support effective resource management. • Maintain knowledge of vendor products, services and security technologies and recommend/implement their use. • Lead the implementation of ISO 27001 through certification.

Global Convergence, Inc.IT Security Manager

Apr. 2017 - Jun. 2018Oldsmar, FLResponsible for all information technology and physical security management including policies and procedures, employee security awareness and training, metrics, technical design and controls, and implementation. Provide security consulting services, as needed, to various projects and serve as a subject matter expert with regard to information and physical security architecture. Responsibilities: • Multi-layer information systems with understanding of modern applications, databases, internet/web and system architecture • Common operating systems and business application platforms with an understanding of enterprise architecture and integrations • Network security, configuration, protocols, and standards • Future trends within areas of expertise and understanding of converged security and risk management technology • Physical facility and data center security • Strong technical and cross functional relationship building skills with the ability to interact with inside and outside subject matter experts • Encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, and vulnerability and threat management tools • Security controls design, implementation, validation, and auditing procedures • Regulatory requirements, industry compliance, and security standards such as PCI DSS, ISO 27001 and ISO 9001, SOC1, SOC2, and NIST • Implemented security tools to address gaps and requirements (Rapid 7 InsightVM, Rapid7 InsightIDR, CarbonBlack Protect/Bit9, Forcepoint/Websense, Okta, Thycotic Secret Server, Microsoft SCCM, MalwareBytes, Symantec Endpoint Security, CISCO TACACS+, ZenGRC etc.)

WellCare Health PlansSenior Information Security Analyst

May. 2016 - Dec. 2016Tampa/St. Petersburg, Florida Area• Defined and established a governance structure to include a steering committee and associated workgroups (as necessary), to support collaboration, communications, decision making, prioritization, accountability related to IAM investments and services at WellCare. • Determined the appropriate structure, charter, and work plan for the Steering Committee. • Established the governance structure within WellCare and determined the appropriate stakeholders, setup and conducted interviews, gathered buy-in and support for an IAM steering committee. • Drafted a steering committee charter to document the purpose, structure, and cadences of the committee. • Worked with vulnerability management team to establish vulnerability management program, track remediations and document risk. • Developed baseline security standards and minimum secure configurations.

PwCInformation Security and Risk Management Consultant

Nov. 2015 - Apr. 2016Tampa/St. Petersburg, Florida AreaResponsibilities • Leveraged knowledge of risk identification, assessment, treatment processes to contribute to the development of new domain expertise in those processes on an ongoing basis. • Developed access control policies and a strong knowledge of role based access through the use of enterprise class user entitlement systems. • Conducted internal assessment audits, including communication of findings, development of corrective action plans, and tracking corrective action status. Incorporated assessment and audit findings into ISMS risk assessment processes. • Managed policy management, risk management, and document management applications to develop and maintain security policies and standards. Identified and leveraged relationships between data held in different applications to develop tools and reports that support the management of information security. • Contributed to cross-functional efforts, working with business, IT and global teams, as a representative of the risk management organization. • Responsible for leading cross functional teams. Responsible for managing work by suppliers and other providers. • Worked closely with US and global risk management, security and IT organizations

Tenet HealthcareInformation Security Risk Consultant

Tampa International Airport (TPA)Information Security Consultant

Jun. 2015 - Nov. 2015Tampa/St. Petersburg, Florida AreaResponsibilities • Performed highly complex analysis and technical tasks involving assignment and coordination of measures to provide information assurance, event detection and rapid response across various environments of the enterprise. • Designed, implemented and supported integration of information security solutions including security architectures, firewall administration/monitoring, integrating security products, and developed and coordinated security implementation plans. • Guided users and technical team members in formulating security requirements, integrating security requirements into existing system architectures, developing security test plans, overseeing the execution of security testing, and advising on alternative approaches. • Provided technical lead on security projects which involved a wide range of issues including secure architectures, secure electronic data traffic, network security, platform and data security and privacy. • Provided organizational support of enterprise security architecture and design, benchmarking, technical framework and gap analysis. • Reviewed and contributed to the improvement and standardization of the security administration process across all business units. • Prepared training plans for staff, allocated ongoing training for personnel on new computer systems or technologies being implemented which required security administration. • Assisted in forensic analysis, security incident response and investigations. • Performed daily Security Alert and Log Monitoring (Central Log, Virus, IPS, DLP, Web Content, Secure Email, and Active Directory Changes). Assisted with Monthly alert and log management reporting.

HPInformation Security Analyst

Feb. 2015 - Jun. 2015RemoteResponsibilities • Assisted in the demonstration of system security operational objectives by contributing information and providing recommendations to strategic plans and reviews. • Assessed systems for compliance against aligned security policies and standards and conducted gap analyses. • Prepared and completed associated remediation action plans; assisted with resolving problems; identified trends; determined system improvements and drove needed change. • Recorded system security plan information in the eGovernance, Risk and Compliance application to promote and develop security strategies; directed system control development and access management, monitoring, control, and evaluation. • Assessment and understanding of system safeguards, security provisioning and disaster preparedness and test plans. • Advised senior management by identifying critical security issues; recommending risk-reduction solutions.

Liberty Medical SupplyInformation Security Consultant

Jul. 2014 - Feb. 2015Port Saint Lucie, FLResponsibilities: • Complete implementation of existing security tools and controls (SIEM, Endpoint security, firewalls, web filtering, email filtering, etc.) • Rewrite security policies and procedures. • Conduct security gap analysis and risk assessment. • Recommend and implement new security technologies (DLP, IDS/IPS, Endpoint, SIEM, Malware, content filtering, etc.) • Review and advise on new software, hardware and vendors.

Chico's FAS Inc.Information Security Analyst/Consultant

Mar. 2014 - Jun. 2014Fort Myers, Florida• Perform information security reviews of requirements statements, detailed designs, implementation plans, and other documents produced during the systems development process. • Evaluate and recommend improvements to controls associated with information technology-related business processes such as: acquisition of information systems hardware and software, proper segregation of duties, application system development and testing, as well as systems change management. • Conduct qualitative and quantitative business systems risk assessments; findings presented to senior management. • Lead security projects including requirements definition, task planning, research, testing, implementation, and management. • Prepare and periodically update information security policies, architectures, standards, and/or other technical requirement documents needed to advance application security. • Perform periodic information systems risk assessments including those associated with the development of new or significantly enhanced business applications. • Assist in developing security awareness materials, security presentations, and information security training sessions.

NetAssurity, Inc.CEO/Principal Consultant

Jan. 2013FloridaNetAssurity, Inc is a provider of Managed IT Services and Information Security consulting. NetAssurity combines decades of technical expertise with the technologies from strategic alliances to solve IT issues impacting small and large organizations. We specialize in servicing healthcare, financial service, legal, hospitality and education markets.