Bryan Zarnett - Agile Coach and Virtual CISO, Redhook Solutions

Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app

Network Power<100 people

Roles

💰100%

Investor & VC

🔥100%

Startup Founder

✨100%

Business Owner

Geos

🇦🇺100%

Australia

Work Background

Virtual CISOVirtual CISO

May. 2022 - Feb. 2024Ontario, Canada · RemoteAs a seasoned Virtual CISO, I offer a strategic amalgamation of cybersecurity leadership and business insight, dedicated to safeguarding an organization's digital assets across multifaceted structures. My approach is centered on deploying comprehensive security practices, policy development, and incident response strategies that are not only responsive but also forward-thinking and sustainable. Actionable Security Practices. I excel in crafting and implementing robust security policies and governance frameworks, grounded in CIS and NIST standards. My methodologies have empowered organizations to address internal security challenges, fulfill insurance requirements, and efficiently manage auditor inquiries, all while ensuring ongoing practice maintenance. Expert Witness. My expertise extends to the legal arena, where I serve as a trusted expert witness in IT Security, Incident Response, and Intellectual Property litigation. I support legal teams with in-depth research, comprehensive report crafting, and cogent testimony, bolstering case strategies. Incident Management. I take charge during security incidents, orchestrating a cohesive response among team members, breach coaches, and external partners. My focus is on swift containment and resolution, coupled with thorough analysis and the development of a strategic roadmap for continuous security enhancement. Mentoring. I am passionate about knowledge sharing, guiding not only junior security staff but also non-technical personnel and executives. My mentoring covers essential cyber-security practices related to daily operations, incident response, and auditing, with an emphasis on specialized areas such as vulnerability and key management.

EverlinkVice President, Client Services and Operations

Jan. 2022 - Feb. 2024As Vice President of Client Services and Operations, I spearhead the IT Security, Production Support, and Client Services teams, fostering excellence in their diverse roles. My leadership is defined by a unifying vision that prioritizes customer rapport, collaboration, and continuous improvement. This approach not only enhances the sustainability of team members but also cultivates a culture of mentorship. By actively developing innovative solutions for immediate challenges, we have successfully launched initiatives that align with our operational objectives and strategic roadmap. Practice Efficiency. I led the overhaul of policies, governance, and practices, significantly boosting departmental efficiency and the quality of content. This initiative provided a clearer view of the operational state and enabled team members to perform tasks with precision, enhancing the overall workflow and reducing redundancy. PCI, SOC2 Compliance. I spearheaded compliance projects that not only met but exceeded PCI and SOC1/2 standards. By streamlining compliance processes and addressing gaps proactively, I shortened the timeline for compliance activities by two months compared to previous efforts, thereby enhancing the organization's compliance posture and operational efficiency. Security Implementation. I directed the comprehensive development of a security framework aligned with CIS and NIST guidelines, encompassing policies, practices, and tools. A key focus was on mentoring staff in robust security practices, significantly bolstering organizational resilience and aligning with both internal standards and compliance requirements. DevOps. I led the transformation of the production support team into a DevOps-centric operation, leveraging the Scrum framework to foster a culture of collaborative problem-solving. This shift not only improved operational efficiency but also encouraged innovative thinking and automation, leading to faster, more reliable delivery cycles.

CytelligenceManaging Director, Security Consulting

Jun. 2016 - Dec. 2021Toronto, Canada AreaAs managing director of Security Consulting at Cytelligence, Bryan's focus is on the continual development of our A-level specialists and the passionate drive towards effective, practical and high-quality evaluations of an organizations security profile. An active participant in security engagements, Bryan supports his team in innovation, effective execution and clear benefit-driven action for our clients. • Physical and Digital Social Engineering • Penetration Testing and Offensive Security • Wireless and Device Penetration Testing • Governance and Risk Compliance • Breach Investigations and Compromise Assessments • General Security Consulting and Training

Objectwise Consulting GroupAgile Subject Matter Expert

Jan. 2015 - Dec. 2017Toronto, Canada AreaSince January 2015 I have been proud to offer my experiences to ObjectWise clients regarding the use of Agile and Lean practices in the software development industry including secure development life-cycle enabling. My focus on ObjectWise is to help individuals understand the best way to implement the Agile philosophy, Methodologies and Vision to best suit their organizations needs and corporate culture. - Scrum, Extreme Programming and Kanban planning and coaching - Agile governance, strategy and planning - Cross-discipline Coaching - Implementation Strategies and associated tactics

TELUSDirector, Threat and Vulnerability Assessment Consulting

Jun. 2014 - Jan. 2016Toronto, Canada AreaBryan Zarnett is the Manager of the Threat and Vulnerability Assessment team for TELUS Security Solutions practice. With over twenty years of experience in software engineering, security and computer forensics Bryan provides vision, leadership and strategic direction for his team, and TELUS clients, from a pragmatic and sophisticated point of view. Bryan’s focus is on the development of comprehensive security analysis solutions that can provide TELUS clients with the strategies, tactics, and plans to manage their environments, pre and post exploitation. His philosophy is based on creating secure environments that support businesses risk management, information security and opportunity transformation goals. In addition to providing consulting services and direction for his team, Bryan’s experiences have been extensively used to support TELUS clients through Vulnerability Assessments, Penetration Testing, Static Code Analysis, Intellectual Asset Audits and Forensic Investigations. Bryan’s experiences include a wide variety of organizational sectors and delivery channels including leading financial and insurance institutions, car manufacturing industry, healthcare, and government bodies. - Security engagements incl Threat Modeling, Penetration Testing and Vulnerability Assessments - Development and update of team methodology and business approach - Coaching of team members - Improve technical and sales performance of threat & vulnerability team - Re-development of offered services to better meet customer needs

TELUSDirector, Application Security

Feb. 2013 - Jun. 2014As Directory of Application Security I am responsible for supporting and coordinating forensic team members in the analysis, audit, and exploration of application systems for security and forensic investigations. My non-managerial responsibilities include: • Open Source Intelligence • Malware Forensics • Ethical Hacking and Application Penetration Testing

Digital WyzdomDirector, Application Security & Custom Development

Oct. 2012 - Feb. 2013TorontoAs director of application security and custom development I am responsible for hands-on work with Digital Wyzdom clients as well as managing a professional team of Software developers and security professionals. Our value system and approach is driven by placing value in secure, effective and innovation software solutions. My activities at Digital Wyzdom include: • Direction to our application security professionals • Hands-on testing/validation of software solutions • Architecture/design of custom solutions • Management and hiring of DW development staff • Management and hiring of DW Application Security staff • Communication with out clients on all application aspects

Durham Modern Martial ArtsHead Instructor

Aug. 2012 - Nov. 2019Whitby, OntarioAt Durham Modern Martial Arts, we strive in building our community by helping people get in shape, be safe and, at the same time, instil the life skills and characteristics of a true martial artist. We know that the values and life skills taught through the Martial Arts can create remarkable improvements in school, careers, relationships and every day activities. We are driven to help people achieve higher levels of self-discipline, personal empowerment and a positive attitude towards everything that you influence. At Durham Modern Martial Arts we provide expert training in martial arts, personal protection and fitness. We take the time to create a tailored environment to give you the right experiences in the martial arts, regardless of your age or experience. We take the time to ensure that each student reaches their own unique goals.

Kobo Inc.Scrum Master/Program Manager

Jul. 2011 - Oct. 2012Toronto, Canada AreaAt Kobo, my work is split between the roles of Scrum Master for the collection of web back-office teams following the traditional SM roles of team coordination, issue resolution, and methodology advocacy. In addition to this role I also am the Agile Program Manager, working with Scrum-of-Scrums to coordinate and launch multi-departmental and cross-team initiatives that include working with international clients and team dispersions. • Scrum Master for the Web back-office teams • Agile Program Manager for Libris launch • Agile Program Manager for Rakuten (Japan) launch • Agile Program Manager for Tablet Software Solutions

Digital WyzdomDirector, Software and Applications

Nov. 2007 - Oct. 2012As director, I have the unique opportunity to work with and coordinate a diverse group of software professionals from various implementation channels; responsible for custom IT solutions - both software and hardware. In addition, I play an important hands-on role as a solution architecture and senior forensic specialist.

Redhook Solutions Inc.Consultant

Jan. 1998 - Nov. 2007As a freelance consultant I was able to provide my technical expertise on a broad range of subjects for Windows, UNIX and Macintosh platform for Fortune 500 and Fortune 1000 organizations including CIBC, BMO, IBM, Toyota, and other organizations in a variety of senior capacities that encompassed all aspects of the software development lifestyle. My experiences included business, managerial and technical acumens.

Off-line ProjectsChief Implementor and Problem Solver

Jan. 1995 - Jun. 2020GlobalI am frequently doing a variety of projects for friends, family and organizations of various sizes in a variety of fields I have experience in including Publishing, Book Design, Software Development, Webpage Design and more. Some of the more recent projects include: • eBook implementation of "Mastering Kenpo: The Path to Excellence" by Skip Hancock • eBook implementation of "Aware" by Skip Hancock • Cycle Story Cards for "The Path to Excellence" • WordPress plug-in for managing lesson curriculum associated to a user • Rails gem to support multiple simultaneous databases