United States Security Operations

Nigel Sampson

Address: lyman *****, United States of America Phone number: 781-***-****

Email address: *********@*****.***

Strategic cybersecurity leader with 15+ years of experience developing transformative security solutions across global enterprises. Proven track record of reducing organizational risks by up to 90%, implementing Zero Trust architectures, DevSecOps (Shift-Left), Threat Modelling and driving comprehensive security strategies that enhance operational efficiency and protect critical business assets. Expert in securing complex environments, achieving key certifications, and leading high-performance security teams through innovative technological and procedural interventions.

05/2018 Certified Information Systems Security Professional (CISSP) ISC2

11/2010 CISCO Advanced Routing and Switching Certification CISCO

London, United Kingdom East Barnet School

5 x GCSE's

– KEY STRENGTHS

Security Operations

Zero Trust Network

Implementation Cloud Security Threat Mitigation

Team Leadership

Governance, Risk &

Compliance Incident Management Communications

03/2024 – 12/2024

Dedham, United States

Head of Cybersecurity and IT Ops

DoseSpot (Healthcare Tech)

Responsible for leading and developing Azure and AWS Cloud Security and IT Operations function for a leading software development company in the Healthcare industry.

Obtained initial SOC 2 Type 2 and HITRUST certifications Deployed 4 key information security solutions

Overhauled DevSecOps and expanded SAST, DAST, and SCA scans to all products

Created Security Awareness training that lowered security incidents by 30%. Developed Security Operations and improved incident management by 50% Expanded Application Security to cover all products. Profile

Certificates

Education

Key Strengths

Work Experience

02/2022 – 02/2024

Needham, United States

Director of Global Cybersecurity for IDG

IDG (International Data Group)

Spearheaded the development and implementation of a comprehensive global cybersecurity program across 7 business units with disparate tech stacks in 65 countries, covering 4,500 employees.

Engaged with C-Level executives and presented to IDG board members Selected, and implemented security technologies, including: Zero Trust Network Access, Attack Surface Management, Patch Management, Asset Inventory, Managed Detection and Response, Secure Access Service Edge, brand protection, and Third-Party Risk Management. Developed the Security Operations function that included Incident Response planning, Incident Management, event management, and Threat hunting. Developed an IT Risk Management program and maintained a Risk Register to track enterprise-wide IT risk items.

Created a high performing team of 10 security professionals Incorporated AGILE methodology into Incident Response Plans. Reduced the attack surface by 30%

Reduced vulnerabilities by 80%

Improved global IT risk profile by 40%.

01/2020 – 02/2022

Waltham, United States

Director of Cybersecurity and Information Security Officer Alegeus (Healthcare Tech)

Developed comprehensive GRC program encompassing PCI, SOC 1 and SOC 2 compliance.

Engaged with C-Level executives on cyber initiatives Developed Security Operations and engineering teams to manage and maintain security controls supporting the compliance program, Incident Response and Threat hunting.

Enhance cloud security using native and third party solutions Reduced compliance risk by 60%.

08/2018 – 10/2019

North Waltham,

United States

Director Information Security/ISO

Cotiviti (Healthcare Tech)

Responsible for the development, maintenance, and implementation of the Information Security Management program, assuring the confidentiality, integrity, and controlled availability of customer, employee and business information.

Achieved HITRUST certification for 6 lines of business. Provided quarterly updates to the Executive Committee. Manages a team of 12 Security Analysts, Risk Analysts and Engineers Developed an Application Security Program reducing vulnerabilities by 30% Improved Product Security by enhancing DevSecOps procedures Interfaced with clients on Security Assessment calls. Lead security awareness activities.

05/2017 – 07/2018

Andover, United States

Head of Security Operations

Charter Communications

Developed and manages a global Security Operations team on a day-to-day basis.

Managed 100 client cloud environments and security of the internal management network of 10k endpoints.

Advises clients on industry leading best practices and internal best practices for cloud security services.

10/2014 – 05/2017

Bedford, United States

Head Of Information Security/ISO

Aspen Technology (Software)

Developed Security Operations function. Including moving on-premise Splunk SIEM to cloud based SOC-as-a-Service.

Created a Mergers and Acquisition work program to limit risk for acquisition targets.

Improved IT operational workload by 75% through threat mitigation Work Experience

Created Security Awareness training that lowered security incidents by 50%. Deployed key security technologies, including Network Access Control (NAC), Data Loss Prevention (DLP), Security Information and Event Management

(SIEM), Web Application Firewall (WAF) Mobile, Device Management (MDM) and Security Email Gateway (SEG).

04/2012 – 10/2014

Boston, United States

Cybersecurity Project Manager

MBTA (Transportation)

Responsible for deploying 3 cybersecurity solutions and driving multiple PCI programs through to certification.

01/2020 Understanding the Benefits of the Capability Maturity Model Integration (CMMI)

Tripwire

01/2010 Network Security Demands both Internal and External Penetration Testing

Western Independent Bankers Magazine

01/2009 Seven Often-Overlooked Information Security Issues Western Independent Bankers Magazine

01/2009 Encryption – An Important Line of Defense

Western Independent Bankers Magazine

06/2013 MBTA Secretary of Transportation Innovation Award MBTA Secretary of Transport

Work Experience

Publications

Awards

Contact this candidate