JEFF BOLLINGERlinkedin.com/in/jeffb0llinger | Esse Quam VideriSUMMARY • 20+ years of experience in incident response, information security technology, securityarchitecture, cloud security, threat research, risk and vulnerability management, andmanagement of all aspects of security for large enterprises and academic networks• Capable and accomplished executive with a practical vision for effective security andinspiring managers, engineers, and architects to deliver high quality resultsSKILLS & ABILITIES - Incident response and threat detection- Cybersecurity threat intelligence- Technical leader and people of large organizations- Global enterprise security operations leadership and strategy- Security investigations and security solutions architect for enterprise networks- Cloud security and enterprise security- Experienced international speaker and writer- SANS Lecturer- Author of O’Reilly Media’s Crafting the InfoSec Playbook used in universityCybersecurity courses- Able to articulate complex security issues appropriately for all levels of business- Strong understanding of cybercriminal and adversarial techniques and methodsEXPERIENCE DIRECTOR INCIDENT RESPONSE AND DETECTION ENGINEERINGLINKEDINFEBRUARY 2021 – PRESENTRedesigned and overhauled the incident response program, creating three business functionsand expanding to two theatersExpanded incident response coverage from 10x5 to 24x7 monitoring, nearly doubling the timespent protecting the company from threatsDecreased time to detect and contain security incidents from days to under two hours on averageDesigned and implemented a threat intelligence program, expanding coverage of known threatsby more than 300%Reduced risk of phishing from persistent threat actors by 70% through investigations and creativediscovery and mitigation techniquesSENIOR MANAGER INFOSEC INCIDENT RESPONSE AND INVESTIGATIONSCISCO SYSTEMS, INC.SEPTEMBER 2015 – February 2021Managed global teams of senior security investigators, managers, and two teams of analysts forUS and Americas incident response operations at CiscoAchieved 24x7 detection, investigation, mitigation, and Incident Response (IR) coordination ofdigital crimes, policy violations, or malicious activity across the global corporate landscapeincluding private and public clouds like GCP, AWS, Azure, and OracleAuthored and edited tactical, risk-specific, and data-driven updates within one hour on an incidentto executive staff and senior leadershipVisualized incident data to identify key problem areas and drive changes to improve Cisco'ssecurity posture and response to threats improving average time to detect to under 24 hoursDeveloped a highly efficient framework for Monitoring, IR, and business intelligence as a servicereducing time to detect incidents to under three hours on average