Profile
I'm
Ian Norden. I enjoy tackling projects by building secure solutions directly into SDLC pipelines, such as SAST/DAST/SCA (secure app delivery), container assurance, and cloud posture management systems which include far-left IAC Scanners.
I focus primarily within Cloud and Application Security teams, both helping to build and lead each. My efforts are always flavored by a Red Team first mentality. I find joy in steering away from manual, repetitive work, while investing in quality automation thru Python (3.x).
I've introduced foundational change to lead AppSec, was the first member of Red Team, and am now building the CloudSec team at Intercontinental Exchange(NYSE: ICE), a leading network of regulated exchanges and clearinghouses for financial and commodity markets.
Experience
Building the CloudSec team at ICE, starting with one engineer and scaling to four. Continued focus in controls alignment and architecture bringing on-prem requirements to cloud contexts. From bring your own key requirements, to default S3 bucket encryption, to our root 2FA strategy, my teams are fundamentally responsible for the security estate of our cloud. We focus on enablement through posture management tooling, use-cases for container security services, and bring POCs through solution delivery. Introduced golden ami project, logging standardization for cloud, Azure and GCP Landing Zone Security Architect. Responsible for M&A alignement initiatives, coordinating first thirty days through security assurance tasks.
Returned to the App Security team to help resolve lingering talent acquisition gaps. Returned to lead and own the ICE Bug Bounty program and automating its findings pipeline. Introduced applog standards to support Cyber DFIR team, building automation requirements to auto-detect known apps to their respective Splunk logs once forwarded, validating continuous applog pipeline. Broadened the AppSec team's capability to risk assess Cloud SAAS deployments, and improve standards aligning Vendor Management and GRC teams. Started ICE's initial CloudSec assessments for Lambda use supporting ephemeral compute in AWS.
Recognized as a leader within InfoSec at ICE promoted to Senior level. Owned the buildout and maintenance of vulnerability scanning program. Leading most initiatives to create automated solutions through a Python automation project bringing together disparate InfoSec teams, tools, and solving manual processes. Architecting and implementating an always-on security controls testing platform, Verodin. Considered the ICE subject matter expert on TLS implementations and the internal crypto policy owner. Regularly develop and publish TLS cookbooks internally for standardization. Developed config standards for SSH and SFTP servers throughout ICE.
Challenged as the first member of the Red Team to build a platform for penetration testing and scenario developement dors for automating Red Team scenarios, building networks and infrastructure for penetration testing. Managing numerous penetration testing vendors, executing against policy and best practices. Pursuing OSCP Certification. Developing a platform for automated assessment of SSH / SFTP configuration hardening to expand on the TLS / dashboard dev project. Own and manage the Bug Bounty platform.
Created first hardening and configuration guidelines. Key resource in producing proof of concepts for improving password hashing standards. Continued aggressive expansion of the vulnerability scanning platforms. Developed a proof of concept HTML based Pentest Report Generation tool. Key automation resource for scripting heavy lift tasks from other InfoSec teams. Key resource in overhaul of vulenrability scanning policies. Built pentest produced POC's for internal use.
On day one, challenged to overhaul, expand, and own the entire infrastructure vulnerability assessment platform. Expert technical resource for SSL / TLS hardening, created automated platform for scanning TLS configurations throughout the enterprise (inspired my personal SSLDash project). Wrote the vulnerability assessment policies and procedures. Coordinated numerous penetration tests of ICE web and thick client applications. Championed the AppSec Web App Dashboard project to automate clunky metrics, reduce human error, and enhance AppSec assessment capabilities using Python / Django. Lead resource in implementing Bug Bounty program.
Lead role and customer advocate within the Security Professional Services. Lead on all customer engagements and a key technical resource for major sales engineering efforts. Performed numerous penetration testing scenarios and assessments. Overhauled reports to integrate with new toolsets and align with industry best practices. Re-engineered the Network Professional Services assessment infrastructure.
Built a new team and infrastructure within the Security Professional Services organization. Expanded and strengthened our vendor management functions for backfill on special tests coordinating numerous testers. Rewrote the penetration testing policies and procedures in a customer facing function. Planned an overhaul of all capabilities within the organization.
Part of a broad InfoSec team coordinating DFIR investigation, SIEM alert response, and vulnerability management. Grew vulnerability assessment to pre-production infrastructure. Lead resource for knowledgebase documentation. Lead for mentoring and training new team members through Analyst II.