University of Maryland - Robert H. Smith School of Business
Chief Security Architect @ Chief security architect and Senior Principal Engineer at Amazon.com. Responsible for the security strategy for all parts of Amazon outside Amazon Web Services. Develop and implement the 3-year security strategy together with the CISO. Work with the CISO to report progress to the CEO, Senior Leadership Team, and Board of Directors. Supervise
Chief Security Architect @ Chief security architect and Senior Principal Engineer at Amazon.com. Responsible for the security strategy for all parts of Amazon outside Amazon Web Services. Develop and implement the 3-year security strategy together with the CISO. Work with the CISO to report progress to the CEO, Senior Leadership Team, and Board of Directors. Supervise and direct the technical work of a 200+ person security organization.
I work on security for every part of the business, including cloud, device security, fraud systems, mobile apps, all subsidiaries, and the retail and seller businesses. I have reviewed and designed security features for virtually all major products at Amazon. Over the past several years I led the development of Amazon's internal Cloud security strategy and network security strategy. I also led the development of the subsidiary security program and acquisitions review process.
Scoped, won approval for, architected, built, staffed and, once fully operational, handed off several new security practices, starting with the Amazon software security program. I ran the information security policy program for several years to ensure compliance with all relevant domestic and international regulations, then staffed a team to continue it, and finally handed it off to a different leader. I formalized and designed the first full-time incident response function within Amazon, and am currently the executive incident lead for all major security response stand-ups. I designed and staffed the internal penetration testing practice, then groomed a new leader to take over that program. Most recently I researched and proposed a security practice in China, designed it, and staffed a team under a manager in China that currently reports to me.
Delivered over 100 internal security training sessions on general security, secure design and development, threat modeling, architecture, hiring, and presentation skills, with very high scores. From October 2012 to Present (3 years 1 month) Greater Seattle AreaPrincipal Security Engineer @ As Principal Security Architect, I am responsible for the technical security strategy across the organization, ensuring that our technical direction takes a risk based approach to managing security and driving the correct set of initiatives to manage risk properly. From September 2008 to November 2012 (4 years 3 months) Principal Software Development Engineer @ Transitioned starting in November 2007 to a new role. Responsible for the overall security architecture of the eCommerce Platform as well as for the security aspects of the platform as a whole. From January 2008 to August 2008 (8 months) Principal Security Engineer @ Responsible for:
* Creating a security culture among developers across the company
* Building an application security practice
* Defining and achieving security training objectives across the whole company From September 2006 to December 2007 (1 year 4 months) Sr. Security Strategist @ From 2001 to 2006 (5 years) Assistant Professor @ Assistant Professor of Information Systems From September 1999 to September 2001 (2 years 1 month)
Ph.D., Management Information Systems @ University of Minnesota-Twin Cities From 1995 to 1999 MBA, Finance @ University of Maryland - Robert H. Smith School of Business From 1993 to 1995 MS, Information Systems @ University of Maryland - Robert H. Smith School of Business From 1993 to 1995 Jesper Johansson is skilled in: Windows Server, Application Security, Information Security, Cloud Computing, Computer Security, Security, Information Security..., Windows Security, CISSP, Networking, Penetration Testing, Enterprise Architecture, PCI DSS, Architecture, Firewalls, Distributed Systems, E-commerce, Network Security, Scalability, Identity Management, Software Development, PKI, Web Application Security, Linux, Cryptography, Vulnerability Assessment, Virtualization, Cloud Security, TCP/IP, Data Security, Network Architecture, Internet Security, Perl, Computer Forensics
Looking for a different
Get an email address for anyone on LinkedIn with the ContactOut Chrome extension