Jack Miller

Fractional Chief Information Security Officer (vCISO)

2024

Provide fractional CISO and CISO advisory services to Freeman Clarke’s, Tevora's & CISO Access's global customers. • Reduce cyber risk and ensure regulatory compliance by creating, implementing & leading both strategic and tactical multi-year information security and privacy programs including security & privacy engineering, regulatory compliance, team building & organizational development, awareness training, security operations & incident response, security vendor evaluations & implementations and Governance, Risk & Compliance (GRC) including third party risk management (TPRM).

Head of Global Professional Services & Technical Account Management

2020 - 2024

Built Menlo Security’s global Professional Services & Technical Account Management (TAM) organization, hiring & leading team members across North America, EMEA & APAC regions. Hired, trained & supported Customer Success Managers (CSMs), mentored CSM team manager, completed customer journey mapping & personas and identified & tracked key customer success metrics for executive & board reporting. Transitioned to Advisor Role in March 2024. • Grew Professional Services subscription revenue by 6000% & total revenue by 3500% with a 31% margin, Gross Revenue Retention (GRR) of 90% and Net Revenue Retention (NRR) of 115% while scaling global team by 375%. • Reduced deployment timelines and customer time to value from over 9 months to 3 months through the development and implementation of Menlo Security’s QuickStart and JumpStart deployment services. • Secured approximately $20M of additional revenue for Menlo Security by completing the implementation of the world's largest zero trust cloud-delivered secure web gateway/isolation-as-a-service deployment for 3.5M users within US Department of Defense two years ahead of schedule. • Reduced Professional Services and Technical Account Management (TAM) staffing costs by 65% while increasing customer coverage by building a Professional Services Center of Excellence (COE) in India. • Achieved highest employee end of year engagement survey results across all teams at Menlo Security for 2023 despite implementing 2 rounds of layoff earlier in the year. • Achieved 400% increase in the number of customers purchasing Menlo Security’s Platinum Support by directing and overseeing Menlo Security’s global professional services’ & Technical Account Management (TAM) team’s development of value driven customer dashboards, reports and integrations increasing customer value. • Reduced customer Request for Feature Enhancements (RFE) backlog by over 50% by streamlining process with Product Management and Sales Engineering Teams.

Senior Vice President of Operations (Customer Success & IT) & Board Member

2019 - 2020

Spearheaded all facets of Customer Success (CS) & Information Technology (IT) including operations, service delivery, project management and managed services (security operations center - SOC). Orchestrated and owned delivery of privacy & security consulting, virtual CIO/CISO, compliance/security assessments, penetration testing, and security operations. Developed and implemented strategies to improve client satisfaction, loyalty and advocacy resulting in increased Gross Revenue Retention (GRR) and Net Revenue Retention (NRR) • Achieved 95% GRR and 120% NRR through directing the execution of service delivery, customer success and quality control to ensure exceptional customer outcomes. • Increased employee productivity by driving innovation as the leader of Specialized Security Services’ Information Technology & Security organization through the implementation of a Professional Services Automation (PSA) application running on top of Salesforce. • Increased customer satisfaction, renewals and expansion by leading the project management office’s efforts to streamline workflows and enhance project execution, ensuring the successful completion of customer PCI audits and Report on Compliance (ROC) generation with notable customers including an international hotel chain with over 5,000 properties in over 110 countries and a leading US based restaurant chain with over 600 locations. Audits covered point of sale (POS) card present, card not present, ecommerce (web and mobile) and integrated voice response (IVR) systems.

Chief Information Security Officer (CISO) & Executive in Residence (EIR)

2016 - 2019

Provided CISO, Field CISO, Fractional CISO (vCISO), Fractional Chief Privacy Officer (vCPO) & CISO Advisory services to venture capital companies and cybersecurity startups including Norwest Venture Partners, SlashNext, ZitoVault Software, Open Systems, Menlo Security, Proficio, Palerra, Baffle, Dtex Systems, WootCloud, SkyHigh Networks, FireEye, Wing Venture Capital, Interset, Cloud Knox, K2 Security, Zero Systems & Tevora. • Supported VC portfolio companies and other high-growth startups on cybersecurity, privacy and regulatory compliance matters and identified and developed programs and remediation plans for information security, product security, privacy and compliance gaps and risks and obtaining ISO, PCI and SOC2 certifications. • Advised on Governance, Risk & Compliance (GRC) as well as security training & awareness and incident response. • Innovated as lead inventor and co-author on a patent leveraging machine learning (ML) to dynamically fortify home IoT devices, creating opportunities for additional revenue streams. • Drove company growth by formulating comprehensive long-term and short-term go to market strategies and identifying customer needs & gaps to improve products and create new product and service offerings and training internal teams. • Built strong customer relationships by establishing trust and providing value through coaching & advisory to potential and existing customers and driving revenue by participating in sales meetings and training sales and sales engineering teams. • Drove brand awareness and established market identity through thought leadership activities (public speaking, blogs, whitepapers, analyst calls and media interviews).

Head of Information Protection (Chief Information Security Officer)

2011 - 2016

Orchestrated all aspects of information security for Auto Club Enterprises and all subsidiaries. Collaborated as a key member of CIO's leadership team and functioned as an assistant CIO. Contributed to strategic and tactical management decisions for entire IT organization. Designated as named successor on CIO's succession plan. • Decreased annual PCI compliance costs by over 50% while significantly reducing the chances of a material security incident by architecting & implementing one of the first full tokenization/E2EE solutions (Privacy Enhancing Technology – PET) in the World with a scope that included in-store card present and card not present, web, mobile, 3rd party and integrated voice response (IVR) POS transactions. • Obtained executive support and increased security budget by implementing a formal Governance, Risk & Compliance (GRC) program that included developing a multi-year risk reduction plan, along with appropriate policies, standards, procedures & controls; regularly updating the executives and Board of Directors on key metrics to ensure ongoing alignment with broader company goals and continued support for the security program. • Prevented a 3rd party security incident by building and implemented a third-party risk management program that included assessing all current vendors to ensure their compliance resulting in the cancellation of one vendor’s contract and removal of all AAA confidential data from that vendor who subsequently suffered a significant data breach, impacting all their customers. • Reduced business project security costs by over 25%, eliminated shadow IT and drove digital transformation by partnering with the business leaders, showcasing technology innovations and participating in their planning and goal setting processes. • Enabled the business to meet annual goals by effectively and efficiently implementing appropriate and cost effective security controls, successfully completing AAA’s first PCI Report on Compliance (ROC).

Chief Information Security Officer

2008 - 2011

As CISO, I ensured the appropriate protection of all county information and information systems across all departments and scaled security team from 5 to 11 positons. I also served as the HIPAA Security Officer for Riverside County's Public Health System including the Riverside Regional Medical Center (University of California, Riverside School of Medicine's teaching hospital) and as part of CIO’s leadership team I functioned as an Assistant CIO. • Implemented Incident Response and Crisis Management technologies and processes that allowed us to identify and quickly respond to a security incident preventing the disclosure of protected health information (PHI). • Achieved HIPAA compliance for the Riverside County Regional Medical Center which includes the teaching hospital for University of California, Riverside (UCR), by implementing an electronic medical records (EMR) system, reducing operating costs and improving patient outcomes. • Obtained requisite budget and support from the Board of Supervisors and provided regular updates on key metrics to ensure ongoing support and alignment. • Built team of forensic experts to aid in law enforcement and human resource led internal investigations resulting in successful criminal prosecutions or employee disciplinary actions.

Corporate Information Security Officer (BISO)

2004 - 2008

Ensured the appropriate protection of all corporate information and information systems for Pacific Life. • Ensured Corporate IT complied with all global security policies and requirements by working closely with IT leadership to align and embed security requirements into all technology initiatives and processes. • Ensured global security policies and requirements aligned with Corporate IT goals and objectives by representing Corporate IT on the global information security steering committee. • Established formal governance within Corporate IT through the implementation of an Information Security Management System (ISMS) based on the ISO 27001 standard. • Achieved Sarbanes-Oxley (SOX 404) compliance and attestation for Corporate IT.

Chief Information Security Officer

2001 - 2004

As Orange County’s first CISO, I built their Information Security Program, ensuring the appropriate protection of all county information and information systems across all departments. I also served as the HIPAA Security Officer for Orange County's Public Health and Mental Health Systems. • Co-founded the California Counties Information Security Forum (ISF) and led the effort to create a statewide standard for information security programs and policies, reducing the risk of a multi-county security incident and reducing security vendor license costs by leveraging mass purchasing power. • By building a countywide culture of security awareness, fewer computers were being infected, decreasing required remediation efforts, resulting in decreased operational costs while significantly reducing the chances of a security breach. • Through the implementation of an incident response and crisis management program, we identified and quickly responded to an event, preventing it from becoming a significant security incident.

Co-Founder & CEO

1997 - 2001

Built and managed a cybersecurity services company. • Built partnerships with key security vendors to provide best in class security software and hardware to our customers and enabled their sales teams to sell our services to their customers. • Achieved sales goals by focusing on high tech venture backed startup companies engaged in both business to business and business to consumer electronic commerce (Dot-com). • Drove industry awareness of security risks and risk reduction approaches through regularly speaking at industry and vendor events.

Lieutenant, 3rd Mate, 3rd Assistant Engineer

1991 - 1999