Joshua Scott
Innovative and experienced leader with nearly 30 years of success across all facets of information security, specializing in security engineering, efficient technology implementation, and modern program methodologies. A pragmatic and collaborative team player, focused on delivering value-driven cybersecurity solutions that seamlessly enable business objectives. Committed to transparency, accountability, and building high-performing teams while staying ahead of industry trends and technological advancements. Technically adept, with strong coding skills and deep expertise in development practices and modern software architectures.
Professional Experience
Postman, October 2020 - August 2024
Head of Information Security & IT
Led a nearly 40-person Information Security and IT organization at a prominent SaaS software/API development platform startup, this senior leadership role reported directly to the CTO/Cofounder. The position encompassed comprehensive oversight of Security Operations, Governance, Risk and Compliance, Product Security, Cloud Security, Identity & Access Management, and IT Infrastructure, successfully scaling the team from 13 to nearly 40 members while maintaining exceptional performance and below-average attrition rates.
Notable achievements included implementing a comprehensive security strategy aligned with business objectives, successful completion of multiple SOC 2 audits, and the establishment of a dedicated product security unit. The role drove strategic initiatives for HIPAA compliance, ISO certification planning, and modern security infrastructure deployment. Leadership extended to direct customer engagement, supporting product sales through security expertise and trust-building. Additional accomplishments included revolutionizing corporate IT operations through improved service desk functions and streamlined procurement processes, resulting in enhanced operational efficiency and optimized costs.
Realtor.com (News Corp), Westlake Village, CA, 2007 – 2020
Chief Information Security Officer (2017 – 2020)
Director of Information Security (2015 – 2017)
Manager of Information Security (2012 – 2015)
Principal Security Engineer, Security Architect (2007 – 2012)
Key advisor for data security. Conceptualize, design, and implement modern security programs enterprise wide. Champion strategic security planning. Structure programs focused on security engineering, product security, intelligence, response, risk management, and governance. Prevent and address cloud computing vulnerabilities by designing operating models with deep security roots. Lead security engineering to integrate security features into product builds. Leverage expertise to influence initiatives and steer transformational change. Build high-performing teams by recruiting, hiring, training, and developing talented individuals, and creating a culture that fosters creative expression and innovation. Conduct cross-functional collaboration and fact-finding sessions with management colleagues, vendors, clients, and staff.
Key Accomplishments:
- Founding member of Realtor.com Information Security Team.
- Spearheaded the creation and implementation of a ten member InfoSec Team that only had one person leave in 8 years.
- Directed project teams developing an AWS security architecture that enabled engineering teams to achieve velocity requirements without sacrificing security.
- Led the development of a security tooling ecosystem to process thousands of vulnerabilities and automate remediation, with only a 15% false positive rate.
Skills
Security Programs: Enterprise Security, Security Engineering, Security Governance & Assurance, Security Operations, Data Security & Governance, Data Privacy, Security Architecture, Cloud and SaaS Security, Application/Product Security, DevOps/DevSecOps, Threat and Vulnerability Management, Detection Engineering and Response, Incident Management, Field Security/Security Sales Enablement, GRC, Policy Development, Risk Management, Identity & Access Management, Security M&A Due Diligence
Compliance: NIST CSF, ISO 27001, SOC2 (Type I/Type II), CIS, GDPR, CCPA/CPRA, HIPAA, Sarbanes-Oxley (SOX), PCI
Technology: On prem, hybrid, multi-cloud, cloud native | SaaS, PaaS, IaaS | AWS, Azure | Linux, Mac OS, Windows | Firewalls, CSPM, CNAPP, SIEM, SOAR, EDR, DLP, ZTNA, CASB, PAM, Generative AI
IT Programs: IT Service Desk, Desktop Support, Systems Administration, IT Procurement, Identity & Access Management, Identity Governance, IT Governance
Additional Experience
Pre/Post Sales Engineer (Remote), Fox Technologies, Palo Alto, CA
Senior Security Architect, Jacobs Engineering Group, Pasadena, CA
Lead Information Specialist, WMC Mortgage Group, Woodland Hills, CA
Technology Consultant/Manager, TechKnowledge Systems, LLC., Encino, CA
Systems/Network Engineer, El Camino Resources, Ltd./ Real Application, Ltd., Woodland Hills, CA
Education & Training
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Cerfified Chief Information Security Officer (CCISO)