Brian Arnett

Senior Information Security Operations Leader with 25+ years of progressive IT and cybersecurity experience, including 10 years managing enterprise-wide security platforms and global engineering teams. Proven expertise in developing and operating comprehensive security tooling infrastructure across Fortune 500 environments. Strategic thinker with exceptional ability to align security initiatives with business objectives while fostering high-performing team cultures. CISSP certified with deep knowledge of vulnerability management, SIEM, IAM, and SecOps disciplines.

PRODUCT OWNER AND SENIOR MANAGER – ENTERPRISE SECURITY AND TECHNOLOGY

IBM | Lexington, KY | April 2015 – March 2025

Led enterprise-wide security operations as product owner and senior manager for comprehensive security tooling platform serving global IBM infrastructure. Managed cross-functional teams of engineers and managers across multiple time zones while maintaining responsibility for strategic planning, platform development, and operational excellence.

Key Achievements & Responsibilities:

• Architected and operated enterprise-wide security tooling infrastructure supporting critical cybersecurity functions including inventory management, vulnerability assessment, SIEM, and identity/access management for thousands of enterprise systems

• Owned complete product lifecycle for customized enterprise inventory system, ensuring accurate asset visibility and compliance across global infrastructure

• Led enterprise-wide vulnerability management program, managing scanning platform deployment, vulnerability data consumption, and coordinated remediation efforts across business units

• Directed Security Information and Event Management (SIEM) operations, overseeing enterprise-wide log collection, threat analysis, and security alerting infrastructure

• Managed Identity and Access Management (IAM) platform including authorization/authentication systems, continued business need reviews, separation of duties enforcement, least privileged access controls, and secrets management

• Served as Subject Matter Expert for corporate IT security policy, providing guidance on policy interpretation, implementation, and compliance requirements

• Drove internal customer engagement and success initiatives, ensuring business units met corporate IT policy requirements through effective use of shared security tooling

• Built and led high-performing global team of security engineers and managers, fostering culture of innovation, accountability, and continuous improvement

ACQUISITIONS SECURITY PROJECT MANAGER – IBM INDUSTRY SOLUTIONS

IBM | Lexington, KY | December 2011 – April 2015

Specialized in security due diligence, integration, and remediation for corporate acquisitions. Led cross-functional teams through complex security assessments and guided newly acquired organizations through IBM security policy compliance and tooling adoption.

Key Achievements & Responsibilities:

• Conducted comprehensive security posture assessments of acquisition targets, evaluating IT security processes, technology stack, and risk exposure prior to and during acquisition activities

• Led remediation projects to close security gaps and resolve critical issues during integration period, ensuring acquired entities met IBM security standards

• Managed integration projects to align acquired companies with IBM internal security policies, processes, and compliance requirements

• Onboarded newly acquired teams to IBM's internal shared security tooling infrastructure, providing training and ensuring smooth technology adoption

SOFTWARE DEVELOPMENT MANAGER – IBM SOFTWARE

IBM | Lexington, KY | December 1999 – December 2011

Managed software development and quality assurance teams for major IBM/Lotus enterprise software products. Delivered multiple successful product releases while building strong development practices and team capabilities.

Key Achievements & Responsibilities:

• Held quality assurance and management responsibilities for major IBM/Lotus software products, ensuring product quality and customer satisfaction

• Served as Release Manager for three major product releases, coordinating cross-functional teams and ensuring on-time delivery

• Provided development management leadership for client, server, administration, and installation technologies

BS University of Kentucky

 CISSP