James Meier

Hands-on insider risk leader with deep experience building, operating, and evolving global insider threat and data protection programs at enterprise scale. Serves as incident commander for complex insider threat investigations, owning cases end to end while designing preventative controls, detection logic, and metrics that reduce organizational risk. Trusted partner to Legal, HR, Privacy, Physical Security, and executive leadership, with a track record of influencing outcomes without formal authority.

• Built and lead Coca‑Cola’s global Insider Risk and Data Loss Prevention program, migrating from Symantec DLP to the Microsoft security suite.
• Serve as incident commander for insider threat investigations, identifying, triaging, investigating, and remediating security detections and anomalous behavior across endpoint, identity, and data telemetry.
• Own investigations end to end, ensuring defensible outcomes aligned with regional employment laws and global data protection regulations.
• Designed and implemented preventative, detective, and risk‑scored controls, including proactive blocking, behavioral indicators, and conditional access enforcement.
• Authored and maintained advanced policies across Purview & Defender, DLP, DSPM, and Insider Risk Management, combining natural language classifiers with technical conditions.
• Compensated for platform gaps by engineering custom analytics and tooling using Microsoft Sentinel (SIEM) (KQL), Python, SQL, PowerShell, and Power BI to automate analysis and visualize insider risk.
• Conduct proactive insider threat hunting in large‑scale data environments, applying modern adversary tradecraft to identify misuse, credential abuse, and staged exfiltration.
• Produce standardized metrics and executive reporting to support investigations, measure risk trends, and streamline incident response.
• Partner closely with HR, Legal, Privacy, Physical Security, and Ethics to provide technical evidence and clear narratives for sensitive investigations. (Insider Risk Working Group)
• Developed the Insider Risk charter, CONOPS, governance model, and stakeholder engagement approach across crown jewels, critical assets, and critical sites.
• Perform physical site assessments with respect to data protection and insider risk exposure. (Sabotage)

Act as a technical mentor and force multiplier, raising analyst capability in investigation ownership, incident command, and insider threat tradecraft

Insider Threat Management Program (ITMP) – Carnegie Mellon University

Full Stack Flex Web Development – The Georgia Institute of technology