Charles Flood

As a Security Architecture Lead, I provide security guidance for strategic initiatives across the organization, ensuring alignment with best practices and regulatory requirements. I develop long-term technology roadmaps to enhance the organization's security posture and drive proactive risk management.

I led the development of a defense-in-depth framework based on the NIST Cybersecurity Framework (CSF) for affiliate organizations, identifying and prioritizing foundational risks with cost-effective solutions. This initiative uncovered an average of six high-severity foundational gaps per affiliate. Additionally, I designed and modernized AWS security controls to enable secure development, reducing deployment times by 50% and misconfigurations by 75%, while increasing threat detection coverage by 200%.

To further strengthen security, I developed a threat modeling process to enhance architecture reviews, which doubled the number of high-severity findings. As a subject matter expert in cloud and network security, I provide strategic expertise and insights across the organization, ensuring robust security practices and resilience against emerging threats.

Designed and led the implementation of security architecture solutions across vulnerability management, threat monitoring, cloud security, and secure development, ensuring a comprehensive and proactive security approach. By championing the adoption of the NIST Cybersecurity Framework, I enhanced strategic planning and risk communication while delivering multi-year security development plans to strengthen the organization's risk posture.

Additionally, I led the enhancement of incident response processes, accelerating threat detection and remediation to reduce operational risk and impact. I also developed a purple teaming program to improve threat detection capabilities and foster stronger security collaboration. These efforts contributed to the organization being recognized by a third-party penetration firm for having one of the most effective security programs.

Established enterprise security architecture processes and solution patterns to ensure the consistent enforcement of security controls across the organization while aligning with organizational policies. Collaborating closely with Enterprise Architecture and Engineering teams, I developed secure design patterns for XaaS services, including AWS, Microsoft 365, Salesforce, and ServiceNow, enhancing security across cloud and enterprise environments.

Additionally, I led the design and deployment of Endpoint Detection and Response (EDR) and Network Access Control (NAC) solutions, significantly strengthening the organization’s overall security posture.

Collaborated with IT teams to design and implement secure, scalable solutions aligned with the organization’s policies and security best practices. I led the design and implementation of Data Loss Prevention (DLP), Intrusion Prevention Systems (IPS), and vulnerability management solutions, to strengthen the organization’s ability to prevent, detect, and respond to threats. Additionally, I conducted threat detection and incident response activities.

Led network engineering efforts for a $2 billion health insurance organization, ensuring robust, scalable, and secure network infrastructure to support business operations. Additionally, I assisted in the architecture and implementation of various internet-facing services, enhancing accessibility, performance, and security for critical applications.

Network engineer team lead, responsible for the organization’s data communications network compromised of over 500 sites. I designed and implemented a unified network solution integrating four organizations across healthcare, retail, and manufacturing into a single data communications network.

Led network infrastructure upgrades for 200+ sites, implementing dynamic routing, wireless enhancements, and network security improvements.

Configured and installed routers, switches, and firewalls for multiple New York State agencies and school districts.