Ken Gallo

Details available upon request

Information Security Engineer and Architect for one of the world's leading aviation, power, and renewable energy companies.

• Designed and implemented a massive and innovative PKI (Public Key Infrastructure). The system has issued millions of certificates while saving the company millions of dollars. It enables several services, including an advanced GE-built VPN relied upon by >200,000 users worldwide.
• Architected and deployed a highly available certificate automation service running on Kubernetes. The solution cut down processing time from hours to seconds, saving the company substantial costs while improving security.
• Architected and oversaw development of API services to automate certificate management. Transformed development processes to Agile methodology and CI/CD workflows. The results are robust and scalable APIs that have delivered millions of certificates with >99.9% reliability.
• Helped to architect and build a cloud file encryption solution relied on by >500,000 daily users. The service runs in AWS, encrypts >12 million files daily, and has run for nearly 3 years without losing a single key. It is critical to saving GE millions of dollars per year by enabling powerful new collaboration tools that speed up business.
• Designed a Key Management Service that will securely generate and protect cryptographic keys across public cloud and internal platforms. The solution, based on HashiCorp Vault, can handle 100x the load of our earlier service while providing an innovative Encryption-as-a-Service that makes good encryption easy for application developers. The service will enable the company to run sensitive and secret applications around the world with full security and regulatory compliance.
• Created security policies and processes that provide business flexibility while ensuring best practices and security.
• Mentored and lead less experienced teammates to deliver successful projects.

Information security consultant for a variety of regional and global businesses.

• A long-term security design and architecture project at a Fortune 10 company. Oversaw more than 40 high-security network enclaves spread across the United States. The enclaves enabled the business to provide services to the military and fulfill multi-billion dollar contracts.
• PKI consulting at a mid-sized logistics company. Identified an impending collapse of their systems and helped the client avert a catastrophic outage.
• Helped a major company design and implement software to monitor firewall rules, analyze risk, and manage changes across hundreds of firewalls.
• Designed a massive data analytics cluster service for a clinical testing company. Using Apache Hadoop, and running in AWS, the new system performed >100x faster than the client’s old system. The analysis time shrunk from days to minutes, permitting the client to gain new insights and business.
• Security architecture review and multiple ISO 27001/2 audits for several mid-size businesses.
• Incident handling, forensics, and risk assessments for a university after a significant event.

Information security architect responsible for the security and compliance of several high-availability PCI platforms. The platforms provided critical services for several large banks, a national credit card company, small businesses, and a cloud service.

Security design and operations for this Fortune 500 insurance company. Performed firewall management, conducted vulnerability assessments, and ran critical IAM and security services.

Miami University, established in 1809, is ranked among the top 50 national public universities by U.S. News & World Report. As an original Public Ivy, Miami provides Ivy League-quality education at a public school.

Minors: International Business and Spanish