Jason Lee
@jasonlee2
Information Security Manager who leads cyber risk, compliance, and secure programs.
United StatesWhat I'm looking for
I’m an Information Security Manager and information security leader with a track record of supporting cybersecurity and risk management across many distinct industries. I lead and develop teams that translate client requirements into comprehensive, scalable solutions.
At Aon Cyber Solutions, I’ve led a Senior Consultant role supporting the Cyber Risk & Compliance team and delivered 90+ cybersecurity maturity assessments, due diligence reviews, and threat simulations for Fortune 100 companies. I guide executive and technical leadership through strategic roadmaps and deliverable reports using frameworks including NIST CSF, NIST 800-53, HIPAA (NIST 800-66), CMMC, SOC 2, GDPR, ISO 27001/27002, and PCI DSS.
I also manage high-stakes program work—most notably an 18-month surveillance order mandated by CFIUS, followed by advice on overhauling and reconstructing a client’s data protection program. In parallel, I design third-party risk management programs, including questionnaires, risk-based assessment strategies, and secure vendor onboarding decisions.
Earlier in my career, I specialized in secure software development lifecycle work aligned to OWASP Software Assurance Maturity Model (SAMM), led security risk assessments with actionable remediation paths for technical and non-technical teams, and supported digital forensics and incident response. I’ve executed a data loss prevention solution RFP and conducted forensic investigations across civil, criminal, and business cases to support legal proceedings and corporate incident response.
Experience
Work history, roles, and key accomplishments
Conducted 90+ cybersecurity maturity assessments, due diligence reviews, and threat simulations for Fortune 100 clients across healthcare, financial services, technology, and industrial sectors. Managed an 18-month CFIUS surveillance order and advised on an overhaul of the client’s data protection program, including executive-ready roadmaps and third-party risk management.
Built Secure Software Development Life Cycle (SSDLC) programs aligned to the OWASP Software Assurance Maturity Model (SAMM). Led security risk assessments, enhanced monitoring capabilities via dashboards/alerts and correlation rules, and supported digital forensics and incident response with actionable remediation deliverables.
Evaluated and supported an educational institution’s Data Governance Program by executing an RFP to select a data loss prevention (DLP) solution. Performed digital forensic investigations across civil, criminal, and business cases, including forensic data preservation, in-depth analysis, and detailed case reporting to support legal and incident response needs.
Education
Degrees, certifications, and relevant coursework
ISACA
Certified Information Security Manager (CISM), Information Security Management
Earned the Certified Information Security Manager (CISM) certification.
GIAC
GIAC Certified Forensic Examiner (GCFE), Digital Forensics
Earned the GIAC Certified Forensic Examiner (GCFE) certification; the certification is listed as expired.
McKinsey & Company
McKinsey Management Accelerator Program, Management
Completed the McKinsey Management Accelerator Program.
University of Southern California (USC Marshall)
Bachelor of Science (B.S.), Business Administration
Earned a Bachelor of Science (B.S.) in Business Administration with a minor in Applied Computer Security at USC Marshall School of Business.
Tech stack
Software and tools used professionally
Availability
Location
United StatesAuthorized to work in
Job categories
Skills
Interested in hiring Jason?
You can contact Jason and 90k+ other talented remote workers on Himalayas.
Message JasonFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
