Jake Schroeder

- Act as representative for the CISO in their absence, making timely decisions on strategic and operational security matters and maintaining continuity of leadership across the security team. - Oversee day-to-day cybersecurity operations including application and product security, incident response, threat intelligence, security monitoring, and vulnerability management to continually enhance LVT’s security posture. - Manage, mentor, and develop a high-performing team of security engineers, fostering a culture of technical excellence, innovation, and growth. - Serve as the primary liaison between the security engineering function and other LVT technical departments (architecture, IT Ops, DevOps, product, compliance, risk), ensuring seamless integration of security requirements throughout the company’s technology stack. - Build and maintain relationships with key third-party vendors, government agencies, and security-focused partners to extend LVT’s security capabilities and support continual improvement.​ - Champion succession planning, cross-functional expertise, and the development of future leaders within the LVT security organization. - Provide expert guidance on technical risks, translating cybersecurity concepts into business impact for executives, board members, and other stakeholders.

- Designed, implemented, and managed Limble’s enterprise information security program to ensure protection of customer and company data across cloud, SaaS, and on-prem environments. - Served as the sole architect and administrator for all security operations, balancing hands-on technical work with strategic leadership and executive communication. - Led the end-to-end risk management process, including performing internal risk assessments, vendor evaluations, threat analysis, and development of security controls fit for a nimble SaaS environment. - Authored and maintained all security documentation, including policies, procedures, employee training materials, and compliance attestations, adapting content for both technical and non-technical stakeholders. - Monitored and analyzed system logs, alerts, and vulnerability reports to maintain security situational awareness and coordinate rapid incident response including investigation, containment, and reporting. - Managed regulatory compliance needs as Limble’s primary point of contact for external audits, customer security questionnaires, and industry certifications requirements. - Coordinated directly with engineers, product managers, and business leaders to align software development, product releases, and operational changes with security best practices. - Evaluated and deployed appropriate security technology solutions (such as cloud access controls, endpoint security, encryption, and SIEM) to enable secure business growth according to evolving company needs. - Owned Limble’s incident response planning and tabletop exercises, ensuring readiness and process improvement in case of a cyber event. - Regularly reviewed and updated user permissions, access controls, and role definitions within Limble to maintain least privilege and enforce separation of duties.

- Built strong relationships with executives, board members, and other key stakeholders to ensure that security was a priority and that all stakeholders were aligned with the security goals of the organization. - Hired and developed a team of security, AppSec, and compliance experts responsible for risk, third-party, and vulnerability management, log aggregation and monitoring, business continuity, secure development, AWS security, security by design, governance, and compliance. - Improved processes and automation to streamline security operations reducing the time and resources required to manage security risks and respond to incidents. - Built and carried out roadmap to prioritize work and allocate resources based on risk, establishing and hitting budgetary requirements. - Lead and set strategy for internal IT team, improving business tooling and applications at all levels of the business, giving employees the tools they need to achieve the company's goals. - Created, architected, and implemented a well-documented company-wide SOC 2 audited and ISO 27001 compliant Information Security Management System and associated control set for SaaS product suite hosted on AWS, improving security and enabling business while decreasing the average sales cycle time. - Enabled sales, legal, and executive team to win large enterprise deals by demonstrating security program as a competitive advantage and decreasing time to close while balancing security and company velocity. - Designed and executed an effective security awareness program to educate employees on the importance of security and encouraged them to take an active role in protecting the company's information assets.

- Created, architected, and implemented a well-documented company-wide SOC 2 audited and ISO 27001 compliant Information Security Management System and associated control set for SaaS product suite hosted on AWS, improving security and enabling business while decreasing the average sales cycle time. - Hired and developed a team of security, AppSec, and compliance experts responsible for risk, third-party, and vulnerability management, log aggregation and monitoring, business continuity, secure development, AWS security, security by design, governance, and compliance. - Lead and set strategy for internal IT team, improving business tooling and applications at all levels of the business, giving employees the tools they need to achieve the company's goals. - Enabled sales, legal, and executive team to win large enterprise deals by demonstrating security program as a competitive advantage and decreasing time to close while balancing security and company velocity. - Designed and executed an effective security awareness program to educate employees on the importance of security and encouraged them to take an active role in protecting the company's information assets. - Built strong relationships with key stakeholders to ensure that security was a priority and that all stakeholders were aligned with the security goals of the organization. - Improved processes and automation to streamline security operations reducing the time and resources required to manage security risks and respond to incidents. - Built and carried out roadmap to prioritize work and allocate resources based on risk, establishing and hitting budgetary requirements.

- Architect and implement controls and act as a subject matter expert to earn and maintain HireVue’s SOC 2 Type 2, ISO 27001, and FedRAMP certifications. - Design and implement a comprehensive information security program meant to protect the web application, infrastructure, and corporate environments. - Lead and oversee confidential investigations involving personnel, processes, potential breaches, and other security incidents - Lead team responsible for security incident response, vulnerability assessment and management, security appliance management, access controls, and IT controls. - Facilitate third party and customer audits and penetration tests of the HireVue web and mobile applications and the underlying infrastructure, working with engineers to remediate findings. - Speak with customers and prospects to illustrate HireVue's security controls in pre and post sales calls.

- Ensured swift resolution of web application, operating system, and network level vulnerabilities using Nexpose, Nessus, Netsparker, Acunetix, and others to classify, prioritize, and remediate risks according to our unique environment. - Successfully penetration tested web applications using Burp Suite, sqlmap, and other tools to customize attacks such as XSS, session hijacking, and command injection and worked with development team through remediation and approval. - Created phishing, social engineering, and security awareness training program resulting in a decrease of malware infections due to malicious emails and an increase in computer, network, and physical security. - Increased internal security through information security policy and procedure rollout, identifying and managing risks, implementation, monitoring, and response to Snort and Splunk alerts, Sophos centralized anti-virus and firewall, whole disk encryption, and centralized patch management. - Perform security audits of production and staging environments on SaaS application and environment hosted in Amazon’s AWS cloud using tools such as Netflix’s Security Monkey, Amazon’s Trusted Advisor, and Scout2. - Worked with account executives to earn business through pre-sales calls, questionnaires, contract review, annual audits and penetration tests, and emails with customers.

- Redesigned and completely rebuilt the network infrastructure including routers, firewalls, wireless infrastructure, switches, and phone system to increase stability and availability. - Ensured all new hires were prepared and effective on their first day through laptop imaging, account and phone provisioning, new hire training, and ongoing help desk support. - Diagnosed network and server performance problems using network monitoring, packet sniffing, and logging servers. - Hired and managed two help desk employees to further increase our outstanding level of support and enabled us to implement new projects and functionality throughout the organization. - Built, installed, configured, and supported Windows and Linux servers and workstations.

- Responsible for security, configuration, maintenance, and troubleshooting of all IT and systems including firewalls and VPNs, Sourcefire intrusion detection system, Symantec Endpoint Protection, facility security, Active Directory, Exchange, SQL, VOIP, storage area networks, web and FTP sites, VMWare ESX servers, source code servers, and all workstations. - Build, install, configure, and support Windows and Linux servers, Cisco network switches, routers, firewalls, VPNs, and workstations. - Created, tested, and implemented disaster recovery plan for all infrastructure systems including off-site storage. - Designed and implemented cloud based mobile device management software as a service solution. - Designed data center, network cabling, power, and fire suppression, and moved infrastructure to new office space.