Summary
Overview
Work History
Education
Skills
Certification
Activities and Interests
Timeline
Generic

Brett Gailey

Claremont

Summary

An experienced Chief Information Security Officer with over 15 years of leadership in building, scaling, and managing comprehensive security programs, primarily within highly regulated national healthcare environments. Proven success in Security Engineering, Identity and Access Management, Corporate Security, and GRC. I translate complex technical risk into clear executive strategy, build high-performing teams, and drive institutional resilience against major cyber threats.

Overview

18
18
years of professional experience
1
1
Certification

Work History

Chief Information Security Officer

TIA, Inc.
10.2020 - Current
  • CISO for a national primary healthcare provider.
  • Owned and directed all core components of the enterprise security program, including Security Engineering, Corporate Security (physical and personnel), Identity and Access Management, and the security posture of critical IT operations.
  • Built and launched a comprehensive security program across a national network to ensure stringent HIPAA regulatory compliance and meticulous protection of PHI.
  • Instituted a quantitative Risk Management framework and led company-wide security assessments that reduced documented corporate risk exposure by 84%.
  • Managed critical compliance programs within a regulated industry and served as the primary liaison for internal and external audits, ensuring sustained operational adherence to federal, state and contractual mandates.
  • Recruited, developed, and scaled high-performing security and compliance teams to support aggressive organizational expansion, fostering a culture of ownership and operational excellence.
  • Established metrics, KPIs and milestones to drive performance in alignment with organizational initiatives and requirements.

Director of Security Engineering

Redox
04.2017 - 10.2020
  • Developed and drove the security engineering strategy for application, cloud, and operational security (DevSecOps), fortifying critical production systems.
  • Engineered comprehensive threat modeling processes and conducted targeted risk assessments to proactively identify vulnerabilities and guide strategic security roadmaps.
  • Developed corporate security strategies and supported implementation of enterprise security practices across all systems.
  • Successfully achieved and maintained key industry compliance certifications, including HiTrust and SOC2 Type 2, demonstrating robust security standards necessary for continued business enablement.
  • Communicated complex risk management status and program advancements effectively to executive stakeholders, driving informed strategic decision-making.

Manager of Technical Operations

SendGrid
12.2015 - 01.2017
  • Managed technical operations, DevOps, and infrastructure functions, ensuring continuous platform stability, scalability, and system security.
  • Developed and enforced rigorous Standard Operating Procedures (SOPs) and comprehensive documentation, enhancing operational efficiency and embedding security practices into infrastructure governance.
  • Established and managed continuous 24/7 on-call rotations to ensure immediate incident response and minimize operational disruption.
  • Supported information security and compliance initiatives in preparation of public offering.

Systems Engineering Manager

DreamHost
04.2008 - 12.2015
  • Led systems engineers responsible for the secure design, deployment, and operational maintenance of large-scale hosting infrastructure.
  • Standardized the deployment of foundational security controls (patching, configuration management) through automation, significantly improving compliance and reducing the attack surface across server environments.

Education

M.S. - Cyber Operations and Resilience

Boise State University
11-2026

B.S. - Cybersecurity and Information Assurance

Western Governors University
01.2025

Skills

  • Risk management expertise
  • Business continuity planning
  • Regulatory compliance
  • Vulnerability assessment
  • Information governance
  • Incident response
  • Cloud security
  • Application security

Certification

  • Certified Information Security Manager (CISM) #221961714 (ISACA)
  • CompTIA (CySA+, PenTest+, Security+, Project+, Network+)

Activities and Interests

Information Security Leadership Foundation | Member, 2020-Present

Timeline

Chief Information Security Officer

TIA, Inc.
10.2020 - Current

Director of Security Engineering

Redox
04.2017 - 10.2020

Manager of Technical Operations

SendGrid
12.2015 - 01.2017

Systems Engineering Manager

DreamHost
04.2008 - 12.2015

B.S. - Cybersecurity and Information Assurance

Western Governors University

M.S. - Cyber Operations and Resilience

Boise State University
Brett Gailey