Brett Gailey
Claremont
Summary
An experienced Chief Information Security Officer with over 15 years of leadership in building, scaling, and managing comprehensive security programs, primarily within highly regulated national healthcare environments. Proven success in Security Engineering, Identity and Access Management, Corporate Security, and GRC. I translate complex technical risk into clear executive strategy, build high-performing teams, and drive institutional resilience against major cyber threats.
Overview
18
18
years of professional experience
1
1
Certification
Work History
Chief Information Security Officer
TIA, Inc.
10.2020 - Current
- CISO for a national primary healthcare provider.
- Owned and directed all core components of the enterprise security program, including Security Engineering, Corporate Security (physical and personnel), Identity and Access Management, and the security posture of critical IT operations.
- Built and launched a comprehensive security program across a national network to ensure stringent HIPAA regulatory compliance and meticulous protection of PHI.
- Instituted a quantitative Risk Management framework and led company-wide security assessments that reduced documented corporate risk exposure by 84%.
- Managed critical compliance programs within a regulated industry and served as the primary liaison for internal and external audits, ensuring sustained operational adherence to federal, state and contractual mandates.
- Recruited, developed, and scaled high-performing security and compliance teams to support aggressive organizational expansion, fostering a culture of ownership and operational excellence.
- Established metrics, KPIs and milestones to drive performance in alignment with organizational initiatives and requirements.
Director of Security Engineering
Redox
04.2017 - 10.2020
- Developed and drove the security engineering strategy for application, cloud, and operational security (DevSecOps), fortifying critical production systems.
- Engineered comprehensive threat modeling processes and conducted targeted risk assessments to proactively identify vulnerabilities and guide strategic security roadmaps.
- Developed corporate security strategies and supported implementation of enterprise security practices across all systems.
- Successfully achieved and maintained key industry compliance certifications, including HiTrust and SOC2 Type 2, demonstrating robust security standards necessary for continued business enablement.
- Communicated complex risk management status and program advancements effectively to executive stakeholders, driving informed strategic decision-making.
Manager of Technical Operations
SendGrid
12.2015 - 01.2017
- Managed technical operations, DevOps, and infrastructure functions, ensuring continuous platform stability, scalability, and system security.
- Developed and enforced rigorous Standard Operating Procedures (SOPs) and comprehensive documentation, enhancing operational efficiency and embedding security practices into infrastructure governance.
- Established and managed continuous 24/7 on-call rotations to ensure immediate incident response and minimize operational disruption.
- Supported information security and compliance initiatives in preparation of public offering.
Systems Engineering Manager
DreamHost
04.2008 - 12.2015
- Led systems engineers responsible for the secure design, deployment, and operational maintenance of large-scale hosting infrastructure.
- Standardized the deployment of foundational security controls (patching, configuration management) through automation, significantly improving compliance and reducing the attack surface across server environments.
Education
M.S. - Cyber Operations and Resilience
Boise State University
11-2026
B.S. - Cybersecurity and Information Assurance
Western Governors University
01.2025
Skills
- Risk management expertise
- Business continuity planning
- Regulatory compliance
- Vulnerability assessment
- Information governance
- Incident response
- Cloud security
- Application security
Certification
- Certified Information Security Manager (CISM) #221961714 (ISACA)
- CompTIA (CySA+, PenTest+, Security+, Project+, Network+)
Activities and Interests
Information Security Leadership Foundation | Member, 2020-Present
Timeline
Chief Information Security Officer
TIA, Inc.
10.2020 - Current
Director of Security Engineering
Redox
04.2017 - 10.2020
Manager of Technical Operations
SendGrid
12.2015 - 01.2017
Systems Engineering Manager
DreamHost
04.2008 - 12.2015
B.S. - Cybersecurity and Information Assurance
Western Governors University
M.S. - Cyber Operations and Resilience
Boise State University