Andrew O. Leeth

CEO

Indianapolis, IN, United States16 yrs 5 mos experience
Most Likely To SwitchHighly Stable

Key Highlights

  • Led security initiatives for Salesforce's major product lines.
  • Successfully transitioned products to the Hyperforce cloud platform.
  • Expert in managing large-scale security assurance programs.
Stackforce AI infers this person is a cybersecurity leader in the SaaS industry with a focus on security architecture and compliance.

Contact

LinkedIn

Skills

Core Skills

Security Architecture DesignProgram ManagementIncident ResponseApplication SecurityThreat ModelingRisk Management

Other Skills

Active DirectoryAmazon Web Services (AWS)Android DevelopmentArtificial Neural NetworksBig DataBusiness Continuity PlanningCEHCloud ComputingCloud SecurityComplianceCompliance CertificationsComputer SecurityCorporate EspionageData PrivacyData Science

About

As a seasoned cybersecurity leader with a proven track record in developing and managing robust security programs, I specialize in fostering secure environments and products that instill trust for customers. Furthermore, I firmly believe that cultivating trust through robust cybersecurity practices is not just a safeguard, but a catalyst for driving exponential business growth in today's digital landscape. At Salesforce, I have led security initiatives for the Marketing Cloud, Data Cloud, and Tableau portfolio, securing teams of roughly 3,000 engineers across more than 12 acquisitions. My efforts have contributed significantly to these products remarkable performance, as evidenced by its inclusion in FY23 public financial reports, boasting over $8 billion in revenue. My primary responsibilities encompass a wide array of critical security functions: -Team Management and Leadership: Orchestrating the scaling of security assurance initiatives within a large organization. -Technical Oversight: Conducting architecture reviews, threat modeling, penetration testing, and code reviews to fortify our systems against potential vulnerabilities. -Innovation in Security Architecture: Steering the secure transition of Salesforce's products to the Hyperforce cloud platform, enhancing its design and architecture from both security and compliance perspectives. -Incident Response and Remediation: Assisting with incident response, root cause analysis, and developing remediation action plans to swiftly address security incidents. -Compliance and Customer Support: Collaborating on compliance certifications, audits, risk management, and customer security inquiries to ensure adherence to regulatory standards and bolster customer confidence. At the core of our product offerings lies a commitment to empowering businesses to craft AI, personalized workflows, seamless customer experiences while safeguarding their valuable data. With a focus on leading enterprise AI and CRM mission, I am committed to harnessing innovative technologies and data-driven strategies to empower businesses while maintaining the highest standards of security and trust. I take pride in safeguarding this trust by meticulously protecting the Confidentiality, Integrity, and Availability of our customers' data. My passion for cybersecurity extends beyond the technical realm; it's about empowering organizations to embrace innovation without compromising security. I am driven by the challenge of staying ahead of emerging threats and implementing proactive measures to safeguard critical assets.

Experience

Salesforce

3 roles

Senior Director, Product Security

Promoted

Aug 2023Present · 2 yrs 7 mos

Security Architecture DesignProgram ManagementIncident ResponseCompliance

Director, Security Assurance

Promoted

Aug 2021Aug 2023 · 2 yrs

  • I enable the business to be successful by developing and managing programs to maintain secure environments and products that customers can trust. Specifically at Salesforce, I lead our Marketing Cloud portfolio of products, which consists of over 10 acquisitions and greater than 1,300 engineers. Marketing Cloud was listed on FY21 public financial reports of earning more than 3 billion in revenue as a reference in size.
  • Primary responsibilities include:
  • Managing a team that scales security assurance across a large organization
  • Architecture Reviews
  • Threat Models
  • Penetration Testing
  • Code Reviews
  • Assist with Incident Response
  • Root Cause Analysis
  • Systemic Issue Identification
  • Remediation Action Plan
  • Security Controls Design
  • Assist with Customer Security Inquires
  • Assist with Compliance Certifications and Audits
  • Assist with Bug Bounty program
  • In December 2020, Salesforce announced Hyperforce, a reimagination of our platform architecture built to securely and reliably deliver the Marketing Cloud on major public clouds. I am responsible for making sure this transition happens in a secure manner which improves the design and architecture from a security and compliance perspective.
  • Our Marketing service offering enables companies to plan, personalize and optimize one-to-one
  • customer marketing journeys, including interactions across email, mobile, social, web and connected products. Marketing enables our customers to provide an integrated customer experience across their customers’ journey with real-time personalization. Customers trust Marketing Cloud as the single source of truth for their data, and it is my role to protect it.
Security Architecture DesignThreat ModelingPenetration TestingIncident ResponseCompliance Certifications

Senior Manager, Security Assurance

May 2014Aug 2021 · 7 yrs 3 mos

  • Identify and understand the development practices, networks and infrastructure that make Salesforce successful.
  • Recommend and build solutions/mitigation plans to help resolve risks.
  • Guide the technology organization's security by participating in design reviews, Threat Modeling, and in depth security penetration testing of our code and systems.
  • Provide input on application design, secure coding practices, log forensics, log design, and vulnerability remediation.
  • Perform cutting edge research on new attacks, write white papers, and present on those findings to internal audiences.
  • Evaluate and build application security tools for internal consumption and drive usage of these tools.
Threat ModelingPenetration TestingApplication SecurityVulnerability Remediation

William & mary

Graduate Research Assistant

Jan 2017May 2017 · 4 mos · Williamsburg, VA

Crowe horwath llp

Senior Security and Privacy Consultant

Jun 2011Apr 2014 · 2 yrs 10 mos · Indianapolis, Indiana

  • Consulting banks, financial institutions, health care providers, and other clients navigate the labyrinth of information security. Providing a wide variety of assessments but primarily focus on application security, 3rd party vendor risk, secure software development life cycle (SSDLC), regulatory gap analysis, penetration assessment (from both an intranet and internet perspective), risk management programs, and information security policy drafting and analysis. Experience working with HIPAA/HITECH, SSAE16 (formally SAS70), NIST, ISO, SOX, GLBA, PCI:DSS, Massachusetts State Law 201 CMR 17.00, among others.
Application SecurityRisk ManagementCompliance

University information technology services (u.i.t.s.), indiana university bloomington

PC Computer Consultant

Oct 2009Feb 2010 · 4 mos · Bloomington, IN

  • Troubleshot various problems with users connecting to the campus network, software installation, and general computing issues.

Valparaiso community schools

Computer Consultant

May 2007Sep 2008 · 1 yr 4 mos · Valparaiso, IN

  • Acquired technical knowledge by solving complications on
  • various operating systems, different software issues, and
  • hardware problems
  • Improved communication skills by providing assistance by
  • e-mail, phone, and in person
  • Provided network wiring to previously unwired rooms

Education

William & Mary

Master of Science - MS — Business Analytics (MSBA)

Jan 2016Jan 2017

Indiana University Bloomington

Bachelor of Science (B.S.) — Security Informatics

Jan 2007Jan 2011

Valparaiso High School

High School Diploma

Jan 2003Jan 2007

Stackforce found 100+ more professionals with Security Architecture Design & Program Management

Explore similar profiles based on matching skills and experience

Tushar .

Tushar .

Senior Security Engineer

at Cint

Bengaluru, India7 yrs 6 mos exp
Assaf Keren

Assaf Keren

Member - Wall Street Journal Technology Council

at The Wall Street Journal

Draper, United States28 yrs exp
Cyber SecurityInformation SecurityProduct Management
Elavarasu A K

Elavarasu A K

Managing Director & CISO

at Brillio

Bengaluru, India27 yrs 7 mos exp
Steve Armstrong-Godwin

Steve Armstrong-Godwin

Lead of Security Incident Response and Threat Management

at Danske Bank

United Kingdom34 yrs 5 mos exp
Incident ManagementThreat ManagementTrainingTeam LeadershipCybersecurity Services
Chintan Gurjar

Chintan Gurjar

Cyber Threat Detection Manager

at GKN Automotive

London, United Kingdom12 yrs 5 mos exp
Application SecurityCyber Threat Hunting (CTH)Cyber Threat Intelligence (CTI)Detection EngineeringIT Security Assessments
Nicholas Percoco

Nicholas Percoco

Chief Security Officer

at Kraken

United States28 yrs 11 mos exp
Information Security ManagementLeadershipProduct DevelopmentProject ManagementTechnical Leadership
Gaurav Arora

Gaurav Arora

Engineering Manager

at Zepto

Bengaluru, India14 yrs 4 mos exp
Cloud SecurityDevSecOpsIncident ResponseMobile SecurityNetwork Security
Vineet Kumar Pandey

Vineet Kumar Pandey

Product & Solution Security Professional

at Siemens Technology India

Allahabad, India10 yrs 10 mos exp
Application SecurityCloud SecurityPenetration Testing