Andy Freitag
Security EngineerAI is analyzing your overall score…
Identifying your key strengths…
Evaluating your skill match against the job requirements…
Assessing your cultural and operational fit
AI is analyzing your overall score…
Identifying your key strengths…
Evaluating your skill match against the job requirements…
Assessing your cultural and operational fit
Seasoned Cybersecurity Leader | Director of Information Security / Acting CISO | Team Builder | Risk Leadership | Cloud Security | Regulatory Compliance (FedRAMP, HITRUST, HIPAA, SOC2, ISO27001)
• Built enterprise security programs from the ground up for multiple high-growth technology and healthcare companies, establishing scalable security architectures and governance frameworks. • Acting CISO leadership, advising executive teams and boards on cybersecurity strategy, enterprise risk management, regulatory compliance, and incident response readiness. • Achieved and maintained major security certifications and regulatory frameworks including FedRAMP ATO, HITRUST, SOC 2 Type 2, ISO 27001, HIPAA, GDPR, PCI DSS, and CCPA. • Led cloud security and infrastructure protection across AWS and GCP environments supporting AI/ML pipelines, protecting Petabytes of healthcare data, and large-scale cloud platforms. • Established and led high-performing security teams, implementing SIEM monitoring, incident response programs, vulnerability management, penetration testing, and security awareness programs. • Trusted security partner to engineering, IT, legal, and executive leadership, translating technical risk into business decisions and enabling secure innovation.
GIAC GWAPT
Certified Web Application Penetration Tester
January 1, 2012 – January 1, 2012
GIAC GPEN
Certified Network Penetration Tester
January 1, 2011 – January 1, 2011
ISACA CISM
CISM, Certified Information Security Manager
January 1, 2011 – January 1, 2011
CISSP
CISSP
January 1, 2010 – January 1, 2010
CompTIA Security+
Security+
January 1, 2010 – January 1, 2010
EC-Council CEH
CEH, CEH
January 1, 2010 – January 1, 2010
OSZ TIEM Fachoberschule Berlin
Bachelor of Science - BS, Electrical and Electronics Engineering
N/A – Present
Freenome
Director Information Security
February 1, 2022 – Present
South San Francisco, California, United States · Remote
STRIVR
Staff Manager Information Security & Compliance - ISO - DPO
June 1, 2020 – February 1, 2022
Santa Clara, California, United States
DNAnexus
Senior Security Architect-Manager-Information Security Officer
November 1, 2015 – June 1, 2020
Mountain View, CA
Intermedia
Senior Security Architect
February 1, 2015 – October 1, 2015
Intermedia
Principal Security Analyst
January 1, 2007 – February 1, 2015
Fujitsu Siemens Computers
Deputy Chief Information Security Officer / Senior Information Security Analyst
July 1, 2000 – June 1, 2007
San Francisco Bay Area / Munich, Germany
Pyramid Technology
Presale Engineer
January 1, 1992 – January 1, 2000
Customer Support Specialist at Pyramid Technology / Siemens Nixdorf
Customer Support Specialist
January 1, 1992 – January 1, 2000
Cultural Fit Analysis
The candidate demonstrates a strong cultural fit for a senior Security Engineer role, particularly in organizations requiring robust security program development and compliance adherence. Their experience spans various company sizes and industries, from established enterprises to growth-stage companies, indicating adaptability. The breadth of certifications and continuous learning also suggests a proactive and growth-oriented mindset. The focus on building security from scratch aligns with roles requiring significant ownership and strategic input.
Soft Skills & Operational Fit
The candidate's resume highlights leadership, strategic thinking, and the ability to build and manage security programs, indicating strong operational fit for senior security roles. Descriptions like 'Built out Security from scratch' and 'Responsible for all of InfoSec, Compliance & Privacy' suggest initiative and comprehensive ownership. However, without psychometric test results or interview data, a detailed assessment of soft skills like stress handling or team collaboration is not possible.