Jason Brown Merit CISO

Jason Brown’s passions are in data privacy, cybersecurity, and continuing education. Brown has spent his career working with small to medium sized businesses to large international organizations, developing robust data privacy and cybersecurity programs. Brown has held titles such as Chief Information Security Officer, virtual Chief Information Security Officer, and Data Privacy Officer.

Brown has years of experience developing cybersecurity programs for public and private sector companies. These cybersecurity initiatives have included the development of governance, risk, incident response, vulnerability management, network security, and DevSecOps programs. Brown has also played key roles in automotive security and product development. In addition to cybersecurity, he has worked in a number of highly regulated environments deploying and auditing computing and networking systems against PCI DSS, FISMA, FedRAMP, CJIS, SOX, and IRS Publication 1075.

As a privacy engineer with the state of Michigan, Brown worked with the National Institute of Standards and Technology (NIST) on the National Strategies for Trusted Identities in Cyberspace (NSTIC) project and the lead cybersecurity architect for the state of Michigan’s MiLogin application. These programs provided secure and private ways of accessing digital government resources on the internet. He has also developed privacy programs for large organizations by creating privacy-by-design technology processes.

Brown was selected as the first Chief Information Security Officer for Merit Network. In this role, Brown co-chaired the creation and implementation of many cybersecurity programs including managed firewall and vCISO services. This included performing impact assessments for higher education insititutions. He also led internal efforts to enhance the organization’s overall governance, risk, and compliance, and cybersecurity efforts.

Brown is also a distinguished public speaker having given talks on regulatory and cybersecurity topics throughout the US. He has provided material on PCI DSS, risk management, privacy, and the development of cybersecurity programs with little to no budget. As an adjunct faculty member, Brown has taught college classes in relation to cybersecurity and the Linux system administration.

Brown currently holds many industry leading certifications including ISC2’s CISSP, ISACA’s CDPSE and COBIT, ITIL, and holds a Bachelor of Science degree from Central Michigan University and a Master of Science degree from Ferris State University.