Rachel James

Achievements:

• Information Security representative on the AI Governance Committee, core author of AI controls framework

• Collaborated on Agentic interoperability architecture guidance

• Authored AI Agentic Security risk and security control selection framework

• Designed and lead first generative AI red teaming exercise

• Created Agentic AI risk assessment framework

• Spearheaded unification of AI security testing and adversarial input assessment, standards and remediation tracking across the enterprise

• Created team workflow for consultation-to-production of AI development projects supporting cybersecurity and risk management functions including ideation, requirements gathering, success criteria and results tracking

• Designed and established educational series “Future Forward Fridays” to educate wider Information Technology division on emerging technologies such as artificial intelligence, quantum computing and related concepts

Responsibilities:

The RAM-ET team is part research and expert guidance, part application development. RAM-ET operates at the intersection of threat intelligence, adversary engagement, and emerging technology innovation. This role requires driving innovation while maintaining deep expertise in traditional security domains and emerging technologies, particularly AI/ML applications in cybersecurity. Spearheading innovation and research in emerging technologies, producing strategic guidance, technical demonstrations, PoC implementations, and educational content for various audiences alongside with development of AI ML applications for cybersecurity and risk management challenges.

Achievements:

• Developed the first red team methodology for testing AI vulnerabilities using threat intelligence

• Core AI cybersecurity and threat intelligence subject matter export, producing reports for strategic leadership and tactical teams on enhancing threat detection and response capabilities across AI systems

• Lead team project to develop and refine ML and AI models for threat detection, threat hunting and threat intelligence purposes collaborating with multiple cybersecurity teams, data scientists and ML engineers

• Implemented OpenCTI, acting as subject matter expert (SME) for the platform enabling true knowledge management sharing without the cyber security teams

• Implemented tools and procedures leveraging LLMs and Generative AI for cyber security functions including security operations (SOC) threat hunting, penetration testing and cyber threat intelligence

• Implemented Threat Intelligence Platform (TIP) use cases for cross-departmental functions with threat hunting, defensive engineering and penetration testing teams

• Implemented first CTI programs and procedures for supporting active incident response

• Implemented first CTI programs and procedures for active engagement with threat hunting and red team exercises

• Designed, documented, then implemented and trained the department in actor infrastructure investigations identified new sources of threat intelligence telemetry from internal sources

• Developed threat actor prioritization methodology and reporting standard, then automated the process

• Collaborate closely with threat hunting and offensive security teams to recommend specific intelligence-lead threat modeling and hunt activities

I was highly technical and hands-on, where I actively engaged in intelligence and counter-intelligence operations. My primary focus was on sourcing, curating, and distributing relevant and actionable threat reporting to mitigate risks and strengthen security measures across the entire Blue Cross Blue Shield system of companies and subsidiaries. I held the position of the team's primary counter-threat intelligence expert, utilizing a combination of counterintelligence, human intelligence, and signal intelligence techniques to conduct in-depth data analysis. My duties also included analyzing open-source (OSINT) intelligence data and delving into deep-dark web data (DDW) to identify potential threats and vulnerabilities. During my tenure, I developed standard operating procedures for intelligence operations and activities, ensuring a streamlined and organized approach to our work and successfully used counterintelligence techniques to disrupt threat actor activities involving BCBS data.

My role extended beyond analysis as I provided thought leadership, strategy, engineering, and automation to enhance both existing and new threat intelligence capabilities I regularly briefed upper-level personnel on emerging threats and collaborated with other intelligence agencies to facilitate information sharing and resource allocation. Additionally, I represented the organization to the local public by delivering presentations, speeches, and participating in community events. Track record of building and managing relationships with operational departments, third-party partners, government agencies, and healthcare vertical partners.