Jarrod E. Brown
I build enterprise security teams and systems from the ground up — and I'm now building the agentic AI meant to run on top of them.
About
My career has followed one consistent pattern: I'm handed something fragile or unbuilt, and I turn it into something that holds. I went straight to work out of high school and into IT, starting on help desk around 2000 and climbing from the entry level up to data-center operations by 2009 — earning my degrees out of order along the way: an associate's first, the bachelor's later, and the MBA only recently. Nobody handed me the ladder; I built it one rung at a time.
Along the way I served in the U.S. Army Reserve as a 25B information technology specialist — installing and securing field network infrastructure, handling COMSEC, and operating across classified and unclassified environments. The Army taught me that infrastructure is only as good as the discipline behind it; I finished Advanced Individual Training second in my class, within a tenth of a percent of the top, and I've carried that standard into everything since.
I learned large-scale engineering inside a national higher-education enterprise, helping design and deploy a Cisco Nexus data-center fabric across three sites and a private MPLS-BGP backbone connecting data centers and campuses nationwide — enforcing Dev/QA and production separation with VRFs and validating designs in GNS3 before they ever touched production. That's where the architecture instinct took hold.
Moving into security leadership at a global semiconductor manufacturer, I reported to the CISO and directed a worldwide migration from Cisco ASA to Palo Alto Networks — implementing Panorama, GlobalProtect, and WildFire. I designed the WAN modernization strategy that replaced managed MPLS with SD-WAN across U.S., EMEA, and APAC, and built the internet-edge and DMZ architecture for global co-location data-center builds.
Then I founded my own network-security consulting practice, delivering through VAR partnerships for financial-services, healthcare, and technology clients. I led zero-downtime migrations off legacy firewall platforms, integrated security into Cisco ACI fabrics for policy-driven micro-segmentation, and aligned client environments to CIS Benchmarks, HIPAA, and PCI-DSS. Running my own shop taught me the business behind the architecture — scoping work, owning outcomes, and earning trust before touching production.
That work carried me deep into financial services. At one bank I re-engineered the Palo Alto Panorama architecture, deployed AlgoSec for automated policy recertification, and administered Zscaler ZIA/ZPA for cloud-delivered secure access. At another I did the work I'm proudest of: standing up an enterprise Network Security team from nothing. I built the operating model and three service domains around it, drove enterprise Zero Trust integrating Arista, Palo Alto, and AWS/Azure controls, governed DMZ architecture across cloud and on-prem, cut firewall policy delivery from thirty days to three through automation, and found $500K in annual savings by right-sizing our micro-segmentation footprint — all while delivering security workstreams for major M&A integrations.
The MBA paired the architecture with the business case — coursework in data-driven decision making, IT strategy, and ethical leadership. Out of fifteen years of evolving systems that can't be shut down, I've been drawn to a methodology called WISER — a way for teams to innovate continuously with AI by rebuilding systems while they run rather than stopping to start over: action over theory, evolution over disruption, people over proxies. It already existed; I'm learning it and putting it into practice across the work below.
I now put that methodology to work building agentic AI. ServiceBay AI is a five-agent assistant on IBM watsonx Orchestrate that turns a vague dashboard warning into a verified diagnosis, recall check, cost estimate, and shop list, and an MCP server wires those agents into Claude. Alongside them I keep building the security automation I know cold — a phased PAN-OS configuration refactor, an EdgeRouter threat-analysis pipeline, and an OFAC-driven dynamic deny-list. Each is documented on the projects page as a full solution architecture.
None of it was a straight line. I've been on plenty of layoff lists — I've worked through a company bankruptcy, sat on the short list for reductions in force, and landed on the wrong side of an acquisition. I've stepped on most of the landmines a career can hide, which is exactly why I can speak to them.
I also co-host The Broken Handle, a weekly podcast on the modern job market — layoffs, AI displacement, and career pivots — with my co-host William Lowdermilk. We're both veterans, and we built a Cloudflare-native research pipeline that ingests dozens of forward-looking labor indicators so our commentary is grounded in data rather than anecdote. The same forces I design around at work are reshaping careers everywhere, and the show is our honest read on them. This site is where I keep the record of what I'm building.