EXPERIENCE
Joe has over 20 years of experience in Information Security. He has worked in Incident Response, forensics, penetration testing, and security leadership as a CISO for a financial institution.
EDUCATION & CERTIFICATIONS
- GIAC Penetration Tester (GPEN)
- GIAC Strategic Planning, Policy, and Leadership (GSTRT)
- GIAC Certified Forensic Examiner (GCFE)
- GIAC Certified Incident Handler (GCIH)
- GIAC Security Leadership (GSLC)
- GIAC Cloud Penetration Tester (GCPN)
- GIAC Public Cloud Security (GPCS)
- GIAC Certified Web Application Penetration Tester (GWAPT)
- Certified Information Systems Security Professional (CISSP)
- CNSSI 4012 Senior Systems Manager
- CNSSI 4013 System Administrator in Information Systems Security
- CNSSI 4014 Information Systems Security Officer
- NSTISSI 4011 Information Systems Security Professional
- NSTISSI 4015 Systems Certifier
PROFESSIONAL AFFILIATIONS
- GIAC Advisory Board, ISC2
Joe also teaches leadership courses for the SANS Institute.
INDUSTRY CONTRIBUTIONS
Joe has presented at security conferences including Check Point CPX, Information Warfare Summit, and BSides.
PASSION FOR SECURITY
Joe’s passion for security started in Incident Response and forensics in the late ‘90s. Since then, he has developed a passion for offensive security, security leadership, and teaching others.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Basic Authentication Versus CSRF
I was recently involved in an engagement where access was controlled by Basic Authentication. One (1) of the findings I discovered was a Cross-Site Request…
Introducing CoWitness: Enhancing Web Application Testing With External Service Interaction
CoWitness improves web application testing by capturing complete DNS and HTTP responses, revealing false positives and hidden vulnerabilities, and helping…
Security Advisory: React2Shell (CVE-2025-55182) - Critical RCE Vulnerability
A critical vulnerability affecting React Server Components (RSC) is being actively exploited. Here's what to look for and what to do next.
Holy Shuck! Weaponizing NTLM Hashes as a Wordlist
Password reuse is common in Active Directory (AD). From an attacker’s perspective, it is a reliable path to lateral movement or privilege escalation. Most IT…
Security Noise - Hacker Family Feud
Our security experts compete to see which team can guess the most popular answers to cybersecurity industry questions on this episode of the TrustedSec…
Research on Windows Accessibility: Narrator.exe
Join us for our next Discord Livestream "Research on Windows Accessibility: Narrator.exe" on December 4 at 11:00AM ET! During this exclusive session, Principal…
What is a TrustedSec Program Maturity Assessment (PMA)?
The TrustedSec PMA is a tactical approach to evaluating the components, efficiency, and overall maturity of an organization’s Information Security…
NIST CSF 2.0 - From Compliance to Confidence
During our next webinar, our experts will cover the latest evolution of the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF),…
KTVU Fox 2 San Francisco - Too good to be true? Cyber Monday Warning
Protect your purchases this Cyber Monday! Director of Advisory Services Chris Camejo speaks with KTVU Fox 2 to share essential tips on how to safeguard your…
Schwab Network | Morning Movers - Zscaler (ZS) Earnings Preview and Cybersecurity Outlook
Advisory Solutions Director Alex Hamerstone joins Morning Movers to preview Zscaler (ZS) earnings and discuss the overall cybersecurity software space. He…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
