EXPERIENCE
Joe has over 20 years of experience in Information Security. He has worked in Incident Response, forensics, penetration testing, and security leadership as a CISO for a financial institution.
EDUCATION & CERTIFICATIONS
- GIAC Penetration Tester (GPEN)
- GIAC Strategic Planning, Policy, and Leadership (GSTRT)
- GIAC Certified Forensic Examiner (GCFE)
- GIAC Certified Incident Handler (GCIH)
- GIAC Security Leadership (GSLC)
- GIAC Cloud Penetration Tester (GCPN)
- GIAC Public Cloud Security (GPCS)
- GIAC Certified Web Application Penetration Tester (GWAPT)
- Certified Information Systems Security Professional (CISSP)
- CNSSI 4012 Senior Systems Manager
- CNSSI 4013 System Administrator in Information Systems Security
- CNSSI 4014 Information Systems Security Officer
- NSTISSI 4011 Information Systems Security Professional
- NSTISSI 4015 Systems Certifier
PROFESSIONAL AFFILIATIONS
- GIAC Advisory Board, ISC2
Joe also teaches leadership courses for the SANS Institute.
INDUSTRY CONTRIBUTIONS
Joe has presented at security conferences including Check Point CPX, Information Warfare Summit, and BSides.
PASSION FOR SECURITY
Joe’s passion for security started in Incident Response and forensics in the late ‘90s. Since then, he has developed a passion for offensive security, security leadership, and teaching others.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Basic Authentication Versus CSRF
I was recently involved in an engagement where access was controlled by Basic Authentication. One (1) of the findings I discovered was a Cross-Site Request…
Introducing CoWitness: Enhancing Web Application Testing With External Service Interaction
As a web application tester, I encounter a recurring challenge in my work: receiving incomplete responses from Burp Collaborator during DNS and HTTP response…
The Lost Underground
Join TrustedSec Principal Security Consultant Mike Felch for an eye-opening journey into the lost underground, where ingenuity, disobedience, and complexity…
TrustedSec Tech Brief - December 2024 Year-End Top 3 Roundup
We are rounding up our top Tech Brief stories of 2024! Director of Security Intelligence Carlos Perez goes over what we have seen the most of this year and his…
Security Noise - Episode 7.7
Amazing Stories in InfoSec
On-Demand BOF
From the team that brought you COFF Loader, CS-Situational-Awareness-BOF, CS-Remote-OPs-BOF, and numerous blogs on BOFs, we are excited to release our first…
BEC Basics: Your First Step to Thwarting Email Scams
Join Senior Security Consultant Steven Erwin and Security Consultant Caroline Fenstermacher as they cover the basics of BEC analysis, providing participants…
Discovering a Deserialization Vulnerability in LINQPad
Like most red teamers, I spend quite a lot of time looking for novel vulnerabilities that could be used for initial access or lateral movement. Recently, my…
A 5-Minute Guide to HTTP Response Codes
If you've done any network scanning or application testing, you've run into your fair share of HTTP response codes. If not, these codes will show up in most…
WiCyS Ransomware Panel & Networking Event
Join us for an insightful discussion with the Women in Cyber Security (WiCyS) Northeast Ohio Affiliate members!
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
