Skip to Main Content

Joe Sullivan

Senior Security Consultant

EXPERIENCE
Joe has over 20 years of experience in Information Security. He has worked in Incident Response, forensics, penetration testing, and security leadership as a CISO for a financial institution.

EDUCATION & CERTIFICATIONS

  • GIAC Penetration Tester (GPEN)
  • GIAC Strategic Planning, Policy, and Leadership (GSTRT)
  • GIAC Certified Forensic Examiner (GCFE)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Security Leadership (GSLC)
  • GIAC Cloud Penetration Tester (GCPN)
  • GIAC Public Cloud Security (GPCS)
  • GIAC Certified Web Application Penetration Tester (GWAPT)
  • Certified Information Systems Security Professional (CISSP)
  • CNSSI 4012 Senior Systems Manager
  • CNSSI 4013 System Administrator in Information Systems Security
  • CNSSI 4014 Information Systems Security Officer
  • NSTISSI 4011 Information Systems Security Professional
  • NSTISSI 4015 Systems Certifier

PROFESSIONAL AFFILIATIONS

  • GIAC Advisory Board, ISC2 

Joe also teaches leadership courses for the SANS Institute.

INDUSTRY CONTRIBUTIONS
Joe has presented at security conferences including Check Point CPX, Information Warfare Summit, and BSides.

PASSION FOR SECURITY
Joe’s passion for security started in Incident Response and forensics in the late ‘90s. Since then, he has developed a passion for offensive security, security leadership, and teaching others.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Blog September 21 2023

Basic Authentication Versus CSRF

I was recently involved in an engagement where access was controlled by Basic Authentication. One (1) of the findings I discovered was a Cross-Site Request…

Read about this article
Blog June 27 2023

Introducing CoWitness: Enhancing Web Application Testing With External Service Interaction

As a web application tester, I encounter a recurring challenge in my work: receiving incomplete responses from Burp Collaborator during DNS and HTTP response…

Read about this article
Training Resources November 07 2024

Actionable Purple Team Simulation Online Training (November 7-8)

Learn how to create specific detections to identify early Indicators of Compromise (IOCs) in our online course. Designed for those looking to improve their…

Read about this article
Training Resources August 03 2024

Black Hat USA Training - Applied Threat Hunting and Detection Engineering

Registration is now open for our Black Hat training on August 3-6, 2024

Read about this article
Events TrustedSec HQ | July 30 2024

ISC2 Cleveland Chapter Member Meeting July 2024

ISC2 Cleveland Chapter July MeetupCome join us for our monthly meetup! The ISC2 Cleveland Chapter is hosting an exciting in-person event for all cybersecurity…

Read about this article
Webinars July 29 2024

Specula: A Red Team Chronicle

Microsoft Outlook is often used as the primary email client in corporate environments, making it a high-value target for threat actors. Any potential to…

Read about this article
Webinars July 24 2024

Ask Me Anything: Remediation

Join the TrustedSec Remediation Team as they discuss how to prioritize and identify deficiencies in your cloud platform and examine best practices to harden…

Read about this article
Blog July 18 2024

What is Your Compliance Kryptonite?

Have you ever felt frustrated about security compliance? Well, you're not alone. We've all got some kind of 'Kryptonite' when it comes to Compliance. I asked…

Read about this article
Webinars July 17 2024

Effective Security Logging: What and How to Monitor for Security Issues

In today's digital landscape, understanding what to log and how to effectively monitor these logs is crucial for maintaining robust security defenses. Often,…

Read about this article
Blog July 16 2024

Technical Analysis: Killer Ultra Malware Targeting EDR Products in Ransomware Attacks

This post was written by John Dwyer, Director of Security Research at Binary Defense, and made possible through the contributions of TrustedSec Senior Research…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.