EXPERIENCE
Joe has over 20 years of experience in Information Security. He has worked in Incident Response, forensics, penetration testing, and security leadership as a CISO for a financial institution.
EDUCATION & CERTIFICATIONS
- GIAC Penetration Tester (GPEN)
- GIAC Strategic Planning, Policy, and Leadership (GSTRT)
- GIAC Certified Forensic Examiner (GCFE)
- GIAC Certified Incident Handler (GCIH)
- GIAC Security Leadership (GSLC)
- GIAC Cloud Penetration Tester (GCPN)
- GIAC Public Cloud Security (GPCS)
- GIAC Certified Web Application Penetration Tester (GWAPT)
- Certified Information Systems Security Professional (CISSP)
- CNSSI 4012 Senior Systems Manager
- CNSSI 4013 System Administrator in Information Systems Security
- CNSSI 4014 Information Systems Security Officer
- NSTISSI 4011 Information Systems Security Professional
- NSTISSI 4015 Systems Certifier
PROFESSIONAL AFFILIATIONS
- GIAC Advisory Board, ISC2
Joe also teaches leadership courses for the SANS Institute.
INDUSTRY CONTRIBUTIONS
Joe has presented at security conferences including Check Point CPX, Information Warfare Summit, and BSides.
PASSION FOR SECURITY
Joe’s passion for security started in Incident Response and forensics in the late ‘90s. Since then, he has developed a passion for offensive security, security leadership, and teaching others.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Basic Authentication Versus CSRF
I was recently involved in an engagement where access was controlled by Basic Authentication. One (1) of the findings I discovered was a Cross-Site Request…
Introducing CoWitness: Enhancing Web Application Testing With External Service Interaction
CoWitness improves web application testing by capturing complete DNS and HTTP responses, revealing false positives and hidden vulnerabilities, and helping…
Purple Team Defense Strategies
Join Senior Security Consultant Sarah Norris and Security Consultant Zach Bevilacqua for a deep dive into how to create action items for a robust defense…
ISC2 Cleveland Chapter Member Meeting - October 2025
ISC2 Cleveland Chapter October MeetupCome join us for our meetup! The ISC2 Cleveland Chapter is hosting an exciting in-person event for all cybersecurity…
Hack-cessibility: When DLL Hijacks Meet Windows Helpers
In preparation for a talk, Jason Lang (@curi0usJack) and I were doing at MCTTP about mining TTPs from VX-underground, we both ended up doing research based on…
InfoSecWorld 2025
TrustedSec is proud to sponsor and hold a workshop at this year's InfoSec World in Lake Buena Vista, Florida. Make sure to visit our booth if you'll be there!
InfoSec World Workshop - Adversary Tactics and Threat Hunting
This immersive workshop will train you to simulate attacks, hunt threats, and build detections using manual, automated, and AI-driven methods across network…
Security Noise - CON Men: Wild West Hackin' Fest + GrrCON
On this episode of Security Noise, we are discussing two of our favorite cybersecurity conferences Wild West Hackin' Fest and GrrCON! Our team presented at…
Discord Livestream - Titanis Tool Demo
Join us on Discord for a tool demo of Titanis! Titanis is a library of protocol implementations and command line utilities, written in C#, for interacting with…
Nasdaq TradeTalks - How AI Is Changing the Underground Cybercrime Economy
The cyber world is seeing a new arms race as AI powers the latest wave of Crimeware-as-a-Service. Director of Security Intelligence Carlos Perez stresses that…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
