EXPERIENCE
Joe has over 20 years of experience in Information Security. He has worked in Incident Response, forensics, penetration testing, and security leadership as a CISO for a financial institution.
EDUCATION & CERTIFICATIONS
- GIAC Penetration Tester (GPEN)
- GIAC Strategic Planning, Policy, and Leadership (GSTRT)
- GIAC Certified Forensic Examiner (GCFE)
- GIAC Certified Incident Handler (GCIH)
- GIAC Security Leadership (GSLC)
- GIAC Cloud Penetration Tester (GCPN)
- GIAC Public Cloud Security (GPCS)
- GIAC Certified Web Application Penetration Tester (GWAPT)
- Certified Information Systems Security Professional (CISSP)
- CNSSI 4012 Senior Systems Manager
- CNSSI 4013 System Administrator in Information Systems Security
- CNSSI 4014 Information Systems Security Officer
- NSTISSI 4011 Information Systems Security Professional
- NSTISSI 4015 Systems Certifier
PROFESSIONAL AFFILIATIONS
- GIAC Advisory Board, ISC2
Joe also teaches leadership courses for the SANS Institute.
INDUSTRY CONTRIBUTIONS
Joe has presented at security conferences including Check Point CPX, Information Warfare Summit, and BSides.
PASSION FOR SECURITY
Joe’s passion for security started in Incident Response and forensics in the late ‘90s. Since then, he has developed a passion for offensive security, security leadership, and teaching others.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Basic Authentication Versus CSRF
I was recently involved in an engagement where access was controlled by Basic Authentication. One (1) of the findings I discovered was a Cross-Site Request…
Introducing CoWitness: Enhancing Web Application Testing With External Service Interaction
CoWitness improves web application testing by capturing complete DNS and HTTP responses, revealing false positives and hidden vulnerabilities, and helping…
Central Ohio ISSA InfoSec Summit 2025
Customize your Linux system with our expert guides and resources, ensuring maximum security and performance, backed by our team of experienced professionals.
ISC2 Cleveland Chapter Member Meeting - April 2025
ISC2 Cleveland Chapter April MeetupCome join us for our meetup! The ISC2 Cleveland Chapter is hosting an exciting in-person event for all cybersecurity…
ILTA EVOLVE 2025
Customize your Linux system with TrustedSec's advanced features and discover how our secret can help you optimize performance and security.
Windows Client Privilege Escalation
Penetration testers and Red Teamers won't want to miss this webinar on Windows client privilege escalation where we discuss enumeration, tools, and techniques.
ISC2 Cleveland Chapter Member Meeting - March 2025
ISC2 Cleveland Chapter March MeetupCome join us for our meetup! The ISC2 Cleveland Chapter is hosting an exciting in-person event for all cybersecurity…
PCI DSS Payment Card Data Retention
The Payment Card Industry Data Security Standard (PCI DSS) applies to and has specific requirements for retention of Account Data. In general, organizations…
HuffPost - Deleting Your 23andMe Data Isn't Enough — Make Sure You Do This First
You probably don’t want your genetic data out there for just anyone to see, but that is the fear for many folks right now as 23andMe files for bankruptcy.…
Security Noise - Episode 7.13
Business Email Compromise (BEC) attacks are becoming increasingly common and sophisticated. On this episode of the Security Noise Podcast, we discuss the…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
