Skip to Main Content

Jonathan White

Senior Security Consultant

Jonathan White started his IT career in the United States Marine Corps as a Computer Programmer. After the Marine Corps, he started a job as a Computer Operator and advanced to serve as Manager of the company’s 24 X 7 data center. This is when he realized that providing solutions to issues and customer interaction was his passion. The next step in his career was as a Network Engineering Consultant for one of the national credit bureaus. In this role, he was responsible for the IP network for as many as 14 local offices in the Southern Region.


  • Bachelor of Science in Business and Information Systems
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • System Security Certified Practitioner (SSCP)
  • Qualified Security Assessor (QSA)
  • ISO 27001 Lead Auditor


  • Information Systems Audit and Control Association (ISACA)

During his tenure at the national credit bureau, he was exposed to various regulatory compliance frameworks, developing an appreciation for the need to protect customers’ personal information. He secured a position with an Application Service Provider company as an IT Security Compliance Auditor responsible for monitoring their control environment and handling areas of both logical and physical security. He served in this capacity for over six years becoming familiar with several compliance frameworks, including SSAE18 SOC 1 and SOC2, ISO 27001, NIST, PCI DSS, and GLBA.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Blog August 22 2017

GDPR // Five Important Considerations

The EU General Data Protection Regulation (GDPR) is a regulation that was approved in 2016 and scheduled to be enforced by May 25, 2018. Many customers ask,…

Read about this article
Webinars August 25 2021

Cloud Compliance: Picking a Framework and Simplifying Your Approach

Join GRC Principal Security Consultant Chris Camejo and Senior Security Consultant Jonathan White as they help organizations traverse this IT-disrupting shift.

Read about this article
Training Resources May 02 2024

Actionable Purple Team Simulation Online Training (May 2-3)

Learn how to create specific detections to identify early Indicators of Compromise (IOCs) in our online course. Designed for those looking to improve their…

Read about this article
Events TrustedSec HQ | April 30 2024

ISC2 Cleveland Chapter Member Meeting April 2024

ISC2 Cleveland Chapter April MeetupCome join us for our April Meetup! Our Cleveland Chapter is hosting an exciting in-person event for all cybersecurity…

Read about this article
Webinars April 17 2024

Enter the Sandbox: Impede Detection Platform v1.1 Release

Join us for our webinar with Director of Product Operations Ben Mauch, where you can get a look at the new Impede Detection Platform updates and the all-new…

Read about this article
Blog April 16 2024

PCI DSS Vulnerability Management: The Most Misunderstood Requirement – Part 2

Risk RankingThis is part two (2) of a three (3) part series on PCI DSS version 4.0 requirement 6.3.1, for identification and management of vulnerabilities.…

Read about this article
Events Kennedy Space Center, Florida | April 12 2024

Hack Space Con 2024

Founder and CEO David Kennedy is the keynote speaker at this year's Hack Space Con! We are also proud to sponsor this event.

Read about this article
Podcasts April 12 2024

Security Noise - Episode 6.18

Careers in InfoSec: Where do you want to go today?

Read about this article
Blog April 11 2024

PCI DSS Vulnerability Management: The Most Misunderstood Requirement – Part 1

Vulnerability IdentificationPCI DSS version 4.0 requirement 6.3.1, for identification and management of vulnerabilities, and its predecessors in previous…

Read about this article
Blog April 09 2024

A Hitch-Hacker's Guide To DACL-Based Detections - The Addendum

 This blog was co-authored by TAC Practice Lead Megan Nilsen and Andrew Schwartz.1    IntroductionLast year, Andrew and I posted a four (4) part blog series…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.