Skip to Main Content

Paul Sems

Managing Director of Remediation Services

EXPERIENCE
Before joining TrustedSec, Paul Sems excelled at leading organizations in technology and executive leadership roles. He is a lifelong hacker with extensive experience assisting a wide range of organizations in meeting technology and security challenges. 

Paul was the senior executive responsible for IT at Vitamix, a manufacturer and marketer of high-end blending products for both the foodservice industry and the consumer market. While at Vitamix, Paul built a world-class IT organization to support a half-billion dollar global enterprise. He initiated and managed the implementation of multiple business solutions that have been the foundation for significant growth and stability within the organization. Under his leadership, the organization selected, implemented, and supported solutions that proved to be a significant business enabler, supporting the massive growth that Vitamix experienced during his 10-year tenure.

At TrustedSec, Paul built and currently leads the Remediation Services team, which focuses on hardening environments before security incidents happen and helping firms remediate issues after a real or simulated breach. The team is focused on providing pragmatic solutions that improve clients' security postures.

EDUCATION & CERTIFICATIONS
Throughout this career, Paul has held other roles, including business owner, CTO, COO, network engineer, and product development engineer. He received a Master of Business Administration degree from Case Western Reserve University and a Bachelor of Science degree in Computer Science from The University of Akron. He is an inventor of U.S. Patent US20160220973A1.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Webinars February 15 2023

Securing Cloud Native Applications With DevSecOps

Join Managing Director of Remediation Services Paul Sems and DevSecOps Security Consultant Mitch Parish as they discuss the challenges and identify solutions…

Read about this article
Webinars June 07 2023

Insecure by Default: The Hidden Complexities of Cloud Security

Join experts from our Cloud Security and Hardening teams to gain practical insights for how to enhance your own cloud security posture.

Read about this article
Webinars August 23 2023

A More Efficient Attack Path Effectiveness Assessment

Join Director of Advisory Innovations Rockie Brockway as he discusses the history of this unique offering and learn about how the evolution of this tool has…

Read about this article
News September 21 2023

Oklahoma's News 4 - Edmond man receives scary threatening phone call scam

Managing Director of Remediation Services Paul Sems spoke to Oklahoma's News 4 about the recent uptick in threatening voice cloning scams and ways you can…

Read about this article
Webinars January 19 2022

Defending Backups Against Ransomware

Join Security Consultant Mike Owens and Remediation Director Paul Sems who will discuss how ransomware attackers are going after backups, identify common…

Read about this article
Blog October 29 2024

Android Hacking for Beginners

1.1    Prerequisites Set Up an Android Lab: https://www.trustedsec.com/blog/set-up-an-android-hacking-lab/ Burp Suite: https://portswigger.net/burp DVBA…

Read about this article
Blog October 22 2024

Offensively Groovy

On a recent red team engagement, I was able to compromise the Jenkins admin user via retrieving the necessary components and decrypting credentials.xml. From…

Read about this article
Blog October 17 2024

Spec-tac-ula Deserialization: Deploying Specula with .NET

Earlier this year, I gave a talk at Steelcon on .NET deserialization and how it can be used for Red Team ops. That talk focused on the theory of .NET…

Read about this article
Blog October 15 2024

Let’s Clone a Cloner - Part 2: You Have No Power Here

Previously on Let's Clone a Cloner, I needed a long-range RFID badge cloner. There are many walkthroughs out there on how to build a cloner that are fantastic,…

Read about this article
Blog October 08 2024

EKUwu: Not just another AD CS ESC

TL;DR - Using built-in default version 1 certificate templates, an attacker can craft a CSR to include application policies that are preferred over the…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.