EXPERIENCE
Steph Saunders has over 10 years of experience in the Information Security field, working mainly in retail, critical manufacturing, and other IT organizations.
EDUCATION & CERTIFICATIONS
- Bachelor of Science, Information Science, The University of Pittsburgh
- Certified Ethical Hacker (CEH)
- Certified Penetration Tester (CPT)
- Cybersecurity Maturity Model Certification - Registered Practitioner (CMMC-RP)
- ISO 27001 - Lead Implementer
- ISO 27001 - Lead Auditor
- Lean Six Sigma - Yellow Belt
- PCI Qualified Security Assessor (PCI QSA)
PROFESSIONAL AFFILIATIONS
- InfraGard Board of Directors - Treasurer
- BSides Pittsburgh - Volunteer
- Three Rivers Information Security Symposium (TRISS) - Planning
- Committee and Treasurer
- 3 Cups of Coffee Mentor - Cybersecurity - PA Women Works
- WiCyS Pittsburgh - Founding Board Member
INDUSTRY CONTRIBUTIONS
Steph actively presents at various Pittsburgh Information Security events, such as InfraGard, ISC2, ISACA, TRISS, etc. Steph is an active mentor in cybersecurity, a frequent cybersecurity panelist, and an overall connection-maker for the Information Security community. Steph has hosted various webinars on topics ranging from ransomware and Incident Response to GRC updates and best practices.
PASSION FOR SECURITY
Steph is passionate about Information Security as a whole. She particularly enjoys promoting best practices for education and awareness training, especially from a Defense in Depth (DiD) perspective. She is an expert in physical security, Incident Response, governance risk, and compliance, and is always improving her forensics and assessment skills through learning about each security domain. She has developed and hosted tabletop exercises while creating relationships in the security field, IT, and other parts of organizations.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Staying Aligned: IR Program Maturity
Assess your Incident Response (IR) program with our expert webinar, learn to strengthen your IR program, and discover ways to stay aligned with your IR Program…
Ensuring Ransomware Resilience
Learn how to prepare, respond, and recover from ransomware attacks with cybersecurity experts Steph Saunders and Paul Sems, and discover the crucial components…
Discord Livestream: Hunting Deserialization Vulnerabilities With Claude
Join us for an exclusive live Discord presentation and Q&A with Senior Security Consultant James Williams.
Women in CyberSecurity (WiCyS) NEO - Secure Your Data in the Age of AI
Join WiCyS NEO as they wrap up the year with a grand finale event at the TrustedSec HQ!
Purple Team Defense Strategies
Join Senior Security Consultant Sarah Norris and Security Consultant Zach Bevilacqua for a deep dive into how to create action items for a robust defense…
CMMC Subcontractors and Service Providers
Defense contractors are preparing their systems for the start of the upcoming CMMC rollout but what they may not have considered is how their relationship with…
TrustedSec Names Former FBI Unit Chief Ryan Macfarlane as Incident Response Lead
Ryan Macfarlane, with over 20 years of cyber experience at the FBI, has been appointed Incident Response Practice Lead amid the rising wave of sophisticated…
Security Noise - Footprint Discovery for Red Teamers
On this episode of Security Noise, our team discusses footprinting and reconnaissance techniques for red teamers, including identifying a target's online…
ISC2 Cleveland Chapter Member Meeting - October 2025
ISC2 Cleveland Chapter October MeetupCome join us for our meetup! The ISC2 Cleveland Chapter is hosting an exciting in-person event for all cybersecurity…
Hack-cessibility: When DLL Hijacks Meet Windows Helpers
In preparation for a talk, Jason Lang (@curi0usJack) and I were doing at MCTTP about mining TTPs from VX-underground, we both ended up doing research based on…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
