EXPERIENCE
Steph Saunders has over 10 years of experience in the Information Security field, working mainly in retail, critical manufacturing, and other IT organizations.
EDUCATION & CERTIFICATIONS
- Bachelor of Science, Information Science, The University of Pittsburgh
- Certified Ethical Hacker (CEH)
- Certified Penetration Tester (CPT)
- Cybersecurity Maturity Model Certification - Registered Practitioner (CMMC-RP)
- ISO 27001 - Lead Implementer
- ISO 27001 - Lead Auditor
- Lean Six Sigma - Yellow Belt
- PCI Qualified Security Assessor (PCI QSA)
PROFESSIONAL AFFILIATIONS
- InfraGard Board of Directors - Treasurer
- BSides Pittsburgh - Volunteer
- Three Rivers Information Security Symposium (TRISS) - Planning
- Committee and Treasurer
- 3 Cups of Coffee Mentor - Cybersecurity - PA Women Works
- WiCyS Pittsburgh - Founding Board Member
INDUSTRY CONTRIBUTIONS
Steph actively presents at various Pittsburgh Information Security events, such as InfraGard, ISC2, ISACA, TRISS, etc. Steph is an active mentor in cybersecurity, a frequent cybersecurity panelist, and an overall connection-maker for the Information Security community. Steph has hosted various webinars on topics ranging from ransomware and Incident Response to GRC updates and best practices.
PASSION FOR SECURITY
Steph is passionate about Information Security as a whole. She particularly enjoys promoting best practices for education and awareness training, especially from a Defense in Depth (DiD) perspective. She is an expert in physical security, Incident Response, governance risk, and compliance, and is always improving her forensics and assessment skills through learning about each security domain. She has developed and hosted tabletop exercises while creating relationships in the security field, IT, and other parts of organizations.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Staying Aligned: IR Program Maturity
Assess your Incident Response (IR) program with our expert webinar, learn to strengthen your IR program, and discover ways to stay aligned with your IR Program…
Ensuring Ransomware Resilience
Learn how to prepare, respond, and recover from ransomware attacks with cybersecurity experts Steph Saunders and Paul Sems, and discover the crucial components…
ISC2 Cleveland Chapter Member Meeting - February 2026
ISC2 Cleveland Chapter February MeetupCome join us for our meetup! The ISC2 Cleveland Chapter is hosting an exciting in-person event for all cybersecurity…
Discord Livestream - Tales from the Trenches: Securing Active Directory
Join us for this live Discord session with Identity Security Architect Sean Metcalf as he covers the most common Active Directory security issues and how to…
Perspectives on AI in the Cybersecurity Industry in 2026
Join us for this exclusive webinar where our experts will decode the complex relationship between artificial intelligence and cybersecurity in 2026. What will…
Wild West Hackin' Fest @ Mile High 2026
We are excited to be a sponsor at WWHF @ Mile High this year!
Securing Entra ID Administration: Tier 0
Entra ID (formerly Azure AD) is the core service upon which Microsoft 365 applications rely for directory and authentication services. This makes Entra ID…
Fox 26 Houston - Love or Lure? Spotting Romance Scams
Carlos Perez, Director of Security Intelligence, discusses the Israeli government's use of modified exploding devices in Lebanon.
Security Noise - LLM = Love Language Model?!
In this episode of Security Noise podcast, we are discussing the crossover of AI into our romantic lives. How are LLMs used to social engineer or catfish…
Keys to JWT Assessments - From a Cheat Sheet to a Deep Dive
The Cheat Sheet section is for quick reference.The Learn section is for those who have never touched the topic before.The Implement section is for more…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
