EXPERIENCE
Steve Maxwell has 25 years of technical experience ranging from software development to software quality, performance engineering, Information Security, and audit. Before TrustedSec, Steve performed a number of IT functions supporting security initiatives across multiple industries. He has presented to hundreds on topics of automation, performance engineering, and information security.
EDUCATION & CERTIFICATIONS
- Bachelor of Science, University of Utah
- Certified Information Systems Security Professional (CISSP)
- Qualified Security Assessor (QSA)
- Certified Information Systems Auditor (CISA)
- Certified Data Privacy Solutions Engineer (CDPSE)
- ISO 27001 Lead Auditor
- CMMC Registered Practitioner
PROFESSIONAL AFFILIATIONS
Information Systems Audit and Control Association (ISACA)
PASSION FOR SECURITY
Steve’s passion for security is in helping his clients to improve their security and in preparing them to be ‘the smartest in the room’.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Book Review - The Definitive Guide to PCI DSS Version 4
As a PCI QSA, I have answered numerous questions about the new PC DSS Version 4. With over 500 total controls, and at least 100 of them unique to this version,…
Network Segmentation for the Rest of Us! How to get your segmentation project moving toward zero trust.
We will share information on both planning and execution to ensure a secure, efficient, and successful network segmentation process.
Strength Training With Transport Cryptology: Part 2
In part 1 of this blog series, we explored objective standards for evaluating application cipher suites using the National Institute of Standards and…
Actionable Purple Team Simulation Online Training (November 7-8)
Learn how to create specific detections to identify early Indicators of Compromise (IOCs) in our online course. Designed for those looking to improve their…
Ask Me Anything: Proactive Threat Hunting
As threat actors become more sophisticated, organizations' approaches to finding malicious activity must become more proactive and refined. Dive into the…
Black Hat USA Training - Applied Threat Hunting and Detection Engineering
Registration is now open for our Black Hat training on August 3-6, 2024
Lapse of Control: Applauding PCI SSC for FAQ 1572
I want to applaud the PCI Security Standards Council (PCI SSC) for FAQ 1572 published in March of 2024 for simply and effectively answering a question asked by…
ISC2 Cleveland Chapter Member Meeting July 2024
ISC2 Cleveland Chapter July MeetupCome join us for our monthly meetup! The ISC2 Cleveland Chapter is hosting an exciting in-person event for all cybersecurity…
Specula: A Red Team Chronicle
Microsoft Outlook is often used as the primary email client in corporate environments, making it a high-value target for threat actors. Any potential to…
Ask Me Anything: Remediation
Join the TrustedSec Remediation Team as they discuss how to prioritize and identify deficiencies in your cloud platform and examine best practices to harden…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
