Skip to Main Content

Steve Maxwell

Senior Security Consultant

EXPERIENCE
Steve Maxwell has 25 years of technical experience ranging from software development to software quality, performance engineering, Information Security, and audit. Before TrustedSec, Steve performed a number of IT functions supporting security initiatives across multiple industries. He has presented to hundreds on topics of automation, performance engineering, and information security.

EDUCATION & CERTIFICATIONS

  • Bachelor of Science, University of Utah
  • Certified Information Systems Security Professional (CISSP)
  • Qualified Security Assessor (QSA)
  • Certified Information Systems Auditor (CISA)
  • Certified Data Privacy Solutions Engineer (CDPSE)
  • ISO 27001 Lead Auditor
  • CMMC Registered Practitioner

PROFESSIONAL AFFILIATIONS
Information Systems Audit and Control Association (ISACA)

PASSION FOR SECURITY
Steve’s passion for security is in helping his clients to improve their security and in preparing them to be ‘the smartest in the room’.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Blog November 14 2023

Book Review - The Definitive Guide to PCI DSS Version 4

As a PCI QSA, I have answered numerous questions about the new PC DSS Version 4. With over 500 total controls, and at least 100 of them unique to this version,…

Read about this article
Webinars July 24 2019

Network Segmentation for the Rest of Us! How to get your segmentation project moving toward zero trust.

We will share information on both planning and execution to ensure a secure, efficient, and successful network segmentation process.

Read about this article
Blog March 30 2021

Strength Training With Transport Cryptology: Part 2

In part 1 of this blog series, we explored objective standards for evaluating application cipher suites using the National Institute of Standards and…

Read about this article
Webinars December 18 2024

The Lost Underground

Join TrustedSec Principal Security Consultant Mike Felch for an eye-opening journey into the lost underground, where ingenuity, disobedience, and complexity…

Read about this article
News December 10 2024

TrustedSec Tech Brief - December 2024 Year-End Top 3 Roundup

We are rounding up our top Tech Brief stories of 2024! Director of Security Intelligence Carlos Perez goes over what we have seen the most of this year and his…

Read about this article
Podcasts December 06 2024

Security Noise - Episode 7.7

Amazing Stories in InfoSec

Read about this article
Blog December 05 2024

On-Demand BOF

From the team that brought you COFF Loader, CS-Situational-Awareness-BOF, CS-Remote-OPs-BOF, and numerous blogs on BOFs, we are excited to release our first…

Read about this article
Webinars December 04 2024

BEC Basics: Your First Step to Thwarting Email Scams

Join Senior Security Consultant Steven Erwin and Security Consultant Caroline Fenstermacher as they cover the basics of BEC analysis, providing participants…

Read about this article
Blog December 03 2024

Discovering a Deserialization Vulnerability in LINQPad

Like most red teamers, I spend quite a lot of time looking for novel vulnerabilities that could be used for initial access or lateral movement. Recently, my…

Read about this article
Blog November 21 2024

A 5-Minute Guide to HTTP Response Codes

If you've done any network scanning or application testing, you've run into your fair share of HTTP response codes. If not, these codes will show up in most…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.