EXPERIENCE
Steve Maxwell has 25 years of technical experience ranging from software development to software quality, performance engineering, Information Security, and audit. Before TrustedSec, Steve performed a number of IT functions supporting security initiatives across multiple industries. He has presented to hundreds on topics of automation, performance engineering, and information security.
EDUCATION & CERTIFICATIONS
- Bachelor of Science, University of Utah
- Certified Information Systems Security Professional (CISSP)
- Qualified Security Assessor (QSA)
- Certified Information Systems Auditor (CISA)
- Certified Data Privacy Solutions Engineer (CDPSE)
- ISO 27001 Lead Auditor
- CMMC Registered Practitioner
PROFESSIONAL AFFILIATIONS
Information Systems Audit and Control Association (ISACA)
PASSION FOR SECURITY
Steve’s passion for security is in helping his clients to improve their security and in preparing them to be ‘the smartest in the room’.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Book Review - The Definitive Guide to PCI DSS Version 4
As a PCI QSA, I have answered numerous questions about the new PCI DSS Version 4. With over 500 total controls, and at least 100 of them unique to this…
Network Segmentation for the Rest of Us! How to get your segmentation project moving toward zero trust.
Implementing network segmentation can limit internal movement, improve access control, and slow down attacks, allowing for more time to react and reducing…
Strength Training With Transport Cryptology: Part 2
Review the latest PCI Security Standards Council (PCI-SSC) guidelines for evaluating application cipher suites and ensure compliance with version 4.0 standards…
You Had Us at the First Alert: A Guide to Finding Frequently Missed Detections
Join us for this webinar to get a clearer picture of where your detection coverage has blind spots and a practical roadmap for closing them before a real…
ISC2 Cleveland Chapter Member Meeting - March 2026
ISC2 Cleveland Chapter March MeetupCome join us for our meetup! The ISC2 Cleveland Chapter is hosting an exciting in-person event for all cybersecurity…
Policy as Code: Stop Writing Policies and Start Compiling Them
The Problem Nobody Wants to Talk AboutLet me paint a picture most security leaders will recognize.You have 30+ policies living as Word documents on SharePoint.…
Security Noise - AI is Exploring The Deep Blue CVEs
On this episode of Security Noise, we explore the cutting-edge use of AI in vulnerability research, exploit development, and cybersecurity defense with guests…
Building a Detection Foundation: Part 4 - Sysmon
Filling the Gaps Native Logging Can'tAt this point in our series, we have Windows Security events capturing logon sessions and process creation, and…
ABC7 Chicago - March Madness betting, ticket scams targeting college basketball tournament fans
March Madness is in full swing and so are the scams, the latest being fake tickets sales and "bogus" bracket challenges. Advisory Solutions Director Alex…
Discord Livestream - AMA: Incident Response
Ask us anything about incident response! Join us for an exclusive Discord Livestream with IR Practice Lead Ryan Macfarlane.
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
