EXPERIENCE
Steve Maxwell has 25 years of technical experience ranging from software development to software quality, performance engineering, Information Security, and audit. Before TrustedSec, Steve performed a number of IT functions supporting security initiatives across multiple industries. He has presented to hundreds on topics of automation, performance engineering, and information security.
EDUCATION & CERTIFICATIONS
- Bachelor of Science, University of Utah
- Certified Information Systems Security Professional (CISSP)
- Qualified Security Assessor (QSA)
- Certified Information Systems Auditor (CISA)
- Certified Data Privacy Solutions Engineer (CDPSE)
- ISO 27001 Lead Auditor
- CMMC Registered Practitioner
PROFESSIONAL AFFILIATIONS
Information Systems Audit and Control Association (ISACA)
PASSION FOR SECURITY
Steve’s passion for security is in helping his clients to improve their security and in preparing them to be ‘the smartest in the room’.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Book Review - The Definitive Guide to PCI DSS Version 4
As a PCI QSA, I have answered numerous questions about the new PCI DSS Version 4. With over 500 total controls, and at least 100 of them unique to this…
Network Segmentation for the Rest of Us! How to get your segmentation project moving toward zero trust.
Implementing network segmentation can limit internal movement, improve access control, and slow down attacks, allowing for more time to react and reducing…
Strength Training With Transport Cryptology: Part 2
Review the latest PCI Security Standards Council (PCI-SSC) guidelines for evaluating application cipher suites and ensure compliance with version 4.0 standards…
Security Advisory: React2Shell (CVE-2025-55182) - Critical RCE Vulnerability
A critical vulnerability affecting React Server Components (RSC) is being actively exploited. Here's what to look for and what to do next.
Holy Shuck! Weaponizing NTLM Hashes as a Wordlist
Password reuse is common in Active Directory (AD). From an attacker’s perspective, it is a reliable path to lateral movement or privilege escalation. Most IT…
Security Noise - Hacker Family Feud
Our security experts compete to see which team can guess the most popular answers to cybersecurity industry questions on this episode of the TrustedSec…
Research on Windows Accessibility: Narrator.exe
Join us for our next Discord Livestream "Research on Windows Accessibility: Narrator.exe" on December 4 at 11:00AM ET! During this exclusive session, Principal…
What is a TrustedSec Program Maturity Assessment (PMA)?
The TrustedSec PMA is a tactical approach to evaluating the components, efficiency, and overall maturity of an organization’s Information Security…
NIST CSF 2.0 - From Compliance to Confidence
During our next webinar, our experts will cover the latest evolution of the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF),…
KTVU Fox 2 San Francisco - Too good to be true? Cyber Monday Warning
Protect your purchases this Cyber Monday! Director of Advisory Services Chris Camejo speaks with KTVU Fox 2 to share essential tips on how to safeguard your…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
