Profiles search
Don M.
CISO / Information Security Advocate, Strategist & Leader
Columbus, OH, United States
Details
Education:
Digital Forensics Certificate
Computer Forensics
Bryant University
2003 : 2003
Business Management
Community College of Rhode Island
1997 : 2003
Information Technology Management
Pikes Peak State College
1993 : 1996
Diploma
General Education; Computer Programming
Toll Gate High School
1988 : 1992
Computer Forensics
Bryant University
2003 : 2003
Business Management
Community College of Rhode Island
1997 : 2003
Information Technology Management
Pikes Peak State College
1993 : 1996
Diploma
General Education; Computer Programming
Toll Gate High School
1988 : 1992
Experience:
BreachSiren provides enterprises critical Third-party Risk Management intelligence. BreachSiren works with industry regulators to aggregate accurate data breach records directly from the source.
With a deep understanding of the cyber security industry, I offer valuable insights and recommendations to help navigate challenges and drive growth. Leveraging my extensive network and experience, I assist in areas such as market analysis, business development, and strategic partnerships. Passionate about fostering innovation and helping startups succeed, I collaborate closely with the founder to identify opportunities, identify opportunities, and optimize operations.
2023 : Present
BreachSiren
Outside Advisor
Dedicated and knowledgeable instructor with expertise in the ISC2 Systems Security Certified Practitioner (SSCP) course. Passionate about cultivating the next generation of cybersecurity professionals, I deliver comprehensive training on essential concepts and skills required for SSCP certification. With a deep understanding of industry best practices and real-world scenarios, I create engaging and interactive learning experiences that empower students to develop a solid foundation in information security. Through practical examples, hands-on exercises, and engaging discussions, I guide learners in mastering topics such as access controls, network security, cryptography, and risk management. Committed to ensuring student success, I provide ongoing support, mentorship, and exam preparation strategies to help individuals excel in their careers.
2023 :
Columbus State Community College
Instructor - Cyber Security Certificate Program
As a digital literacy instructor for Columbus State Community College, I am dedicated to empowering individuals with essential digital skills for the modern world. With a wealth of knowledge in technology and digital tools, I design and deliver engaging training programs that cater to learners of all backgrounds and skill levels. By breaking down complex concepts into easily understandable modules, I foster a supportive and inclusive learning environment that encourages curiosity and exploration.
Through interactive exercises, practical demonstrations, and hands-on activities, I guide students in developing proficiency in a wide range of digital literacy areas, including basic computer skills, internet navigation, online safety, effective communication, information literacy, and digital citizenship. I emphasize the importance of critical thinking, problem-solving, and adaptability in today's rapidly evolving digital landscape.
2023 :
Columbus State Community College
Instructor - Accelerated Training Center
As the Chief Information Security Officer, I am responsible for the development, execution, and ongoing maintenance of the company's information security program.
I oversee Embrace's Third-party Risk Management program and team.
I am responsible for all technology and security related audits and assessments, including our annual SOC2 audit, NIST CSF Assessment, Partner Vendor Due Diligence, and State Exams.
In addition to managing the security program, I am responsible security operations and engineering. I have been instrumental in transitioning Embrace from an on-prem/VDI-based environment to more of a cloud-first culture. To get there, I implemented several Azure AD and M365 technologies to adequately protect data on endpoints and prevent misuse.
I implemented an XDR solution that rivals our previous security operations technologies and capabilities. With the implementation, we were able to integrate Azure/M365 events, along with several other security stacks telemetry. One of the result is being able to identify potential BEC's and shut them down in under 30 minutes. Additionally, having the forensic data available to adequately reconstruct the events and timeline.
I bolstered Embrace's vulnerability management program from performing unauthenticated vulnerability scans against a limited scope once a month, to scanning all assets no less than weekly. I also increased penetration testing from annually to quarterly. Throughout the maturation of the program, I was able to drive remediation of dozens of findings.
I implemented a GRC program and solution to catalog our critical controls, and control owners, as well as track risks and other findings in a risk register.
2020 :
Embrace Home Loans
Chief Information Security Officer
As an adjunct instructor for the Division of Workforce Partnerships I develop and teach non-credit, cyber security courses across industries throughout Rhode Island and online. Courses are taught using competency based learning outcomes and vary in length, ranging from four hour workshops to semester long training programs.
As an instructor I plan and implement class curriculum and educational programs for the Division of Workforce Partnerships. Additionally, I communicate class content utilizing a variety of teaching methods so that learning occurs, skills are developed, and students are motivated to learn and achieve their educational and employment objectives.
2020 : 2021
Community College of Rhode Island
Adjunct Cyber Security Instructor
With a deep understanding of the cyber security industry, I offer valuable insights and recommendations to help navigate challenges and drive growth. Leveraging my extensive network and experience, I assist in areas such as market analysis, business development, and strategic partnerships. Passionate about fostering innovation and helping startups succeed, I collaborate closely with the founder to identify opportunities, identify opportunities, and optimize operations.
2023 : Present
BreachSiren
Outside Advisor
Dedicated and knowledgeable instructor with expertise in the ISC2 Systems Security Certified Practitioner (SSCP) course. Passionate about cultivating the next generation of cybersecurity professionals, I deliver comprehensive training on essential concepts and skills required for SSCP certification. With a deep understanding of industry best practices and real-world scenarios, I create engaging and interactive learning experiences that empower students to develop a solid foundation in information security. Through practical examples, hands-on exercises, and engaging discussions, I guide learners in mastering topics such as access controls, network security, cryptography, and risk management. Committed to ensuring student success, I provide ongoing support, mentorship, and exam preparation strategies to help individuals excel in their careers.
2023 :
Columbus State Community College
Instructor - Cyber Security Certificate Program
As a digital literacy instructor for Columbus State Community College, I am dedicated to empowering individuals with essential digital skills for the modern world. With a wealth of knowledge in technology and digital tools, I design and deliver engaging training programs that cater to learners of all backgrounds and skill levels. By breaking down complex concepts into easily understandable modules, I foster a supportive and inclusive learning environment that encourages curiosity and exploration.
Through interactive exercises, practical demonstrations, and hands-on activities, I guide students in developing proficiency in a wide range of digital literacy areas, including basic computer skills, internet navigation, online safety, effective communication, information literacy, and digital citizenship. I emphasize the importance of critical thinking, problem-solving, and adaptability in today's rapidly evolving digital landscape.
2023 :
Columbus State Community College
Instructor - Accelerated Training Center
As the Chief Information Security Officer, I am responsible for the development, execution, and ongoing maintenance of the company's information security program.
I oversee Embrace's Third-party Risk Management program and team.
I am responsible for all technology and security related audits and assessments, including our annual SOC2 audit, NIST CSF Assessment, Partner Vendor Due Diligence, and State Exams.
In addition to managing the security program, I am responsible security operations and engineering. I have been instrumental in transitioning Embrace from an on-prem/VDI-based environment to more of a cloud-first culture. To get there, I implemented several Azure AD and M365 technologies to adequately protect data on endpoints and prevent misuse.
I implemented an XDR solution that rivals our previous security operations technologies and capabilities. With the implementation, we were able to integrate Azure/M365 events, along with several other security stacks telemetry. One of the result is being able to identify potential BEC's and shut them down in under 30 minutes. Additionally, having the forensic data available to adequately reconstruct the events and timeline.
I bolstered Embrace's vulnerability management program from performing unauthenticated vulnerability scans against a limited scope once a month, to scanning all assets no less than weekly. I also increased penetration testing from annually to quarterly. Throughout the maturation of the program, I was able to drive remediation of dozens of findings.
I implemented a GRC program and solution to catalog our critical controls, and control owners, as well as track risks and other findings in a risk register.
2020 :
Embrace Home Loans
Chief Information Security Officer
As an adjunct instructor for the Division of Workforce Partnerships I develop and teach non-credit, cyber security courses across industries throughout Rhode Island and online. Courses are taught using competency based learning outcomes and vary in length, ranging from four hour workshops to semester long training programs.
As an instructor I plan and implement class curriculum and educational programs for the Division of Workforce Partnerships. Additionally, I communicate class content utilizing a variety of teaching methods so that learning occurs, skills are developed, and students are motivated to learn and achieve their educational and employment objectives.
2020 : 2021
Community College of Rhode Island
Adjunct Cyber Security Instructor
Company:
BreachSiren
Years of Experience:
13
Spoken Language:
English, French (Basic)
Skills
Business Continuity, CISA, CISSP, Data Security, Disaster Recovery, FFIEC Security Requirements, Firewalls, Information Security, Information Security Management, Information Technology, ISO 27002, IT Audit, ITIL, Networking, Network Security, payment card industry data security standard (pci dss), Payment Card Insustry Security Standards, PCI DSS, Penetration Testing, Risk Assessment, Security, Security Awareness, VPN, Vulnerability Assessment, Vulnerability Management, c/c, opengl, java, microsoft visual studio, computer graphics, c, direct3d, glsl, hlsl, x86 assembly, mfc, qt creator, eclipse, 3ds max, maxscript, unity, Payment Card Insustry, FFIEC Security
About
Established technology professional with 30 years in the Information Technology and Cyber Security space. Well versed in IT Management, Technology Consulting, Professional Services, Risk Management, IT Auditing, Vulnerability Management, Threat Identification and Management, Penetration Testing, Governance, and Compliance.
Profile Photo
