Profiles search
Kyle Simmers
Director, Cybersecurity Services at Hive Systems
Baltimore, MD, United States
Details
Education:
Bachelor of Science (B.S.)
Information Science and Technology
Penn State University
2008 : 2012
Bachelor of Science (B.S.)
Security and Risk Analysis
Penn State University
2008 : 2012
Master of Science (M.S.)
Cybersecurity
University of Maryland University College
2012 : 2016
Information Science and Technology
Penn State University
2008 : 2012
Bachelor of Science (B.S.)
Security and Risk Analysis
Penn State University
2008 : 2012
Master of Science (M.S.)
Cybersecurity
University of Maryland University College
2012 : 2016
Experience:
2023 : Present
Hive Systems
Director, Cybersecurity Services
2019 : 2023
Morgan Stanley
Senior Manager
I serve as the IT Security Team lead for one of our Public Sector Healthcare teams. In my role I manage and lead IT security teams of 4-5 Associates and subcontractors in performing security controls testing according to FISMA, DISA STIGs, and NIST 800-53 requirements on 4 engagements. I am looked to as the technical controls testing subject matter expert by members of our account team and am leveraged across projects and accounts to provide expertise and value to complete delivery for multiple clients as well as consult on solutions and capabilities for potential new work.
• Supervise the planning, development, and implementation of a comprehensive program to perform testing and assessments of security and privacy controls
• Performed internal penetration and attack testing and Red Team activities at contractor sites, utilizing a variety of penetration testing tools and manual methods in an attempt to compromise systems or gain access to sensitive information available on the network
• Simulated an insider threat scenario through managed asset testing. Testing was completed with Red Team themes to remain undetected and also evaluate the incident response processes in a compressed timeframe over 3-4 days
• Created and facilitated the ROEs with contractors to establish breadth and depth of scope for testing
• Authored whitepapers that provided guidance and recommendations for best practices when implementing new technology, applications, virtual desktop environments, and their impacts to the security posture
• Oversaw the production of high-quality deliverables for clients with focused recommendations and collaborated with them to explain technical concepts, vulnerabilities, associated risks, challenges, and remediation options in understandable terms to facilitate risk-based decisions
• Led business development efforts to grow the cyber security business (Capture Manager, Pricing Lead, Whitepaper Lead) for proposals and marketing totaling $23M in value
2018 : 2019
Guidehouse (Formerly PwC Public Sector)
Senior Associate - IT Security, Privacy & Risk
I served as the IT Security Team lead for one of our Public Sector Healthcare teams. In my role I managed and led IT security teams of 4-5 Associates and subcontractors in performing security controls testing according to FISMA, DISA STIGs, and NIST 800-53 requirements on 4 engagements. I was looked to as the technical controls testing subject matter expert by members of our account team and was leveraged across projects and accounts to provide expertise and value to complete delivery for multiple clients as well as consult on solutions and capabilities for potential new work.
• Performed internal penetration and attack testing and Red Team activities at contractor sites, utilizing a variety of penetration testing tools and manual methods in an attempt to compromise systems or gain access to sensitive information available on the network
• Simulated an insider threat scenario through managed asset testing. Testing was completed with Red Team themes to remain undetected and also evaluate the incident response processes in a compressed timeframe over 3-4 days
• Created and facilitated the ROEs with contractors to establish breadth and depth of scope for testing
• Authored whitepapers that provided guidance and recommendations for best practices when implementing new technology, applications, virtual desktop environments, and their impacts to the security posture
• Oversaw the production of high-quality deliverables for clients with focused recommendations and collaborated with them to explain technical concepts, vulnerabilities, associated risks, challenges, and remediation options in understandable terms to facilitate risk-based decisions
• Led business development efforts to grow the cyber security business (Capture Manager, Pricing Lead, Whitepaper Lead) for proposals and marketing totaling $23M in value
2016 : 2018
PwC
Senior Associate - IT Security, Privacy & Risk
• Performed technical controls testing on a selection of Windows and UNIX servers, Firewalls, and Intrusion Detection Systems (IDS)
• Conducted policy and procedure controls testing for file integrity monitoring, security management, contingency planning, vulnerability management, anti-virus implementations, application whitelisting, mobile device encryption, and access control
• Created deliverables such as detailed testing matrices and work-in-progress grids for the client and contractor, in addition to external work papers for the Office of Inspector General
• Performed managed asset penetration testing at contractor sites, utilizing a variety of penetration testing tools in an attempt to compromise systems or gain access to sensitive information available on the network
2015 : 2016
PwC
Experienced Associate - IT Security, Privacy & Risk
Hive Systems
Director, Cybersecurity Services
2019 : 2023
Morgan Stanley
Senior Manager
I serve as the IT Security Team lead for one of our Public Sector Healthcare teams. In my role I manage and lead IT security teams of 4-5 Associates and subcontractors in performing security controls testing according to FISMA, DISA STIGs, and NIST 800-53 requirements on 4 engagements. I am looked to as the technical controls testing subject matter expert by members of our account team and am leveraged across projects and accounts to provide expertise and value to complete delivery for multiple clients as well as consult on solutions and capabilities for potential new work.
• Supervise the planning, development, and implementation of a comprehensive program to perform testing and assessments of security and privacy controls
• Performed internal penetration and attack testing and Red Team activities at contractor sites, utilizing a variety of penetration testing tools and manual methods in an attempt to compromise systems or gain access to sensitive information available on the network
• Simulated an insider threat scenario through managed asset testing. Testing was completed with Red Team themes to remain undetected and also evaluate the incident response processes in a compressed timeframe over 3-4 days
• Created and facilitated the ROEs with contractors to establish breadth and depth of scope for testing
• Authored whitepapers that provided guidance and recommendations for best practices when implementing new technology, applications, virtual desktop environments, and their impacts to the security posture
• Oversaw the production of high-quality deliverables for clients with focused recommendations and collaborated with them to explain technical concepts, vulnerabilities, associated risks, challenges, and remediation options in understandable terms to facilitate risk-based decisions
• Led business development efforts to grow the cyber security business (Capture Manager, Pricing Lead, Whitepaper Lead) for proposals and marketing totaling $23M in value
2018 : 2019
Guidehouse (Formerly PwC Public Sector)
Senior Associate - IT Security, Privacy & Risk
I served as the IT Security Team lead for one of our Public Sector Healthcare teams. In my role I managed and led IT security teams of 4-5 Associates and subcontractors in performing security controls testing according to FISMA, DISA STIGs, and NIST 800-53 requirements on 4 engagements. I was looked to as the technical controls testing subject matter expert by members of our account team and was leveraged across projects and accounts to provide expertise and value to complete delivery for multiple clients as well as consult on solutions and capabilities for potential new work.
• Performed internal penetration and attack testing and Red Team activities at contractor sites, utilizing a variety of penetration testing tools and manual methods in an attempt to compromise systems or gain access to sensitive information available on the network
• Simulated an insider threat scenario through managed asset testing. Testing was completed with Red Team themes to remain undetected and also evaluate the incident response processes in a compressed timeframe over 3-4 days
• Created and facilitated the ROEs with contractors to establish breadth and depth of scope for testing
• Authored whitepapers that provided guidance and recommendations for best practices when implementing new technology, applications, virtual desktop environments, and their impacts to the security posture
• Oversaw the production of high-quality deliverables for clients with focused recommendations and collaborated with them to explain technical concepts, vulnerabilities, associated risks, challenges, and remediation options in understandable terms to facilitate risk-based decisions
• Led business development efforts to grow the cyber security business (Capture Manager, Pricing Lead, Whitepaper Lead) for proposals and marketing totaling $23M in value
2016 : 2018
PwC
Senior Associate - IT Security, Privacy & Risk
• Performed technical controls testing on a selection of Windows and UNIX servers, Firewalls, and Intrusion Detection Systems (IDS)
• Conducted policy and procedure controls testing for file integrity monitoring, security management, contingency planning, vulnerability management, anti-virus implementations, application whitelisting, mobile device encryption, and access control
• Created deliverables such as detailed testing matrices and work-in-progress grids for the client and contractor, in addition to external work papers for the Office of Inspector General
• Performed managed asset penetration testing at contractor sites, utilizing a variety of penetration testing tools in an attempt to compromise systems or gain access to sensitive information available on the network
2015 : 2016
PwC
Experienced Associate - IT Security, Privacy & Risk
Company:
Hive Systems
Years of Experience:
12
Spoken Language:
French
Skills
C++, Computer Security, Configuration Management, Data Analysis, eEye Retina, HP ConnectIt, HP Service Manager, HP uCMDB, HTML, Information Assurance, Information Security, Information Technology, Java, Microsoft Excel, Microsoft Office, Microsoft Word, Nessus, Nmap, PHP, Project Management, Red Hat Linux, Remediation, Risk Management, SCAP Compliance Checker, Security, SQL, STIG, Vulnerability Assessment, Vulnerability Scanning
Profile Photo
