Ken has over 15 years of industry experience as a noted information and cybersecurity engineer, software developer, author, and presenter, focusing on big security data analytics and Federal Information Security Management Act (FISMA) and NIST 800-53 compliance. Focusing on strict federal security standards, Ken has consulted with numerous federal organizations, including Defense Information Systems Agency (DISA), Department of Veterans Affairs, and the Census Bureau.
He was previously board chair of The Mars Generation’s Student Space Ambassador Leadership Program, an advisory board made up of students and professional mentors focused on STEAM learning and advocacy. His technical career started in the defense sector as a quality assurance and information assurance engineer contracted with the DISA Defense Message System (DMS), eventually designing the top-level architecture of the Host-Based Security System (HBSS) integration for the DMS global messaging backbone. Ken has presented at industry conferences with his research on early warning of cyber-attacks based on open-source intelligence (OSINT).
Ken loves history and the outdoors and spends his spare time metal detecting and magnet fishing throughout the United States, working to find lost pieces of history for future generations to enjoy.
B.S., Computer Science, Mount Saint Mary’s University
Certifications
- CompTIA Advanced Security Practitioner (CASP)
- CompTIA Security+
- Proofpoint Certified AI/ML Specialist
- Proofpoint Certified Security Awareness Specialist
- Lakera 101 AI Security
- CodeFresh GitOps Fundamentals
- ASSA ABLOY Certificates for Electronic Security and Electronic Access Control Systems
Primary Coverage:
Secondary Coverage
- Advanced threat analytics and anomaly detection
- Advanced testing attack simulation
- Bot detection and protection
- Cloud access security broker
- Cryptography and key management
- Container security
- Data leak prevention and data classification
- Electronic governance risk and compliance
- Hardware security modules
- IoT security
- Information rights management
- Managed security service provider
- Patch management
- Physical Security and Access Control
- Runtime application security protection
- Remote access
- Risk management
- Security incident and event management and log management
- Security policy orchestration and automation
- SSL appliances
- Threat intelligence service feeds
- Third-party risk management
- Anti-phishing
- Unified threat management
- Vulnerability management
- Web application firewall
- Workload microsegmentation
- Web security gateway
Tertiary Coverage
- Advanced breach detection
- Antivirus
- Browser isolation
- Consumer identity and access management
- Distributed denial of service protection
- Deception technology
- Digital threat intelligence management
- Intrusion detection/prevention
- Mobile security tools
- Network admission control
- Network APT detection/analysis
- Next-generation endpoint security
- Next-generation firewall/unified threat management
- Secure email gateways and services
- Security operations automation and orchestration
Coverage Definition
Information security, risk, and compliance management is the process by which organizations predict and manage risk by adhering to boundaries set by a business. The practice area encompasses most of the areas and concepts in information security, risk mitigation, and technology regulatory compliance.
