April C. Wright Email & Phone Number
@isaca.org
2 phones found area 877 and 800
LinkedIn matched
Who is April C. Wright? Overview
A concise factual answer block for searchers comparing this professional profile.
April C. Wright is listed as Technical Cybersecurity Leader / Trainer / Speaker / Author. Preventative and pragmatic SDLC, GRC, Privacy, and Awareness. Inventor of the #InfoSecColorWheel (#OrangeTeam #GreenTeam) at Isaca, a with 1287 employees, based in Greater Boston, United States. AeroLeads shows a work email signal at isaca.org, phone signal with area code 877, 800, and a matched LinkedIn profile for April C. Wright.
April C. Wright previously worked as Author at O'Reilly Media and Founder, vCISO, Executive and Technical Consultant at Family Privacy, Llc. April C. Wright holds Bachelor Of Science In Information Systems, Minor In Security Administration from
Email format at Isaca
This section adds company-level context without repeating April C. Wright's masked contact details.
AeroLeads found 1 current-domain work email signal for April C. Wright. Compare company email patterns before reaching out.
About April C. Wright
Technical cybersecurity risk management, Information protection, security awareness, personal and family privacy education. April C. Wright is a hacker, author, teacher, and community leader who has been breaking, making, fixing and defending the security of global critical cyber assets for over 25 years. She is an international speaker and trainer, educating and advising on matters of privacy and information security with the goal of safeguarding the digital components we rely on every day. April has held roles on defensive, operational, adversarial, and development teams throughout her career and is currently a Senior Application Security Architect. Her book, “Fixing An Insecure Software Life Cycle” was published through O’Reilly. She is an occasional co-host for the SecurityWeekly family of webcasts, and has spoken at, helped plan, and contributed to numerous worldwide security conferences. She has presented for government and industry organizations such as OWASP and ISSA. April Is the DEF CON Groups Global Coordinator, and in 2017 she co-founded the local Boston local group, “DC617”. She volunteers and supports a number of organizations, such as (ISC)2, EFF.. April has been assaulted by a lion cub, almost died in Dracula’s “secret staircase” in Romania, and once read in The Onion that researchers at the University of North Carolina released a comprehensive report in 2014 confirming her status as the “most significant and interesting person currently inhabiting the earth”, and that last one was on ‘teh internet’ so it must be true.
Listed skills include Security, Computer Security, Information Security, Security Architecture Design, and 51 others.
April C. Wright's current company
Company context helps verify the profile and gives searchers a useful next step.
April C. Wright work experience
A career timeline built from the work history available for this profile.
Author
CurrentFounder, Vciso, Executive And Technical Consultant
CurrentPrimarily helping domestic abuse survivors and public people with privacy: families, individuals etc, offering various consulting services. Making industry contributions. Services and activities involve compliance, documentation, risk management, personal and family security assessments and training, other security advisement services, as well as presenting and developing training courses and industry talks. I am currently open to employment Full Time or Part Time, in addition to 1099 consulting work.
Senior Application Security Architect / Data Security And Privacy
SaaS, PaaS, IaaS, Integrations, IAM, SDLC, SAST, Defense-in-Depth, Build Security In, OWASP, NIST, FedRAMP, Hybrid Cloud, Data Privacy, Personal Privacy, 3rd Party Risk Management, Supply Chain, Vendor Risk, Threat Management, Policy, Governance, Compliance, Security Awareness and Education, Training, Physical Security Systems, Blockchain
Board Member
InfoSec World USA 2021 security conference - Board Member- Event planning, CFP review and selection, ideation
Co-Host (Ad-Hoc)
Occasional co-host of various podcast/videocast shows for Security Weekly (Application Security Weekly, Enterprise Security Weekly, Paul's Security Weekly, etc)
Trainer At Events
Co-Founder, Member
Organizing meetups, Scheduling speakers and events, Location/space coordination, M.C.
Cyber Security Risk Management, Compliance Manager And Advisor (Sdlc, Offensive Testing, Grc)
"When I find an environment where my creativity and potential can be expressed, there is no limit to the time and energy I will expend in developing insightful and risk-based solutions."Designs and builds infosec programs for new products, and integrates processes to streamline workflows. Project lead for new, $3 million large-scale enterprise EMC/RSA Archer GRC and VMDB implementation. Contributes leadership and serves as a subject matter expert on information security during all phases of the secure development lifecycle for Federal, SLEd, commercial, and regulatory compliances. Provides cyber security assessment, management and documentation for a global, diverse set of technologies and processes within traditional hosting as well as next generation Cloud environments supporting Fortune 100+ clients. Collaborates with internal stakeholders to implement and manage a strong integrated security posture. Extensively assists with compliance activities and documentation. Facilitates strategic staff alignment in support of business objectives. Drives continuous improvement via reporting to ensure objectives are successful. Analyzes systems and applications, recommends and develops data protection controls. Advises executive leadership. Designs and evaluates models and architectures, provides threat assessments, makes critical decisions, and sets policy. Designs appropriate measures to mitigate risks and reduce potential impacts on information and personnel resources to an acceptable level. Designs solutions to meet compliance objectives (e.g. FedRAMP, NIST 800-53 rev 3 + 4 + migrations, ISO, PCI, HIPAA, ITAR, etc). Tailors and drives security relevant phases of the SDLC program. Offensive Testing Manager - Leading a team of highly skilled penetration testers performing formal red team/purple team/yellow team/green team/orange team engagements. Physical penetration testing & social engineering activities performed personally, as required.
Senior Security Engineer
"Here, I learned an incredible amount about Federal Information Security programs, but the SoW and contract were nearly complete when I left, so I was not learning enough to keep me interested. I got an offer to start working on next generation Cloud technologies, and decided that was the best career move. Great decision IMO!"Role/Description:Long-term contract involved developing a large and complex portfolio product. Mission objectives were security software assurance, security engineering, development of policy and procedures, certification and accreditation (C&A) package and plan, security testing and evaluation (ST&E) and application of NIST/FISMA standards. Worked closely with Department of Commerce Federal clients. Participated in formal SDLC security architecture activities pertaining to design, network, operating systems, applications, procurement, policy and procedure development, planning, configuration, intrusion detection, penetration testing, forensics, secure coding practices, software assurance, and other advanced security analysis. Provided concurrent single, short-term C&A and ST&E services for government clients including on-site audits and ST&E and penetration testing.
Senior Information Security Engineer
(Formerly: Digex, Intermedia, MCI, Worldcom)"Near the beginning of my time here, I naturally gravitated to securing systems in my ops sysadmin role. We didn't have a formal security program until the early 00’s, but I saw ways to harden systems and started producing guidance that influenced the future of the company's security. I held multiple roles here, eventually working in a formal yet small security group with big responsibilities, and returned in 2014 because the people and environment met my needs for intellectual stimulation. #DIGEX"06/2007-12/2009 // Senior Engineer Developed (designed and coded) security-relevant applications from scratch using longhand PHP, HTML, and SQL. Projects completed include a security incident tracking tool, completely automated network blocking of attacks seen via NIDS or SIEM, a cross-platform patch auditing tool, and an ITIL-compliant CMDB solution. Concurrently maintained multiple dev projects in various programming languages on different systems/platforms.10/2002-06/2007 // Senior Security AnalystEstablished and documented innovative solutions to complex security management problems. Evaluated security fixes and patches and determined internal risk and remediation plans; Defined and enforced policy controls; Compiled and tested exploits; Vulnerability remediation, Threat assessment. OS and application hardening; Security architecture review; Promoted security awareness. Automated tasks and integrated systems using PHP, HTML, SQL, shell, and perl scripting; Participated in hiring activities; Evaluated RFPs; Provided reactive and preventive operational security for tens of thousands of international managed sites, systems, and infrastructure as a primary member of the CERT.03/1998 - 10/2002 // Senior AdministratorResolved complex technical problems of customer and infrastructure sites; Maintained and tuned networks, hardware and software; Authored procedural documentation; Automation via scripting.
Service Operations Engineer
"Traditional mechanical SOC job - responded to alerts, bounced switches and routers. Totally boring but I had to pay rent. Didn't last long here."Role/Description:Performed proactive and emergency maintenance of network servers. Responded to and resolved network issues and incidents. Monitored and administered high-availability networks.
Administrator
"My first paying job in IT at a startup my IRL friend and some of my IRC friends worked at. I had a lot of Internet, Web, and Unix experience from being in accelerated and extra credit school programs, as well as reading random UNIX, networking, and programming books I purchased from Micro Center. "I was making minimum wage and I was paid hourly, so I worked 6 days a week, 5 ten hour day shifts and 1 overnight shift (it was around the time 'Surge!' soda/pop came out, so that nasty green drink got me through a lot of hard times!)"Overnight, I was the only person monitoring and fixing issues in the entire datacenter, fielding issues ranging from PPP dial up modem banks to tape drives to SunOS or NeXT service outages. I could call one of a handful of engineers for help, but never wanted to. I learned a lot, but couldn't make rent and alternating shifts is just brutal. I left, and they sold to Verio for $100mil a few months later."Role/Description:Addressed customer requests / requirements; Implemented hardware / software; Managed systems and services in a heterogeneous (Windows, Solaris, Linux, BSD, Macintosh, NeXT) network; Responded to alerts; Resolved issues; Documented software and methods; Automation via scripting.
Colleagues at Isaca
Other employees you can reach at isaca.org. View company contacts for 1287 employees →
Avto Nijaradze
Colleague at IsacaGeorgia
View →
KS
Kan Shao
Colleague at IsacaYpsilanti, Michigan, United States
View →
AB
Alfred Bacon, Cisa, Cism, Crisc, Cissp
Colleague at IsacaNiterói, Rio De Janeiro, Brazil
View →
SR
Suresh Reddy B
Colleague at IsacaHyderabad, Telangana, India
View →
MC
Michelle Chen
Colleague at IsacaDongcheng District, Beijing, China
View →
RF
Robyn Franko, Cmp
Colleague at IsacaMchenry, Illinois, United States
View →
SP
Sarinya Piamsilpa (Tic)
Colleague at IsacaBangkok, Bangkok City, Thailand
View →
CC
Carolina Ceniceros
Colleague at IsacaAurora, Illinois, United States
View →
JP
Jessi Price
Colleague at IsacaGibsonia, Pennsylvania, United States
View →
AD
Ashante' Doolittle
Colleague at IsacaGreater Chicago Area, United States
View →
April C. Wright education
Bachelor Of Science In Information Systems, Minor In Security Administration
Masters In Arts, Information Management Systems Minor In Cybersecurity Degree In Progress, Cybersecurity
Associate Of Arts (A.A.), Information Systems
Master'S Level, Social Engineering
Frequently asked questions about April C. Wright
Quick answers generated from the profile data available on this page.
What company does April C. Wright work for?
April C. Wright works for Isaca.
What is April C. Wright's role at Isaca?
April C. Wright is listed as Technical Cybersecurity Leader / Trainer / Speaker / Author. Preventative and pragmatic SDLC, GRC, Privacy, and Awareness. Inventor of the #InfoSecColorWheel (#OrangeTeam #GreenTeam) at Isaca.
What is April C. Wright's email address?
AeroLeads has found 1 work email signal at @isaca.org for April C. Wright at Isaca.
What is April C. Wright's phone number?
AeroLeads has found 2 phone signal(s) with area code 877, 800 for April C. Wright at Isaca.
Where is April C. Wright based?
April C. Wright is based in Greater Boston, United States while working with Isaca.
What companies has April C. Wright worked for?
April C. Wright has worked for Isaca, O'Reilly Media, Family Privacy, Llc, [Redacted], and Cyberrisk Alliance.
Who are April C. Wright's colleagues at Isaca?
April C. Wright's colleagues at Isaca include Avto Nijaradze, Kan Shao, Alfred Bacon, Cisa, Cism, Crisc, Cissp, Suresh Reddy B, and Michelle Chen.
How can I contact April C. Wright?
You can use AeroLeads to view verified contact signals for April C. Wright at Isaca, including work email, phone, and LinkedIn data when available.
What schools did April C. Wright attend?
April C. Wright holds Bachelor Of Science In Information Systems, Minor In Security Administration from <Redacted> University.
What skills is April C. Wright known for?
April C. Wright is listed with skills including Security, Computer Security, Information Security, Security Architecture Design, Cloud Computing, Network Security, Penetration Testing, and Unix.
Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.
Start free trial