April C. Wright

April C. Wright Email and Phone Number

Technical Cybersecurity Leader / Trainer / Speaker / Author. Preventative and pragmatic SDLC, GRC, Privacy, and Awareness. Inventor of the #InfoSecColorWheel (#OrangeTeam #GreenTeam) @ Isaca
Boston, MA, US
April C. Wright's Location
Greater Boston, United States, United States
April C. Wright's Contact Details

April C. Wright personal email

n/a

April C. Wright phone numbers

About April C. Wright

Technical cybersecurity risk management, Information protection, security awareness, personal and family privacy education. April C. Wright is a hacker, author, teacher, and community leader who has been breaking, making, fixing and defending the security of global critical cyber assets for over 25 years. She is an international speaker and trainer, educating and advising on matters of privacy and information security with the goal of safeguarding the digital components we rely on every day. April has held roles on defensive, operational, adversarial, and development teams throughout her career and is currently a Senior Application Security Architect. Her book, “Fixing An Insecure Software Life Cycle” was published through O’Reilly. She is an occasional co-host for the SecurityWeekly family of webcasts, and has spoken at, helped plan, and contributed to numerous worldwide security conferences. She has presented for government and industry organizations such as OWASP and ISSA. April Is the DEF CON Groups Global Coordinator, and in 2017 she co-founded the local Boston local group, “DC617”. She volunteers and supports a number of organizations, such as (ISC)2, EFF.. April has been assaulted by a lion cub, almost died in Dracula’s “secret staircase” in Romania, and once read in The Onion that researchers at the University of North Carolina released a comprehensive report in 2014 confirming her status as the “most significant and interesting person currently inhabiting the earth”, and that last one was on ‘teh internet’ so it must be true.

April C. Wright's Current Company Details
Isaca

Isaca

View
Technical Cybersecurity Leader / Trainer / Speaker / Author. Preventative and pragmatic SDLC, GRC, Privacy, and Awareness. Inventor of the #InfoSecColorWheel (#OrangeTeam #GreenTeam)
Boston, MA, US
Website:
isaca.org
Employees:
1287
April C. Wright Work Experience Details
  • Isaca
    Isaca
    Boston, Ma, Us
    View
  • O'Reilly Media
    Author
    O'Reilly Media Aug 2017 - Present
  • Family Privacy, Llc
    Founder, Vciso, Executive And Technical Consultant
    Family Privacy, Llc Dec 2018 - Present
    Primarily helping domestic abuse survivors and public people with privacy: families, individuals etc, offering various consulting services. Making industry contributions. Services and activities involve compliance, documentation, risk management, personal and family security assessments and training, other security advisement services, as well as presenting and developing training courses and industry talks. I am currently open to employment Full Time or Part Time, in addition to 1099 consulting work.
  • [Redacted]
    Senior Application Security Architect / Data Security And Privacy
    [Redacted] Feb 2019 - Apr 2023
    Austin, Texas, Us
    SaaS, PaaS, IaaS, Integrations, IAM, SDLC, SAST, Defense-in-Depth, Build Security In, OWASP, NIST, FedRAMP, Hybrid Cloud, Data Privacy, Personal Privacy, 3rd Party Risk Management, Supply Chain, Vendor Risk, Threat Management, Policy, Governance, Compliance, Security Awareness and Education, Training, Physical Security Systems, Blockchain
    View
  • Cyberrisk Alliance
    Board Member
    Cyberrisk Alliance Feb 2021 - Feb 2022
    New York, New York, Us
    InfoSec World USA 2021 security conference - Board Member- Event planning, CFP review and selection, ideation
    View
  • Security Weekly Productions
    Co-Host (Ad-Hoc)
    Security Weekly Productions Sep 2018 - Aug 2020
    Warwick, Ri, Us
    Occasional co-host of various podcast/videocast shows for Security Weekly (Application Security Weekly, Enterprise Security Weekly, Paul's Security Weekly, etc)
    View
  • Black Hat
    Trainer At Events
    Black Hat Aug 2018 - Aug 2020
  • Boston Defcon Group 617
    Co-Founder, Member
    Boston Defcon Group 617 Jul 2017 - Mar 2020
    Organizing meetups, Scheduling speakers and events, Location/space coordination, M.C.
  • Verizon
    Cyber Security Risk Management, Compliance Manager And Advisor (Sdlc, Offensive Testing, Grc)
    Verizon Apr 2014 - Sep 2018
    Basking Ridge, Nj, Us
    "When I find an environment where my creativity and potential can be expressed, there is no limit to the time and energy I will expend in developing insightful and risk-based solutions."Designs and builds infosec programs for new products, and integrates processes to streamline workflows. Project lead for new, $3 million large-scale enterprise EMC/RSA Archer GRC and VMDB implementation. Contributes leadership and serves as a subject matter expert on information security during all phases of the secure development lifecycle for Federal, SLEd, commercial, and regulatory compliances. Provides cyber security assessment, management and documentation for a global, diverse set of technologies and processes within traditional hosting as well as next generation Cloud environments supporting Fortune 100+ clients. Collaborates with internal stakeholders to implement and manage a strong integrated security posture. Extensively assists with compliance activities and documentation. Facilitates strategic staff alignment in support of business objectives. Drives continuous improvement via reporting to ensure objectives are successful. Analyzes systems and applications, recommends and develops data protection controls. Advises executive leadership. Designs and evaluates models and architectures, provides threat assessments, makes critical decisions, and sets policy. Designs appropriate measures to mitigate risks and reduce potential impacts on information and personnel resources to an acceptable level. Designs solutions to meet compliance objectives (e.g. FedRAMP, NIST 800-53 rev 3 + 4 + migrations, ISO, PCI, HIPAA, ITAR, etc). Tailors and drives security relevant phases of the SDLC program. Offensive Testing Manager - Leading a team of highly skilled penetration testers performing formal red team/purple team/yellow team/green team/orange team engagements. Physical penetration testing & social engineering activities performed personally, as required.
    View
  • Kbrwyle
    Senior Security Engineer
    Kbrwyle Jan 2010 - Apr 2014
    Houston, Tx, Us
    "Here, I learned an incredible amount about Federal Information Security programs, but the SoW and contract were nearly complete when I left, so I was not learning enough to keep me interested. I got an offer to start working on next generation Cloud technologies, and decided that was the best career move. Great decision IMO!"Role/Description:Long-term contract involved developing a large and complex portfolio product. Mission objectives were security software assurance, security engineering, development of policy and procedures, certification and accreditation (C&A) package and plan, security testing and evaluation (ST&E) and application of NIST/FISMA standards. Worked closely with Department of Commerce Federal clients. Participated in formal SDLC security architecture activities pertaining to design, network, operating systems, applications, procurement, policy and procedure development, planning, configuration, intrusion detection, penetration testing, forensics, secure coding practices, software assurance, and other advanced security analysis. Provided concurrent single, short-term C&A and ST&E services for government clients including on-site audits and ST&E and penetration testing.
    View
  • Verizon Enterprise Solutions
    Senior Information Security Engineer
    Verizon Enterprise Solutions Mar 1998 - Dec 2009
    Basking Ridge, Nj, Us
    (Formerly: Digex, Intermedia, MCI, Worldcom)"Near the beginning of my time here, I naturally gravitated to securing systems in my ops sysadmin role. We didn't have a formal security program until the early 00’s, but I saw ways to harden systems and started producing guidance that influenced the future of the company's security. I held multiple roles here, eventually working in a formal yet small security group with big responsibilities, and returned in 2014 because the people and environment met my needs for intellectual stimulation. #DIGEX"06/2007-12/2009 // Senior Engineer Developed (designed and coded) security-relevant applications from scratch using longhand PHP, HTML, and SQL. Projects completed include a security incident tracking tool, completely automated network blocking of attacks seen via NIDS or SIEM, a cross-platform patch auditing tool, and an ITIL-compliant CMDB solution. Concurrently maintained multiple dev projects in various programming languages on different systems/platforms.10/2002-06/2007 // Senior Security AnalystEstablished and documented innovative solutions to complex security management problems. Evaluated security fixes and patches and determined internal risk and remediation plans; Defined and enforced policy controls; Compiled and tested exploits; Vulnerability remediation, Threat assessment. OS and application hardening; Security architecture review; Promoted security awareness. Automated tasks and integrated systems using PHP, HTML, SQL, shell, and perl scripting; Participated in hiring activities; Evaluated RFPs; Provided reactive and preventive operational security for tens of thousands of international managed sites, systems, and infrastructure as a primary member of the CERT.03/1998 - 10/2002 // Senior AdministratorResolved complex technical problems of customer and infrastructure sites; Maintained and tuned networks, hardware and software; Authored procedural documentation; Automation via scripting.
    View
  • Uunet
    Service Operations Engineer
    Uunet Jan 1998 - Mar 1998
    Us
    "Traditional mechanical SOC job - responded to alerts, bounced switches and routers. Totally boring but I had to pay rent. Didn't last long here."Role/Description:Performed proactive and emergency maintenance of network servers. Responded to and resolved network issues and incidents. Monitored and administered high-availability networks.
    View
  • Digitalnation
    Administrator
    Digitalnation Aug 1997 - Dec 1997
    "My first paying job in IT at a startup my IRL friend and some of my IRC friends worked at. I had a lot of Internet, Web, and Unix experience from being in accelerated and extra credit school programs, as well as reading random UNIX, networking, and programming books I purchased from Micro Center. "I was making minimum wage and I was paid hourly, so I worked 6 days a week, 5 ten hour day shifts and 1 overnight shift (it was around the time 'Surge!' soda/pop came out, so that nasty green drink got me through a lot of hard times!)"Overnight, I was the only person monitoring and fixing issues in the entire datacenter, fielding issues ranging from PPP dial up modem banks to tape drives to SunOS or NeXT service outages. I could call one of a handful of engineers for help, but never wanted to. I learned a lot, but couldn't make rent and alternating shifts is just brutal. I left, and they sold to Verio for $100mil a few months later."Role/Description:Addressed customer requests / requirements; Implemented hardware / software; Managed systems and services in a heterogeneous (Windows, Solaris, Linux, BSD, Macintosh, NeXT) network; Responded to alerts; Resolved issues; Documented software and methods; Automation via scripting.

April C. Wright Skills

Security Computer Security Information Security Security Architecture Design Cloud Computing Network Security Penetration Testing Unix Sdlc Solaris Vulnerability Assessment Itil Vulnerability Management Iso 27001 Security Awareness Secure Sdlc Security Management Pci Dss Secure Network Architecture Application Security Architecture Information System Design Security Compliance Enterprise Network Security Physical Security Federal Risk And Authorization Management Program Fedramp Threat Modeling Legal Issues In Information Security Threat And Vulnerability Management Threat Assessment Information Security Engineering Nist Cloud Computing Iaas Threat Analysis Threat Management Agile Application Development Cloud Storage Security Analysis Scaled Agile Framework Public Speaking Conference Speaking Business Process Offensive Security Testing Project Management Payment Card Industry Data Security Standard U.s. Health Insurance Portability And Accountability Act General Data Protection Regulation Data Privacy Technical Writing Data Center Security Incident And Event Management Auditing Virtualization Security Disaster Recovery Linux Digital Photography Adulting

April C. Wright Education Details

  • <Redacted> University
    University
    Minor In Security Administration
  • <Redacted And Different> University
    University
    Cybersecurity
  • <Redacted> University
    University
    Information Systems
  • Social-Engineer, Inc.
    Social-Engineer, Inc.
    Social Engineering

Frequently Asked Questions about April C. Wright

What company does April C. Wright work for?

April C. Wright works for Isaca

What is April C. Wright's role at the current company?

April C. Wright's current role is Technical Cybersecurity Leader / Trainer / Speaker / Author. Preventative and pragmatic SDLC, GRC, Privacy, and Awareness. Inventor of the #InfoSecColorWheel (#OrangeTeam #GreenTeam).

What is April C. Wright's email address?

April C. Wright's email address is ap****@****ess.com

What is April C. Wright's direct phone number?

April C. Wright's direct phone number is (877) 297*****

What schools did April C. Wright attend?

April C. Wright attended University, University, University, Social-Engineer, Inc..

What are some of April C. Wright's interests?

April C. Wright has interest in Dutch Language, Hipster Stuff, Logic, Learning, See 19, Nlp, Art, Creativity, Ongoing Education, Cybersecurity.

What skills is April C. Wright known for?

April C. Wright has skills like Security, Computer Security, Information Security, Security Architecture Design, Cloud Computing, Network Security, Penetration Testing, Unix, Sdlc, Solaris, Vulnerability Assessment, Itil.

Who are April C. Wright's colleagues?

April C. Wright's colleagues are Marlene Dutkovic, Ananya Sinha, Amani Al Awan, Alfred Bacon, Cisa, Cism, Crisc, Cissp, Ca E.kathirvel, C., Robyn Franko, Cmp, Joris Vredeling.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.