Darryl Macleod Email and Phone Number

Provide clients with strategic cyber security support and operational leadership on a virtual basis. Conduct annual internal IT risk assessments to prepare clients for formal audits. Assess and develop security programs, including policies, standards, and procedures. Develop and assist in implementing vulnerability management and incident response programs, processes, and strategies to enhance client cybersecurity. Perform strategic incident response solutions, such as conducting tabletop exercises, building incident playbooks, and creating executive-level communication plans. Aid in developing, improving, and delivering Lares vCISO service offerings.

We are dedicated to advancing the role of Chief Information Security Officers (CISOs) and cybersecurity leaders through rigorous professional standards embodied in our Code of Professional Conduct, ourpath to CISO Accreditation, and comprehensive benefits for our members, including mentoring, coaching, professional development, continued learning, well-being resources, and CISO-specific professional liability insurance.

Manage the Call for Papers process for AtlSecCon, the premier information security conference in Atlantic Canada. Oversee the selection and review of speaker proposals to curate a diverse educational program. Collaborate with industry experts and thought leaders to develop relevant and engaging educational opportunities for conference attendees.

Provided advisory services to clients on various aspects of information security, with a specific focus on IMO maritime cyber risk management and PCI-DSS. Collaborated in pre-sales activities and played a key role in proposal development.

Conducted comprehensive cybersecurity assessments and reviews for clients to identify vulnerabilities and assess their overall security posture. Provided expert guidance and assistance to clients in the creation and documentation of security controls to ensure compliance with industry standards and best practices. Supported clients in implementing robust enterprise cybersecurity programs to enhance their overall security measures and protect against cyber threats.

Collaborated closely with clients to develop and manage their information security programs, ensuring alignment with industry best practices and compliance requirements. Actively participated in scoping and testing activities to support the development and implementation of information security programs. Conducted thorough research and maintained up-to-date information security program content to address evolving compliance requirements. Carried out comprehensive vulnerability scans for client engagements and successfully managed penetration testing engagements to identify and address security vulnerabilities.

The Cybersecurity Intelligence Report: Bot Management and Mitigation

Provided information security architecture consulting, audit, and risk assessment services. Held PCI Qualified Security Assessor (QSA) and Approved Scanning Vendor (ASV) certifications.

Developed engaging and informative online content for Dell. Conducted thorough research to ensure the accuracy and relevance of content. Collaborated with marketing teams to gather information and coordinate content delivery. Stayed updated with industry trends and best practices in online content development.

The Cape Breton Technology Users Group was a volunteer non-profit user group run by IT professionals for IT professionals and enthusiasts on Cape Breton Island.

Former Lead organizer for the Security B-Sides Cape Breton conference.

Conducted extensive research and testing on DDoS mitigation techniques and strategies. Developed comprehensive knowledge of DDoS attack vectors and mitigation technologies. Tested various mitigation tools and solutions to assess their effectiveness in defending against DDoS attacks. Analyzed attack patterns and trends to identify emerging threats and enhance mitigation strategies. Stayed up-to-date with the latest DDoS attack techniques and mitigation best practices to ensure proactive defense measures.

Developed and enhanced compliance audits for Tenable, focusing on ensuring adherence to regulatory and industry standards. Collaborated with Tenable's Support group to identify and resolve issues related to existing audit files. Provided valuable input on tracking emerging regulatory and industry standards to improve compliance audits.

Delivered PCI Compliance Validation Service and provided consulting to service providers and merchants in the payment, retail, and hospitality industries across Canada and the US. Obtained and maintained Qualified Security Assessor (QSA) certification. Guided clients through all project stages of PCI-DSS compliance, including gap analysis, assessment, and remediation. Successfully completed three Reports on Compliance (ROC).

Provided technical support and administration for corporate and client operations/networks onsite and remotely. Led Nova Scotia Power's IT infrastructure support on Cape Breton Island as a subcontractor for CGI. Implemented security best practices across various systems, networks, and databases. Fostered positive client relationships, mentoring and training others in information security. Installed and managed security infrastructure, ensuring network and equipment security. Conducted security audits, vulnerability assessments, and incident response efforts. Oversaw internal business continuity and disaster recovery planning.

Provided monitoring and administration of networks, including set-up, configuration, support for leased data lines, and maintenance of data/telephony systems. Delivered onsite and remote technical support for call center operations, serving as the primary contact for IP telephony (VoIP) clients and implementations. Acted as the primary administrator for Avaya Intuity Audix and CMS systems. Maintained a comprehensive database of all hardware and software assets. Conducted research, provided recommendations, and obtained vendor quotes for hardware and software purchases. Designed, documented, and implemented a data backup process for all servers. Participated as a member of the beta testing team for Empirix VoIP load testing and call analyzer tools (Hammer Call Analyzer and FX-IP/Callmaster). Provided 24x7 on-call support.

Provided desktop/server technical support. Provided radio/television technical operation support. Maintained broadcast equipment. Provided on call support outside of business hours.

Documented network infrastructure requirements for product network. Provided corporate/product network technical support. Security testing and assessment of corporate wireless network.

Installed, configured, and maintained network equipment in three facilities. Managed performance and security of corporate network. Established policies and procedures for server configuration, user and workstation configuration, security, and disaster recovery. Researched, planned, and implemented an open source virus scanning system (Amavis) for corporate mail server (Sendmail). Researched, planned, and implemented Cisco wireless bridge technology between two facilities.

Assisted in planning Netware 5 network implementation for P3 schools project. Member of install team responsible for implementing LANs in seven schools. Responsible for daily on-site network administration of three schools (400+ workstations and laptops). Researched, planned, and conducted technology training sessions for teachers. Installed and configured remote administration tools for six schools. Presented professional and knowledgeable image to clients. Provided on call support outside of business hours.