Matthew Waddell

Matthew Waddell Email and Phone Number

Incident Response Architect @ Tactically Secure
Sheridan, WY, US
Matthew Waddell's Location
United States, United States
Matthew Waddell's Contact Details

Matthew Waddell work email

Matthew Waddell personal email

n/a
About Matthew Waddell

The crack of rifle fire echoed off the walls around me. It wasn’t my firefight—not yet. US Special Forces were on a mission, and I was there for a single purpose: to use my digital forensics expertise to support our team on the front lines. In a landscape where seconds count, my job was to provide precise, actionable intelligence.Digital forensics demands patience, logic, and a trained eye to uncover the crucial “needle” in a haystack of shifting data. But in the field, intelligence gathered today must be acted on immediately. The team’s primary goal was to retrieve live data from specific targeted devices. We call it “Pocket litter” – phones, laptops, hard drives – all of which become tools of discovery, guiding the next mission, pinpointing the next building to secure, the next threat to neutralize.Incident Response (IR) operates with the same critical timing and structure. Each step—analysis, action, containment—must unfold in precise order, with leadership at the core, guiding decisions when clarity and information is scarce. During a forensic investigation, the final stage of IR, a misstep can cost time, resources, reputation, and, in rare cases, lives.I have over 20 years in IT Security and a focus on incident response, and large-scale disaster recovery, I’ve been fortunate to work on complex security challenges with outstanding minds across industries. I’ve collaborated with NASA’s Incident Response Team, established digital forensics SOCs within Fortune-level enterprises, and secured operations for three-letter U.S. government agencies you have heard of, and at least one you haven't.My journey is defined by the convergence of technical skill and strategic insight. I want to help you make the right move at the right time.If you're looking for a seasoned security leader to tackle your unique challenges, let’s talk:Matthew@CaffeinatedZen.com

Matthew Waddell's Current Company Details
Tactically Secure

Tactically Secure

View
Incident Response Architect
Sheridan, WY, US
Website:
tacticallysecure.com
Employees:
1
Matthew Waddell Work Experience Details
  • Tactically Secure
    Incident Response Architect
    Tactically Secure
    Sheridan, Wy, Us
    View
  • Optiv
    Incident Reponse Commander | Technical Manager Supporting "Enterprise Incident Response"
    Optiv Oct 2021 - Sep 2024
    Led large-scale incident response operations, aligning technical excellence with executive priorities to safeguard business continuity during critical events. Operated as Incident Commander in reactive engagements and Technical Manager in proactive security planning.• Strategic Incident Response Advisor: Partnered with C-suite leaders to convert security risks into business strategies, strengthening incident readiness and cyber resilience for Fortune-level clients. Reduced containment time and response costs by implementing improved SOPs.• Data Breach & BEC Remediation: Managed responses to data breaches and business email compromises (BEC), implementing rapid remediation to secure data and mitigate financial and regulatory risks.• Standardized SOPs and Incident Playbooks: Developed SOPs and led executive tabletop exercises, enhancing organizational readiness and reinforcing security maturity across client teams.• Mentorship & Team Development: Built a high-performance team of consultants recognized for excellence in client service, fostering skills development and client satisfaction.• Business-Aligned Security Strategy: Generated $5M+ in repeat business by streamlining workflows, advising senior leaders on best practices, and integrating business units to bolster proactive defenses.
    View
  • Cbi | Cyber Security Solutions
    Director Of Digital Forensics And Incident Response
    Cbi | Cyber Security Solutions Feb 2021 - Aug 2021
    Remote
    Built and managed a dedicated IR team, guiding clients through complex security challenges with a focus on minimizing business disruption and enhancing asset protection.• High-Impact Ransomware & Insider Threat Mitigation: Led IR efforts, saving clients over $1M by accelerating recovery times and reducing potential downtime.• Executive Security Advisory: Advised senior leaders on security strategy, aligning security initiatives with business goals for measurable improvement in security posture.• Policy Enhancement & Gap Analysis: Developed targeted policies to address vulnerabilities, reducing recurrence rates and improving response capabilities.• Training & Team Elevation: Improved response efficiency by 30% through regular team workshops, equipping personnel to manage evolving threats effectively.
    View
  • Quiet Professionals, Llc
    Computer Forensic Examiner
    Quiet Professionals, Llc Oct 2020 - Jan 2021
    Tampa, Florida, United States
    Provided digital forensic expertise to (once again) support US Military Special Forces operations, delivering critical intelligence that informed strategic decisions.• High-Impact Forensic Investigations: Produced actionable intelligence from digital evidence in time-sensitive scenarios, with findings influencing decision-making at the highest levels.• SOP Development & Standardization: Established standardized forensic protocols, enhancing efficiency and accuracy across multiple environments.• 24/7 Operational Support: Enabled rapid forensic analysis during live operations, supporting informed decision-making with real-time intelligence.• Technical Leadership: Trained junior team members in forensic tools, improving team capabilities and operational readiness.
    View
  • Mad Security
    Managing Director Of Security Operations
    Mad Security Mar 2020 - Sep 2020
    Huntsville, Alabama, United States
    Oversaw a global SOC-as-a-Service (SOCaaS), focused on operational excellence and client-focused security solutions.• 24/7 Global SOC Leadership: Directed continuous monitoring and threat detection operations, minimizing incident impact for high-profile clients worldwide.• Client-Specific Security Solutions: Delivered customized security solutions aligned with each client's unique requirements, reducing incident response times.• Operational Efficiency & Cost Reduction: Streamlined workflows and implemented automation, cutting operational costs by 50%.• Executive Engagement: Built strong relationships with client executives, providing security insights and securing long-term contracts.
    View
  • Wabisabi Li Llc
    Founder / Coo
    Wabisabi Li Llc 2015 - 2018
    Greater Denver Area
    Founded and scaled an e-commerce business, managing end-to-end operations and establishing a market presence in the Chinese-American marketplace.• Strategic Business Leadership: Built and managed a global e-commerce business with consistent revenue growth and operational efficiency.• Remote Team Management: Led a remote team across time zones, fostering collaboration and achieving high productivity and retention.• Market Expansion & Customer Engagement: Developed marketing campaigns that boosted brand visibility and drove a 30% increase in annual sales.
  • Celestar Holdings Corporation
    Lead Forensic Specialist | Document And Media Exploitation Team (Afghanistan)
    Celestar Holdings Corporation Feb 2011 - May 2013
    Afghanistan
    Lead Forensic Specialist | Document and Media Exploitation Specialist (Afghanistan)Served as a civilian subject matter expert in Afghanistan, supporting US Military Intelligence by conducting forensic investigations on suspected terrorist media. Delivered findings directly to military commanders, contributing to mission-critical intelligence efforts. Authored high-level intelligence reports, meticulously crafted to convey critical findings and insights. These reports were thorough, precise, and impactful, meeting the rigorous standards required for review by top U.S. government officials, including POTUS. Demonstrated expertise in translating complex forensic and investigative data into clear, actionable information that directly supported national security decision-making at the highest levels.- Conducted High-Pressure Investigations Executed intricate forensic analyses under tight deadlines within active combat zones, adapting to the challenging “keep your head down” field conditions.- Enhanced Team Forensic CapabilitiesRegularly trained colleagues on advanced forensic tools (EnCase, FTK, FRED, Coroner's Toolkit, Hex Editors, and Linux/Windows System tools), increasing team efficiency and technical throughput.- Trained and Mentored Team Guided new employees and coordinated logistical support, managing team movements and equipment resupplies in a complex, high-stakes environment, boosting morale and operational continuity.Requested to extended individual contract to better support mission, reflecting my commitment to high-quality, impactful forensic work in a demanding setting.
    View
  • Centurum
    Senior Forensic Specialist | Document And Media Exploitation Team (Iraq)
    Centurum 2009 - 2010
    Iraq
    Civilian contract deployed in Iraq to perform forensics on multiple forms of media under intense time constraints and in the active war zone. • Frequently discovered evidence that directly altered troop movements and lives saved.• Advised soldiers on the ground with actionable intelligence from covertly collected media to include computers, cell phones, and other forms of collected digital information operating under Operation Iraqi Freedom.In my daily use I utilized the following tools:- Cellebrite UFED for Cellphone Forensics- Write blockers and disk clone tools for evidence collection- EnCase, Forensic Tool Kit (FTK), FRED, Coroner's Toolkit, Hex Editors, Bash and EnCase scripts, Linux and Windows System Administration tools for analysis.-Microsoft Office (Excel, Word, PowerPoint) to create and deliver reports and summaries to the responsible parties.- Hardware and Software troubleshooting and repairs were often done by myself to maintain a working system and internal network, in the DOMEX and other related shops I was known as the “IT Guy”.* One year contract.
    View
  • Dell
    Isso Security Operations Officer [Dod/Nsa/Nro Contract]
    Dell Apr 2009 - Aug 2009
    Greater Denver Area
    Information System Security Officer with duties spanning NSA data and DOD systems in a facility located in a high-security NRO facility. • Frequently advised the site NSA Inspector General on forensic evidence procedures. • Developed policies and procedures for system accreditation and certification.[Perot Govt Systems was purchased by Dell in 2010]
    View
  • Self Discovery
    World Travels
    Self Discovery 2007 - 2009
    Everywhere
    After my mother lost her battle with cancer, and then my new step-mother suffered a nearly identical fate, I decided to take a leave of absence from my professional career to care for my now twice-widowed father. I then left home to care for my own mental health in the often cliched "finding oneself" journey. (Pro tip: I was here all along.)My multi-year, solo backpack travels around the world included some of the following adventures:• Driving a motorcycle around Easter Island and dodging the many wild horses.• Exploring Buenos Aires's breathtaking Tango nightlife and losing my wallet* just before my flight. • Sleeping on the cobblestone backstreets of Lima Peru, completely broke, and awaiting a Western Union cash advance to post from my father. (See wallet* note above)• Hiking up Machu Picchu alone in search of clean water and ancient stories.• Solo motorcycle adventure across the lonely Australian outback in search of kangaroo burgers and beer.• Trekking throughout Asia and stumbling across the oldest continually-run sushi restaurant in all of Tokyo.This was my first of several round-the-world trips and I am sure that a book will be coming out as soon as I write one and will be available wherever you purchase obscure out of print adventure stories near you.
  • Concurrent Technologies Corporation
    Senior System Engineer [Penetration Tester Nsa Contract]
    Concurrent Technologies Corporation Apr 2006 - Jun 2007
    Savage, Maryland, Usa
    Senior Staff Engineer in charge of performing penetration and vulnerability analysis of NSA applications being created in-house prior to their release to the NSA Information Assurance Team. • Assisted in the SOC build for the projects testing program by advising on software and hardware systems best suited for the project. • Assisted with server builds, scanned internal networks for vulnerabilities, troubleshoot software under development searched for open ports and vulnerable services. • Determined security audit results and presenting them to the content creators for analysis and retooling where necessary.In this position, I regularly used tools such as:- Metasploit Project- Kali Linux (BackTrack)- Hex editors- VMWare- WireShark- TCPDump- BIOS Manipulation- Microsoft Office (Excel, Word, PowerPoint)- Linux and Windows Sys Admin tools- Hardware Installation/Troubleshooting- IDS Installations and Server Builds- Physical Site Security Risk Assessments- Social Engineering Risk Assessments- IT Security Audits and Accreditation- Documenting Incident Handling Best Practices
    View
  • Constellation
    Incident Response Team Forensic Investigator [Lead Technical Staff]
    Constellation Apr 2004 - Feb 2006
    Baltimore, Maryland Area
    Personally sought out by the Head of Information Protection to create the company's internal SOC and lead a newly formed Digital Forensics Incident Response (DFIR) Team. • Responsible for hundreds of technical Incident Response and Forensic Investigations inside the company. • Developed the Forensic and Incident Response best practice procedures for company use through documenting Policies and Procedures for Evidence Collection, Storage, Investigation use, and eventual evidence destruction.• Assisted legal representation with court cases and presented legal counsel with Investigations and eDiscovery. • Responsible for saving the company an estimated $2,000,000 in potential lost revenue through investigated incidents. • Daily contact with the CIO to advise on specific forensic techniques that may be used and their possible outcomes. In this position, I regularly used tools such as:- EnCase (versions 3-7, EnCase Enterprise)- Forensic Tool Kit (FTK)- Coroner's Toolkit- FRED Forensic Workstation- Hex editors- VMWare- Forensic Write Blockers- Linux and Windows Sys Admin tools- Microsoft Office (Excel, Word, PowerPoint)- Memory Forensics- Cloud Forensics- Hardware installation/troubleshooting- BIOS Manipulation- Physical Site Security Risk Assessments- Social Engineering Risk Assessments- IT Security Audits and Accreditation
    View
  • Teksystems
    Information Assurance Specialist [Dod Contract]
    Teksystems Jul 2003 - Mar 2004
    Huntsville, Alabama Area
    Information Security Specialist hired to assist in the IT Security Certification and Accreditation of key DOD government systems spread across a wide geographic area. • Instrumental in performing key tests on secure networks. • Lead in the technical documentation of procedures following existing standards. • Critical in solving an internal documentation issue with the company and developed better methods for handling large amounts of quickly changing data in a volatile environment. In this position, I regularly used tools such as:- Kali Linux (known as BackTrack during this time)- Hex editors- VMWare- WireShark- TCPDump- Hardware Installation/Troubleshooting- Linux and Windows Sys Admin tools- Microsoft Office (Excel, Word, PowerPoint)- Physical Site Security Risk Assessments- Social Engineering Risk Assessments- IT Security Audits and Accreditation- Documenting Incident Handling Best Practices[Hired by TekSystems to work for Dynetics on DOD Government Project.] * This was a 6-month contract where I was asked to extend for an additional 3 months due to my knowledge and technical skills.
    View
  • G4S
    Security Systems Analyst And Forensic Investigator [Doe Contract]
    G4S Mar 2002 - May 2003
    Oak Ridge Tn
    Internal Security Team analyst. Promoted to principal Computer Forensics Specialist for the Department of Energy classified security group at this location and supporting DoE Counterintelligence.• Responsible for conducting Top Secret (DOE Q) and highly classified forensic investigations on-site using advanced forensic techniques as well as commonly understood best principles and practices for evidence collection. • Tasked with documenting the proper forensic methods for facility use on systems that included Linux, BSD, Solaris, and Windows. • Responsible for performing digital and physical penetration tests to search for security violations which lead to additional patching of system vulnerabilities on key systems.• OPSEC Coordinator with training in tactics, techniques, and procedures to minimize attack surface.In this position, I regularly used tools such as:- Forensic Write blockers and various disk clone tools for evidence collection- EnCase, Forensic Tool Kit (FTK), Hex Editors, Bash, and EnCase scripts - Linux and Windows Sys Admin tools- VMWare, Memory Forensics and other virtual tools were used to store, carve, and manipulate data - Microsoft Office (Excel, Word, PowerPoint) was used to create and deliver reports and summaries to the responsible parties.- Hardware and Software troubleshooting and repairs were often done by myself to maintain a working system and internal network- Backtrack (now Kali Linux), TCPDump, WireShark, Metasploit, and other open-source tools were used for data extraction and manipulation.[G4S Secure Solutions was formerly Wackenhut Security, DOE government contract.]
    View
  • Csc
    It Security Analyst [Soc Lead And Junior Ir Team Member]
    Csc Sep 2000 - Mar 2002
    Huntsville, Alabama Area
    IT Security Analyst working on a team monitoring NASA’s Wide Area Network for intrusions.• Quickly promoted to shift lead and system administrator for NASA’s Wide Area Network Intrusion Detection Team (NSOC). • integrated into IR Team at NASA MSFC and responsible for mitigating ITSec incidents across NASA network.• System administrator for multiple 24/7/365 Windows and Linux Intrusion Detection Monitoring systems and software.• Mitigated security incidents on a daily basis using ITSec monitoring tools and analyzing log files • Assisted in the installation of intrusion detection systems presently located at all NASA facilities in the United States.• Responsible for reacting to several complicated virus attacks mutating across NASA’s Wide Area Network and helped to prevent additional damage estimated to be over $20,000,000. In this position I frequently used the following tools:- IDS Monitoring Software- Linux and Windows Sys Admin tools- Microsoft Office (Excel, Word, PowerPoint)- EnCase Forensic Tools- Hex editors- VMWare- WireShark- TCPDump- Hardware Installation/Troubleshooting- IDS Installations and Server Builds- BIOS Manipulation- Physical Site Security Risk Assessments- IT Security Audits and Accreditation- Documenting Incident Handling Best Practices
    View

Matthew Waddell Skills

Information Security Management Incident Response Information Security Computer Forensics Physical Security Evidence Collection Penetration Testing Network Security Security Management Security Training Corporate Security Computer Maintenance Computer Networking Computer Literacy Linux Computer Hardware Microsoft Office Forensic Analysis Forensic Toolkit Digital Forensics Network Forensics Security Awareness Computer Architecture Computer Hardware Installation Security Consulting Computer Science Counterintelligence Information Technology Risk Assessment Risk Management Internal Investigations Management Consulting System Administration Litigation Support Cybersecurity Vulnerability Assessment Security Audits Intrusion Detection Encase Cellebrite Security Information And Event Management Application Security Social Engineering Project Management Iso 27001 Nist Networking

Matthew Waddell Education Details

Frequently Asked Questions about Matthew Waddell

What company does Matthew Waddell work for?

Matthew Waddell works for Tactically Secure

What is Matthew Waddell's role at the current company?

Matthew Waddell's current role is Incident Response Architect.

What is Matthew Waddell's email address?

Matthew Waddell's email address is mw****@****inc.com

What schools did Matthew Waddell attend?

Matthew Waddell attended The University Of Alabama In Huntsville, The University Of Alabama In Huntsville.

What skills is Matthew Waddell known for?

Matthew Waddell has skills like Information Security Management, Incident Response, Information Security, Computer Forensics, Physical Security, Evidence Collection, Penetration Testing, Network Security, Security Management, Security Training, Corporate Security, Computer Maintenance.

Not the Matthew Waddell you were looking for?

View similar profiles

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.