Matthew Webster Email & Phone Number

New York, NY, US

New York, NY, US

• Creating the cybersecurity requirements related to the mergers and acquisition process for large and small companies including assessment questions, responses, and standards.
• Created cybersecurity committee to govern multiple organizations from a cybersecurity perspective - including risk and metrics.
• Negotiated purchasing related to a number of security tools and services.
• Created assessment framework to monitor and report against for cybersecurity across organizations.
• Assessed the cybersecurity tools capabilities of the organization and worked with IT.
• Worked with legal to review incoming and outgoing contracts on a regular basis.

• Speaking engagements at customer events, executive briefings, and SHI events about a range of topics.
• Created Security Agenda for full day executive briefings. Gave 1.5 presentations and an incident response scenario.
• Guided C level executives at fortune 500 companies on new products, etc.
• Learned more than 120 different security product lines and many of their integrations with one another.
• Brought in new tools and processes to SHI.
• Trained sales executives on new mechanisms for baselining customers based on risk and maturity

• Created a 12 point program profiling the maturity and risks of the various parts of the corporation.
• Presented accomplishments, programs, and future plans to the Board of Directors.
• Built consensus working with CISOs around the greater NYC area around solutions.
• Created a high level security architecture to aim for.
• Selected, set up, and utilized a Managed Security Service. Performed incident response related to alerts. Trained and educated staff to handle incidents.
• Selected the high level hardening standards for the organization. Worked with IT to start the various implementation of the standards.

London, UK, GB

• Managed Security Operations Center and a Data Loss Prevention team. This includes vulnerability management, incident response, next generation firewalls, SIEM, endpoing protection, etc.
• Managed SSAE 16 SOC Type I and Type II audits including audit evidence and discussions
• With others, helped to write and architect a new Client GRC team processes.
• Evaluated and wrote responses to MSAs, SOWs, Questionnaires, etc.
• Create Presentations for Executive Management.
• Trained junior staff on a range of functions.

Basking Ridge, NJ, US

• I have two primary functions - security sales engineer and "consultant" where I am on site at companies performing any number of security related functions. Here are some sample responsibilities;
• Guided C-Level executives in fortune 500 companies in a presales and post sales capacity to; - Determine appropriate strategies and tactics to mitigate risk - Eliminate risk and/or audit findings by architecting.
• Updated customer & datacenter network diagrams with security appliances.
• Educated account executives and engineers on how to position security.
• Acted as project lead on many engagements.
• Evaluated security technologies / networks (cloud and premise) to meet customer requirements.

New York, NY, US

• Performed IT & Business Risk Assessments, Business Continuity Planning according to CMS guidelines.
• Impacted auditors’ assessment of risk during critical audits.
• Provided incident response for enterprise and perimeter environments from analyzing logs, Tripwire, NIDS, etc.
• Lead various IT teams to develop remediation strategies for findings relating to Windows, networking, Solaris, Mainframe, database, applications, etc.
• Reported the status of findings to senior management, technical teams, and the CMS.
• Worked with business/IT to respond to audit findings, penetration tests, vulnerability assessments, & war dialing.

Brooklyn, NY, US

I taught a course called "Internet Proficiency" for several years. It was a broad, yet in-depth examination of all aspects of the Internet; starting from its infancy through today. I prepared students for working with the Internet in a real-world working environment. I gave students an overview of the operating systems, security, practices, and utility in.

• I moved up through a few different positions at the New School. Here are some sample activities;
• Coordinated with management to implement new security policies and procedures.
• Managed all aspects of PC infrastructure including DNS, Security, Active Directory Structure, with hands-on implementation, and streamlined the process.
• Created technical policy and procedure guide for academic computing including staff policy and guidelines including PC installation policies.
• Trained coworkers (and separate departments) in PC technical specifications.
• Supported numerous labs including Macintosh, PC, Unix, and Audio / Video equipment.

Ma, Liberal Studies

Education record

Bacehlor Of Arts, Philosophy Of Social Theory: Integrating Political Science And Economics