Michael Pinkerman Email & Phone Number
Who is Michael Pinkerman? Overview
A concise factual answer block for searchers comparing this professional profile.
Michael Pinkerman is listed as CISSP-ISSMP, CCSP, CISM Lead InfoSec Architect & Cloud Security Engineer | Leading Cloud Security & AppSec Initiatives at Root Inc., a with 881 employees, based in Hilliard, Ohio, United States. AeroLeads shows a matched LinkedIn profile for Michael Pinkerman.
Michael Pinkerman previously worked as Lead Security Engineer of Cloud Infrastructure Architecture & Application security at Root Inc. and Sr Staff Information Security Engineer at Illumina. Michael Pinkerman holds Bachelor Of Applied Science - Basc, Computer Science from Ohio University.
Email format at Root Inc.
This section adds company-level context without repeating Michael Pinkerman's masked contact details.
Review company-level records connected to Michael Pinkerman before choosing the right outreach path.
About Michael Pinkerman
I am a Sr Staff Information Security Engineer at Illumina, a global leader in genomics and biotechnology, with over 15 years of experience in information security. I hold several professional certifications, including CISSP-ISSMP, CCSP, CISM, CGEIT, CDPSE, and many more, that attest to my expertise and skills in security architecture, offensive security, software/application security, cloud security, and risk management.My mission is to design and implement security solutions that align with the business strategy and meet the security and risk management objectives by leveraging intelligence regarding emerging and known threat vectors to develop and mature security solutions. I pride myself on my proven track record in the space of SecDevOps/DevSecOps where I've established, integrated, and managed cross-functional diverse teams leading 'Cloud-Forward' and 'Data-Driven' Security-By-Default efforts. I'm passionate about leveraging both my experience and creativity to implement an effective security culture, awareness & training initiatives, and establish grass-roots 'cross-pollination' efforts across operations, security, and development to achieve a truly mature 'by-design' security posture. I stay current on emerging tactics, techniques, & procedures by way of my love and background in penetration testing/ web application exploitation. Whether CTF or bug-bounties, I'm always dedicating a portion of personal time into a skillset I believe is not and will not ever be 'complete.' Additionally, I am a published author of graduate program course material in the areas of: Cyberwarfare, WebApplication Exploitation, Red Team engineering, and "In-memory exploitation pathways & subsequent forensics."
Michael Pinkerman's current company
Company context helps verify the profile and gives searchers a useful next step.
Michael Pinkerman work experience
A career timeline built from the work history available for this profile.
Sr Staff Information Security Engineer
●Providing regular reports and updates to senior management on the status of cloud security initiatives, including key metrics, risks, and performance indicators.●Leading and managing a team of cloud security engineers, providing guidance, mentorship, and technical expertise to ensure the successful execution of projects.●Overseeing the design, implementation, and maintenance of security controls and measures within several large and diverse cloud environments to safeguard against cyber threats and vulnerabilities.●Serving as a subject matter expert and liaison for cloud security, penetration testing, Red Team, and software security matters, representing the organization in discussions with clients, partners, and regulatory bodies●Design & creation of bespoke ‘security framework’ to be ‘universally applicable’ internally and relate to all known security standards externally; By which then said framework leveraged for conducting risk assessments, vulnerability scans, and security audits to identify and mitigate potential security risks and compliance gaps.●Overseeing initiatives within ‘Cloud Security’ such as SASE, NGFW, CASB, DLP, SWG, SD-WAN, ZTNA, and more.●Leading collaboration & communication across Networking, Operations, Development, & Product divisions to initiate formation of ‘True SecDevOps/DevSecOps’ and work towards operationalizing “Security By Design/Default.”
Senior Information Security Engineer | Manager, Security Operations
● First ‘Security-Specific’ Hire with the task of establishing Application Security initiative.● Created Top-Down ‘Governance Hierarchy’ by which compliance obligations could ‘flow into’ policies, procedures, practices, standards, guidelines, and mandates.● Leveraging novel security framework to assess & evaluate infrastructure, architecture, and all information assets (on prem and remote) in an informed gap assessment/analysis to compare against designed ‘secure baselines’● Design & implementation of security solutions in a ‘Secure-By-Design/Default’ posture across on-prem, satellite sites, remote workers & assets, and cloud infrastructure that included:○ SD-WAN, Next-Gen/Layer7 Firewalls, Cloud Access Security Brokers (CASB), Secure Web Gateways (SWG), Single Sign On (SSO), Identity & Access MGMT (IAM), Endpoint Detection & Response (EDR/XDR), End-User Monitoring (EUM), Data Security Posture MGMT (DSPM), Vulnerability Assessment & MGMT, Container Security, and more.● Lead integration effort titled “Cross-Pollination” that sought to establish “Data-Driven & Cloud Focused” security implementation & integration that saw creation of SecDevOps as a separate entity. ● Lead ‘SecDevOps’ efforts of integrating InfoSec in every intersection of SDLC through creation of novel ‘frameworks’ that involved collaboration & communication of all ‘tech teams’ to ensure a collaborative and supportive work environment built on trust, integrity, and mutual respect.● Reporting directly to the executive leadership/C-Suite (CEO and CTO) to convey needs, requirements, proposals, and progress updates. Responsible for preparing diverse documentation, completing assessments/audits, and managing the submission process for accreditations and certifications. Additionally, handling ongoing budget requests and expansions
Cyber Security Manager, Head Of Security Architecture & Cloud Infrastructure
● Spearheaded the establishment of security-specific policies, procedures, and best practices, along with centralized documentation management.● Implemented revisions to documentation methods, standards, and practices, while providing training to staff on critical concepts like data loss prevention and data classification & handling.● Collaborated with development department heads to enforce software security standards, deliver security-focused learning and training initiatives, and develop accountability programs in alignment with industry standards such as NIST, ISO, and OWASP.● Consulted with operations and IT leaders to ensure consistent implementation and enforcement of security measures, including asset management, secure operations, continual monitoring, and deployment of next-generation firewall, IDS/IPS, CASB/SASE solutions, among others.● Led compliance efforts and enforced company policies, standards, and regulatory obligations, ensuring adherence to statutory, regulatory, and contractual requirements.● Directed the establishment of an Application Security (AppSec) team, providing training to developers in software security and establishing secure Software Development Lifecycle (SDLC) processes. Implemented cross-pollination strategies to enhance collaboration and capabilities between infrastructure/DevOps, development, and InfoSec teams.● Managed Secure Operations Initiatives, including the development of an on-premises Security Operations Center (SOC) to enhance monitoring and response capabilities.● Provide executive-level reporting on the organization's security posture, incidents, and emerging threats to senior leadership and the board of directors.● Manage relationships with external partners, vendors, and regulatory agencies to ensure compliance with contractual and legal obligations.
Independent Security Consultant, Infosec Analyst, Penetration Tester
During this period, I held diverse roles and responsibilities, including:● Penetration Tester: Conducted manual exploitation and penetration testing across various environments, from small-scale to enterprise-level networks, encompassing wireless, wired, web applications, and mobile platforms.● Red Team Member/ Lead: Developed and executed attack scenarios based on threat intelligence and models, utilizing both off-the-shelf and custom tools and scripts for reconnaissance, exploitation, evasion, replication, and exfiltration.● Principal SOC Analyst/Lead Architect: Analyzed and correlated security events using custom and industry-standard log aggregation methods and SIEM solutions. Implemented automation to enhance efficiency in event analysis and response.● Sr. Security Engineer and Architect: Designed and deployed security awareness plans, policies, and educational initiatives, conducting company-wide security awareness assessments. Implemented risk management controls and advanced monitoring solutions across various assets, including endpoints, perimeter, on-premises, cloud, and web assets.● Leveraged intelligence on adversarial capabilities, infrastructure, and tactics, techniques, and procedures (TTPs) to develop and deploy specialized solutions for operational indication and alerting purposes.● Coordinated and participated in regular red team exercises and penetration tests to assess and improve security posture.● Contributed to the design and deployment of advanced risk management controls and reporting solutions, including Managed Detection and Response (MDR), Extended Detection and Response (EDR), and others.
Sr Security Operations Engineer/Architect
●Developed and authored InfoSec protocols for a newly established SOC team, which were subsequently adopted by the main team, Enterprise Security Division, and other operational divisions.●Created security awareness and training materials for the proposed 'Security Liaison' program, facilitating the appointment of InfoSec-reporting personnel in every team, division, and department.●Conducted Gap Analysis to assess security initiatives and standards implementation, ensuring a proactive "Security Baked-In; NOT Bolted-On" approach. Utilized MOSCOW analysis to prioritize outstanding compliance or contractual obligations.●Designed a comprehensive roadmap involving Development, Operations/DevOps, IT, HR, and InfoSec efforts based on Gap Analysis findings.●Authored assessments, reports, and analyses, collaborating with development teams on remediation timelines and subsequent threat acceptance.●Deployed and designed security architecture in AWS, GCP, Azure, and on-premises environments, including virtualization and containerization security measures such as runtime security scanning and Zero Trust-based permission structures.●Maintained current knowledge of attack surfaces, kill chains, Tactics, Techniques, and Procedures (TTPs), CVEs, and exploits, while conducting thorough testing of exploits against company assets to identify weaknesses in architecture, code, operating systems, and configurations.●Oversaw the setup, migration, and securing of all hosted assets, implementing Access Control Lists (ACLs), Intrusion Detection Systems (IDS)/Intrusion Prevention Systems (IPS), and Web Application Firewalls (WAFs).●Automated and aggregated Incident and Event management processes through Security Information and Event Management (SIEM)/Security Orchestration, Automation, and Response (SOAR), eXtended Detection and Response (XDR)/Extended Mitigation and Deterrence Response (EMDR), Cloud Access Security Broker (CASB), and other deployments.
Software Security/ Application Security Architect
● Lead the design and implementation of secure architectures for web and mobile applications, ensuring compliance with industry standards and best practices.● Conduct threat modeling exercises to identify potential security threats and vulnerabilities in application designs and propose mitigation strategies.● Perform security code reviews and static analysis of application code to identify and remediate security vulnerabilities at an early stage of the development lifecycle.● Develop and maintain secure coding guidelines, standards, and best practices for developers to follow during the development process.● Collaborate with development teams to integrate security controls, such as authentication, authorization, encryption, and logging, into application designs and implementations.● Conduct security assessments and penetration tests of applications to identify vulnerabilities and assess the effectiveness of security controls.● Provide security guidance and training to development teams on secure coding practices, security vulnerabilities, and remediation techniques.● Stay abreast of emerging threats, vulnerabilities, and industry best practices in application security, and recommend improvements to security architectures and controls.
Network Specialist / Sysadmin
● Developed and maintained security controls and configurations for web application firewalls (WAFs), intrusion detection systems (IDS), and other security tools.● Participated in incident response activities, conducting forensic investigations and analyzing security incidents to identify root causes and recommend preventive measures.● Assisted in the design and implementation of security monitoring and logging solutions to detect and respond to security incidents in real-time.● Led Identity and Access Management (IAM) initiatives, implementing password policies, multi-factor authentication (MFA) , and role-based access (RBAC), while fostering a least-privilege mentality.● Developed, designed, and deployed network-wide IDS/IPS solutions, utilizing both industry-standard and custom-coded solutions.● Implemented security rules and protections, including Layer 3, 4, and 7 firewalls, access control lists, and comprehensive logging management solutions.● Orchestrated load balancing and traffic mitigation solutions, incorporating custom architecture and third-party tools to ensure uninterrupted uptime and defend against DDoS attacks.● Designed, implemented, and managed reverse multi-layered proxy solutions to obscure network architecture and location.● Developed front-end user interfaces (UIs) using React, Redux, Node.js, Sass, jQuery, AJAX, and various APIs.
Colleagues at Root Inc.
Other employees you can reach at joinroot.com. View company contacts for 881 employees →
Patrice Thompson
Colleague at Root Inc.Vineland, New Jersey, United States
View →
AW
Andrea Woosley
Colleague at Root Inc.Columbus, Ohio Metropolitan Area, United States
View →
MF
Marquita Filmore
Colleague at Root Inc.Virginia Beach, Virginia, United States
View →
NH
Natasha Hambric
Colleague at Root Inc.Dallas, Texas, United States
View →
TF
Tyree Fryar
Colleague at Root Inc.Burlington, New Jersey, United States
View →
CB
Charles Bowen
Colleague at Root Inc.Austin, Texas, United States
View →
SB
Seven Bowles
Colleague at Root Inc.Columbus, Ohio, United States
View →
NH
Neil Hoyng
Colleague at Root Inc.Columbus, Ohio, United States
View →
CL
Clara Liliana Castillo
Colleague at Root Inc.El Paso Metropolitan Area, United States
View →
DS
Drew Smith
Colleague at Root Inc.Murfreesboro, Tennessee, United States
View →
Michael Pinkerman education
Bachelor Of Applied Science - Basc, Computer Science
Diploma, General
Associate Of Arts And Sciences - Aas, Cyber/Computer Forensics And Counterterrorism
Bachelor Of Technology - Btech, Computer And Information Sciences And Support Services, 3.9
Frequently asked questions about Michael Pinkerman
Quick answers generated from the profile data available on this page.
What company does Michael Pinkerman work for?
Michael Pinkerman works for Root Inc..
What is Michael Pinkerman's role at Root Inc.?
Michael Pinkerman is listed as CISSP-ISSMP, CCSP, CISM Lead InfoSec Architect & Cloud Security Engineer | Leading Cloud Security & AppSec Initiatives at Root Inc..
Where is Michael Pinkerman based?
Michael Pinkerman is based in Hilliard, Ohio, United States while working with Root Inc..
What companies has Michael Pinkerman worked for?
Michael Pinkerman has worked for Root Inc., Illumina, Evercast, Milestone Addiction Counseling Llc, and Dark Labs.
Who are Michael Pinkerman's colleagues at Root Inc.?
Michael Pinkerman's colleagues at Root Inc. include Patrice Thompson, Andrea Woosley, Marquita Filmore, Natasha Hambric, and Tyree Fryar.
How can I contact Michael Pinkerman?
You can use AeroLeads to view verified contact signals for Michael Pinkerman at Root Inc., including work email, phone, and LinkedIn data when available.
What schools did Michael Pinkerman attend?
Michael Pinkerman holds Bachelor Of Applied Science - Basc, Computer Science from Ohio University.
Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.
Start free trialCheck these profiles if this is not the Michael Pinkerman you were looking for.
View similar profiles