Nathan G. Email & Phone Number

York, SC, US

London, GB

• Lead and manage delivery teams that conduct enterprise-level technical security assessments for various clients.
• Build Breach and Attack Simulation programs for clients.
• Enhance and scale traditional defensive security programs for clients against ransomware, APT, and insider threat scenarios.
• Assess IT network and security architectures as they relate to managing identities and access privileges, delegated administration models, workflow, and access control models.
• Develop client security programs by reviewing existing programs, conducting comprehensive reviews of threats, and evaluating and analyzing relevant data points.
• Recommend strategies to defend against threats such as ransomware, nation-state attacks, and insider threats.

New York, NY, US

Claroty is on a mission to secure all cyber-physical systems across industrial (OT), healthcare (IoMT),and enterprise (IoT) environments: the Extended Internet of Things (XIoT). Our platform is deployed byhundreds of organizations at thousands of sites across all seven continents. Claroty is headquarteredin New York City, with employees across the.

Santa Clara, CA, US

• Developed customized strategic and tactical action plans for large enterprise and government clients by providing in-depth recommendations on improving the effectiveness of governance, compliance, organizational.
• Facilitated workshops with executives and key stakeholders, perform interviews, document observations, and perform gap analysis identifying areas that require further development; create resource allocation plans and.
• Worked closely with the incident response business unit to conduct ransomware readiness assessments of retainer clients to determine the current security posture during an incident.
• Developed and conduct executive and technical security exercises to stress test existing processes and formulate improvement plans to enable organizations to defend against and respond to advanced threats.
• Performed customized tabletop exercises for clients meeting organizational goals for executive, management, and technical stakeholders.
• Successfully managed numerous simultaneous client engagements, delivered work products on strict deadlines, and promoted business development by exceeding client expectations for every engagement.

Mountain View, California, US

• Work to develop strategic methodologies for clients in a variety of verticals in business areas such as: o Governanceo Complianceo Organizational resourceso Data protection strategieso Management of security risko.
• Conduct workshop activities with executive and key stakeholders in order to perform gap analysis for areas of remediation within organizations.
• Work with incident response consultants and incident response retainer clients in order to determine remediation prioritization of gaps before incidents occur.
• Develop and conduct executive and technical security exercises to stress test existing processes and formulate improvement plans to enable organizations to defend against and respond to advanced threats.
• Help to develop and manage the Incident Response Preparedness service line that prepares clients for how Mandiant and clients will work together during IR situations.

London, GB

• Building management system on-site assessment and Maturity Survey for a large building services company, as well as a large healthcare services provider
• Served as technical subject matter resource for risk assessment and remediation guidance for building management systems deployment utilizing NIST framework.
• Worked closely with the client to provide risk assessment utilizing NIST controls through both technical and policy interviews involving communication with multiple operations and management levels.
• Assisted the client in performing BMS architecture reviews of various industrial automation control systems. Network architecture review, remediation guidance, and attack and pen-testing, as well as hardening.
• Served as technical subject matter resource for risk assessment and remediation guidance for network segments controlling PCI and client facing data
• Worked closely with the client to provide risk assessment through both technical and policy interviews involving communication with multiple operations and management levels.

San Ramon, California, US

• Perform site and system based security assessments for both internal GE and external clients utilizing IEC 62443 standards based approaches to industrial cyber security.
• Develop security policy and procedures for clients utilizing IEC 62443 standards and industry best practices as framework models.
• Provide staff augmentation for internal GE power and water verticals to assist with internal cyber security health checks for GE power and water run business units.
• Perform risk assessments for both internal GE verticals and external clients, including clients in oil and gas, power and water, and various renewable energy sectors.

• Perform site and system based security assessments for both internal GE and external clients utilizing IEC 62443 standards based approaches to industrial cyber security.
• Develop security policy and procedures for clients utilizing IEC 62443 standards and industry best practices as framework models.
• Provide staff augmentation for internal GE power and water verticals to assist with internal cyber security health checks for GE power and water run business units.
• Perform risk assessments for both internal GE verticals and external clients, including clients in oil and gas, power and water, and various renewable energy sectors.

St. Louis, MO, US

• Perform cyber asset inventory, classification, and logical grouping for all generation owned bulk electric system assets. This includes field time in the assigned power plants, as well as close work with system.
• Determine existing network architecture, and diagram according to NERC CIP and Duke Energy IT 502/503 standards.
• Perform scope reductions on generation bulk electric system cyber systems based upon impact to bulk electric system.
• Determine cyber and physical security needs for protection of generation based assets utilizing NERC CIP and Duke Energy IT 502/503 standards.
• Work with procurement on obtaining hardware and software assets for protection.
• Work with outage and maintenance services, physical security design firm, and power plant operations management to determine physical security needs that meet operation, safety, and compliance standards.

Charlotte, NC, US

• Responsible for determining needs of new and existing clients pertaining to security; such as adherence to compliance standards, network security hardware and software, and recommended security policies and best.
• Responsible for network and UTM appliance monitoring and management to detect and prevent network breaches.
• Responsible for performing network vulnerability assessments for clients utilizing applications in the Metasploit framework and Rapidfire tools.
• Provide reporting on vulnerability assessments and network security needs to clients with full technical breakdown for implementation, and executive summary for communicating with non-technical clients.
• Responsible for client security objectives including data loss prevention, password auditing, and proactive security functions, such as vulnerability patching and remediation.
• Responsible for implementation of Lenovo server and Cisco network infrastructure for rollout of manufacturing ERP solution for use by client with over two thousand users.

• Worked to develop comprehensive security policy standardization for client's needs, this included mobile device management application evaluation.
• Worked with the service manager to schedule on-site support and project needs for clients.
• Acted as the main point of escalation for all issues from junior support desk engineers, also act as the first point of contact for all "C" level executive clients support needs.
• Assisted the service manager with posting of billable support desk time; also assure that all engineer ticket entry is completed daily.
• Responsible for evaluation and training of new support engineers, which includes developing and maintaining training curriculum from the ground up.
• All previous duties of network engineer position are also included in this job function.

• Performed new client turn up duties which included Sonicwall firewall and Microsoft Server 2008 R2 installs with accompanying documentation for support purposes.
• Provided support and maintenance of Sonicwall network security appliances for over sixty clients.
• Managed Datto backup devices for all clients, this included bare metal recovery, off-site virtualization, and disaster recovery scenarios.
• Performed set up of new VMware ESX servers for virtualization of existing client environments, as well as conversion and support of legacy servers in a virtualized environment.
• Worked with clients on their access control requests for file and application servers, as well as content filtering and monitoring through Sonicwall network security appliances.
• Worked with end users on desktop support requests such as virus removal, email account modification, and various third party application support over the phone and on-site.

Master Of Business Administration (Mba), It Management

Master Of Science (M.S.), Computer And Information Systems Security/Information Assurance

Bachelor Of Science (B.S.), Information Technology