Chris Romeo

Chris Romeo Email and Phone Number

Vice President, Devici @ Security Compass
Fuquay Varina, NC, US
Chris Romeo's Location
Fuquay-Varina, North Carolina, United States, United States
Chris Romeo's Contact Details

Chris Romeo personal email

n/a
About Chris Romeo

I am a lifelong cybersecurity professional focusing on application security and threat modeling. I've held many roles, from trusted product evaluator, senior security consultant, penetration tester, Director of Incident Response, Chief Security Advocate at Cisco, and startup CEO at Security Journey. I led Security Journey to an exit in 2022. In my next chapter, I'm CEO of Devici and General Partner at Kerr Ventures. At Kerr Ventures, I focus on startup investing/advising and consulting.I got into security by accident. After graduating from university, I attended a job fair to meet with a government contractor. I saw a guy sitting in a room off the hall, typing on a laptop and talking to nobody. I thought, “This line will be here when I return.” I struck up a conversation, and I met Arca Systems.Arca was looking for a system administrator, and I began the interview process. After some follow-on interviews, I was offered the job. I had no idea what a “security” company did, but there I was.The next few years were incredible, as I became a security engineer. I stood on the shoulders of giants in the industry, learning from folks who, at that time, had lifelong security experience in the government. They taught me the true meaning of threats and how threats manifest in different pieces of a system.My next stop was Cisco, where I led Cisco's Common Criteria and FIPS 140 certifications. After five years, I moved to focus on internal security through Cisco's Secure Development Lifecycle (CSDL). My first task was to bring threat modeling to engineering. I dove deep into threat modeling, grasping how to perform it at scale. I then led Cisco’s security belt program (Cisco Security Ninja). I held the title of Chief Security Advocate at Cisco, spreading security culture to all corners of the globe through security conferences, leading the Security Champions, and empowering engineers to shift security left in all products.After a few years, I left Cisco to start Security Journey. I built a product that teaches developers and product-adjacent people the foundational, intermediate, and advanced facets of application security. I led Security Journey to an exit in 2022, having been bootstrapped from day one.I enjoy sharing my knowledge on the conference scene, having been featured at RSA Conference, OWASP Global AppSec, ISC2 Security Congress, InfoSec World, DefCon's AppSec Village, and All Day DevOps. I host the award-winning Application Security Podcast and the Security Table Podcast. I hold the CISSP and CSSLP certifications.

Chris Romeo's Current Company Details
Security Compass

Security Compass

View
Vice President, Devici
Fuquay Varina, NC, US
Website:
securitycompass.com
Employees:
270
Chris Romeo Work Experience Details
  • Security Compass
    Vice President, Devici
    Security Compass
    Fuquay Varina, Nc, Us
    View
  • Devici
    Chief Executive Officer And Co-Founder
    Devici Mar 2023 - Present
    Fuquay-Varina, North Carolina, Us
    At Devici, we're not just a threat modeling tool but a movement that embraces the craftsmanship required for secure software development. Our name draws inspiration from the genius of Leonardo Da Vinci, who saw the intricate connections between art and science, much like our approach to crafting secure and private software. Just as Da Vinci meticulously studied anatomy, engineering, and more to improve his art, we empower developers and engineers to delve deep into the design of their software, uncovering potential security and privacy threats. We help implement secure by design foundations.Like Da Vinci's belief in sight as the ultimate sense, developers see beyond the surface, viewing every design decision as an opportunity for security. We share Da Vinci's ethos of "knowing how to see" and apply it to threat modeling – anticipating and mitigating vulnerabilities before they surface. It's the embodiment of Secure by Design. Our mission is to guide and inspire development teams, arming them with the insights and tools to craft software that stands firm against threats. This is more than just code; it's artistry in security. This is Devici.
    View
  • Kerr Ventures
    Managing General Partner
    Kerr Ventures Dec 2022 - Present
    We provide experienced application security guidance and invest in game-changing cybersecurity startups. Kerr Ventures is based on the wisdom, knowledge, and experience Chris and Deb Romeo gained, starting Security Journey in 2016 and leading the company to a successful exit in 2022. Chris and Deb are passionate about growing entrepreneurs and companies by offering advice and investing in new ideas.Kerr Ventures exists for four primary reasons. First, education. We provide free resources via podcasts, webinars, and newsletters. Second, investment. We provide money, expertise, and advice at every step of the founder's journey. Third, incubation. We bring our wisdom and experience to every company we work with. Fourth, consulting. We can help your company improve your application security — at any scale.
    View
  • Security Journey
    Board Member
    Security Journey Dec 2015 - Present
    Pittsburgh, Pennsylvania, Us
    View
  • Security Journey
    Ceo And Co-Founder
    Security Journey Dec 2015 - Dec 2022
    Pittsburgh, Pennsylvania, Us
    Security Journey is a security education startup building sustainable security culture for our clients. We guide our clients – many in tech, healthcare, and finance – to squashing vulnerabilities before they impact customers. We promote security awareness organization-wide with learning that is engaging, motivating, hands-on, and fun. In short, we provide security training developers, testers, and managers want to consume.Our cloud-based platform instructs in the lessons of application and product security, provides immersive, hands-on activities, measures the growth of each student and the entire organization, rewards student achievements, and transforms an organization's security culture.
    View
  • Jurassic Capital
    Operating Advisor
    Jurassic Capital Nov 2022 - Present
    Durham, Nc, Us
    View
  • Appsec Phoenix
    Advisor And Investor
    Appsec Phoenix Aug 2022 - Present
    London, England, Gb
    View
  • Application Security Podcast
    Co Host
    Application Security Podcast Sep 2016 - Present
  • Cisco Systems
    Chief Security Advocate And Ninja
    Cisco Systems Jul 2010 - Dec 2015
    San Jose, Ca, Us
    As the Chief Security Advocate & Ninja for the Cisco Secure Development Lifecycle, Chris was the creator of the Cisco Security Ninja program, an internal product security awareness and training program. The program teaches the disciplines of secure product development for all levels of the organization.* Cisco Security Ninja program -- over thirty thousand Cisco employees and contractors trained since December 2012; Oversees the creation of module content (100 modules to date); Host / star / and produce one hundred hours of secure product development content, including security metaphors (creative and fun spoofs and jokes that capture the attention of the participants and keep them engaged)* Executive responsible for the Security Advocate program; a virtual, cross-functional team of security enthusiasts from across the engineering organization at Cisco* Deploy and execute internal security conferences for Cisco sites around the globe: Bangalore, Shanghai, London; and across the United States: San Jose, Austin, Boston, Atlanta, and Raleigh* Speaker at internal and external conferences and also contributor to Cisco Security external blog* Liaison to San Jose State University in the creation of a Cyber Security Masters Degree program tailored for Cisco* Was lead for Threat Modeling SDL element and acted as the primary interface across the engineering organization at Cisco to evangelize the adoption of threat modeling
    View
  • Cisco Systems
    Manager, Security Assurance -- Common Criteria & Fips 140
    Cisco Systems Aug 2004 - Jul 2010
    San Jose, Ca, Us
    Customer advocate for Common Criteria & FIPS 140 concerns or problems, collaboration with the global sales force to advise on the status of certification programs and strategize new programs. Established relationships with product managers / engineering teams / BUs and helped them understand certification process and requirements. Managed vendor relationships with certification test labs, including adherence to program schedule and financial management of budget / statements of work on a per program basis* Public face of certifications at Cisco, participated in the Common Criteria Users Forum and the ICSA certification vendor consortiums* Design, setup, and administer security certification pre-testing lab* Presented certification status and challenges to executives* Analyzed and created metrics for US Federal Sales certified revenue, maintaining a 75% or higher result each fiscal quarter* Created the Cisco Policy on Source Code Review for Global Governments
    View
  • Lockheed Martin
    Risk Analyst
    Lockheed Martin Feb 2004 - Aug 2004
    Bethesda, Md, Us
    Performed qualitative risk assessments of outsourced and new systems. Acted as a security evangelist, ensuring that security was given the proper focus on projects. Coordinated vulnerability scan and penetration test efforts for programs. Coordinated with the Information Security governance organization concerning acceptable solutions that meet corporate defined information protection standards. Focused on issues related to software security and assurance.
    View
  • Cable & Wireless
    Security Operations Center (Soc) Manager
    Cable & Wireless Nov 2002 - Feb 2004
    London, England, Gb
    Managed the day-to-day operations of 30 information security professionals who administer and monitor over 1,000 firewalls and Intrusion Detection Systems, many for Fortune 100 customers. Proactively developed technological solutions to improve managed security services delivered to customers. Maintained and created operational policies and procedures* Created the plan and concept of operations (CONOPS) for the Global Managed Security Operations Center (SOC). The CONOPS paved the way for the integration between two disparate groups (Firewall Administrators and Intrusion Analysts)* Provided expertise as Subject Matter Expert (SME) advisor to a product development team on technical issues concerning security Event Correlation* Contributing architect in the creation of a solution for the Managed Security Services business, including the development of a new customer-facing cyber threat reporting system which includes a new enterprise database schema
    View
  • Exodus Communications
    Acting Director Of Incident Response
    Exodus Communications Dec 2000 - Nov 2002
    Us
    Supervised a global team of 12 security engineers on three continents. Conducted business development and sales engineering support with account executives and customers to demonstrate the capabilities and knowledge of the Incident Response Team. Acted as a Primary Investigator of major cybercrime cases with overall responsibility for case/consulting engagement to customers. * Served as system architect and lead developer for an event correlation system receiving data from firewalls, network- and host-based intrusion detection devices and other mission-critical servers* Designed and led the implementation of a new business process that boosted customer satisfaction and retained customers during difficult economic times by providing reports that summarized a customer’s monthly security events and provided charts and graphs for Executive Management review, demonstrating the value of Managed Security Services* Led the largest cybercrime investigation handled by the company that spanned over 100 separate compromised computers used by multiple hacker groups. This investigation required detailed forensic analysis and a record of hundreds of separate events that all tied together concerning the compromise of one customer.* Directed efforts and investigated a DNS based Distributed Denial of Service (DDoS) attack against a major ISP’s DNS infrastructure.* Interviewed numerous times for preeminent industry publications, including Network World, e- Week and ComputerWorld.* Investigated numerous web site defacements, DDoS attacks, and hacker intrusions. Provided response and consulting on the Code Red, Nimda and SQL Slammer worms.
    View
  • Exodus Communications
    Senior Staff Security Consultant
    Exodus Communications Apr 1998 - Dec 2000
    Us
    Led and contributed to the successful completion of various tasks as an Information Security consultant to clients in the financial, health and retail sectors. Performed penetration testing, vulnerability scanning, security architecture reviews and security policy development for customers.* Discovered a major flaw in a customer’s online stock trading application that allowed an attacker to take over the session of a legitimate user and act as that user. This finding saved the customer the embarrassment of a security incident during their initial deployment.* Performed multiple reviews of an online benefits application for a billion dollar healthcare company.*Analyzed the security architecture and made recommendations, performed external and internal vulnerability scans and performed penetration testing of both the host/network and the application. * Designed a secure, high performance network for a premier travel and rental services firm, utilizing load-balanced firewall configurations. The design resulted in the customer having a superior architecture that provided them additional growth while focusing on security.* Star Award recipient in 2000, for contributions made above and beyond the call of duty
    View
  • Arca Systems
    Security Engineer & System Administrator
    Arca Systems Apr 1997 - Apr 1998
    Provided system administration services, designed and oversaw the Virtual Private Network (VPN).* President Award, for outstanding achievement and work ethic, 1998.* Contributed to the successful trusted product evaluation of the IBM RS/6000 Distributed System at security level C2. Focused on memory management, hardware and product testing. Defended security analysis before an NSA Technical Review Board.

Chris Romeo Skills

Security Computer Security Information Security Network Security Cisco Technologies Vulnerability Assessment Cissp Network Architecture Firewalls Cloud Computing Penetration Testing Tcp/ip Application Security Security Architecture Design Cisco Ios Data Security Routing Vpn Incident Response Security Audits Information Assurance Cisco Systems Products Common Criteria Web Application Security Vulnerability Management Cloud Security Secure Development Lifecycle Ids Ipsec Computer Forensics Internet Protocol Suite Virtual Private Network Threat Modeling Java Product Security Cryptography Fips 140 2 Product Certification Secure Communications Identity Management Wireless Security Dlp Supply Chain Security Ethical Hacking Ceh Pci Dss Theology Teaching The Bible Hapkido

Chris Romeo Education Details

  • Saginaw Valley State University
    Saginaw Valley State University
    Computer Information Systems
  • Shepherds Theological Seminary
    Shepherds Theological Seminary
    Christian Ministry

Frequently Asked Questions about Chris Romeo

What company does Chris Romeo work for?

Chris Romeo works for Security Compass

What is Chris Romeo's role at the current company?

Chris Romeo's current role is Vice President, Devici.

What is Chris Romeo's email address?

Chris Romeo's email address is ch****@****ney.com

What schools did Chris Romeo attend?

Chris Romeo attended Saginaw Valley State University, Shepherds Theological Seminary.

What skills is Chris Romeo known for?

Chris Romeo has skills like Security, Computer Security, Information Security, Network Security, Cisco Technologies, Vulnerability Assessment, Cissp, Network Architecture, Firewalls, Cloud Computing, Penetration Testing, Tcp/ip.

Who are Chris Romeo's colleagues?

Chris Romeo's colleagues are Hari Hara Kumar Nakshatrala, Min Zhang, Maia Kanceljak, Jeff Iantomasi, Brian Sawa, Anderson O., Jahnvi B..

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.