Steve Winterfeld Email & Phone Number

Denver, CO, US

Cambridge, MA, US

Help CISO’s solve their most pressing issues as well as provide insights as the voice of our customers to determine our security capability roadmap. Support Akamai’s dedication to moving toward a true integrated zero trust architecture. Additionally, provide thought leadership as the cybersecurity industry transitions to DevOps and combatting online.

Westlake, Texas, US

• Assigned to rebuild multiple programs to include:
• Incident Response - Took over team and quickly standardized process, documentation and validated them through series of exercises. Transitioned portfolio from having audit issues to a corporate strength.
• Threat Intelligence - Built team, developed mission / vision, established processes for analysis / reporting and produced reports. Rapidly optimized tools and integrated automated indictors of compromise into altering.
• Forensics - Hired team, developed standards and documented processes that meet industry standards/regulation requirements. Rapidly optimized infrastructure and leveraged automation for commonly requested investigations.
• Insider Threat and Resiliency – Developed business case while building the team and developing budget. Established framework, indicators of compromise, use cases and technical controls to implement the program. Working.
• Red Team / Penetration Testing - Took over function, hired team, developed Rules of Engagement (ROE) and standard operating procedures (SOPs). Quickly developed schedule and leveraged external vendors to complete.

Seattle, Washington, US

• Developed the cybersecurity mission/vision. Ensured customer trust and experience (internal and external) met Nordstrom business strategy expectations. Owner for security technology controls. Managed the budget and.
• Led cross functional team of over 40 across Architecture and Engineering, Incident Response, Threat Intelligence program and DevSecOps.
• Drove team to focus on continuous improvement based on metrics, customer satisfaction based on feedback and planning based on people, technology and processes. End state was infrastructure that is effective, efficient.
• Developed logging strategy build incident response team into SOC with central SIEM.
• Provided vision for security framework based on corporate business strategy that met both compliance requirements and leadership understanding of cyber risks.
• Worked closely with subsidiaries, privacy, human resources, fraud, physical security and general counsel to ensure that information security support met their needs.

Seattle, Washington, US

• Brought on to build a program and transform the technology security organization into a risk management program designed to detect internal and external unauthorized / malicious activities. Responsible for the.
• Reported to the Bank’s Board of Directors and senior management to ensure they understood and accepted any security control issues and overall cyber risk.
• Participated in the selection and contract negotiations for sale of over $2 billion in receivables (credit card debt) to TD bank. Managed relationship of TD InfoSec team to ensure all deliverables were successfully.
• Managed the Bank’s Information Security program for PCI, SOC II and FFIEC/OCC Cyber Assessment Tool (CAT) program. Passed OCC review with no findings.
• Led the Business Continuity Program and acted as business driver for Disaster Recovery.
• As the Information Security Officer for Nordstrom bank, developed an InfoSec Risk Register to provide risk framework to the senior leadership.

Chantilly, VA, US

Managed all technical aspects of the Cyber Center of Excellence and responsible for working across company functional areas to create IT Security go-to-market solutions and products. Led Vulnerability Assessment / Penetration Testing (VAPT) Team. Advisor to General Counsel for Cyber impact assessments. Responded to press requests for security related.

Chantilly, VA, US

Responsible for over $500M in revenue supporting leadership goals through building qualified pipeline, supporting captures, facilitating collaboration, thought leadership and customer engagement. Lead for technical product evaluation and capabilities assessment against TASC revenue model and long range strategy.

• Co-Author of “Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners” 2nd Edition
• Co-Author of “The Basics of Cyber Warfare: Understanding the Fundamentals of Cyber Warfare in Theory and Practice”
• Executive Editor for book “Cyber Fraud: Tactics, Techniques and Procedures”
• Acquisition Editor for book “Cyber Security Essentials”
• Lead for white paper “Understanding Today’s Cyber Challenges"

Arlington, Virginia, US

Commissioned Army Officer across multiple active duty and reserve assignments until retirement as Lieutenant Colonel. Key assignments include Airborne Ranger in Infantry, Electronic Warfare Company Commander in Military Intelligence and Signal Brigade Battalion Executive Officer (XO) and Command and General Staff College Instructor.

• Responsible for tracking emerging trends and regulations, mentored the technical staff, supported growth through customer engagements as well as writing white papers on innovation, integrated the business and.
• Developed and supervised the operating unit technical support strategy to build lines of business in adjacent customer markets. This investment methodology was later adopted by business development community to.
• Crisis Action Program Manager for recovery effort for Security Manager for County of San Diego IT Contract. Turned the customer relationship and program performance around and rapidly transformed contract from a.
• Infosec Section Manager for operating unit. Led several projects in platform assurance, vulnerability assessment and penetration testing (VAPT) for various federal government agencies and customers, senior instructor.

• Performed as Technical Lead for 18 cyber technicians running a 24x7 Incident Response function with no SLA failures or network compromises during my tenure. Responsible for building operational program integrated with.
• Took over “at risk” project behind schedule and projected to require another 18 months and executed a turnaround strategy that delivered operational capability in 3 months.
• Directed Intelligence Section rated as one of the top in the Army for tracking Advanced Persistent Threat through use of custom tools and methodology analysis. Received the TASC Customer Excellence Award based on.

Cybersecurity Management Certification

Credit Card Industry Security Cert, Finance

It Security Certification

Bachelor Of Arts (Ba) Technical Journalism - Public Relations

Itil Foundation, It Service Management

Pmp Cert, Project Management

Certification

Giac Security Essentials Certification (Gsec), Information Assurance (Ia) Practitioner Certification

Master Of Science (Ms) Computer Information Systems

Innovation For Growth: Strategies And Best Practices