I help customers manage cyber risk through a variety of services geared towards minimizing exposure and maximizing return on investment. I’m based in the Seattle area, but I work with clients across the United States and internationally. My passion is working with organizations as a trusted advisor to provide real risk reduction by identifying and remediating weaknesses in their applications, networks, and processes. This process includes threat modeling and risk analysis in addition to technical security assessments.
My peers and colleagues tell me that I possess a rare combination of advanced technical skill, business acumen, client relational skills, and leadership talent. I specialize in working with clients to determine what security services will bring the most value to their organization, then scoping, managing, and delivering these services. I also conduct security training for clients, including security awareness, secure coding, and security assessment trainings.
My greatest area of technical skill is manual assessment of web & mobile applications, including penetration testing, code review, and security architecture review. My current research focus is on the preemptive detection of computer threat agents. Security is my hobby as well as my profession; I am continually learning and investigating new concepts. I have a background in application development and use these skills to automate and streamline security assessment tasks through new utilities and engagement management systems.
I have earned a MS in information security and assurance, as well as multiple information security certifications, including CISSP, CISA, CCNA, CEH, CHFI, and G2700.
Sean T. Malone