Stephen Marchewitz

Security Program Development Director

Experience

Stephen has been in the security and risk industry for over 13 years and in IT for over 20 years. He has assisted companies in driving change to ensure clients are successful both in receiving value from products and services as well as managing the security and compliance risks of new projects and technologies. He’s served as an outsourced Chief Information Security Officer for a dozen different companies and consulted to some of the largest companies in the world. Prior to joining TrustedSec, Stephen was the Global Risk Practice Manager in the Digital Transformation Group at Cisco, President and Advisory Practice Lead for a leading information security firm for nine years, a Management Consultant with Ernst & Young, held Technology Management and sales positions with CA and Oracle, and developed new offerings in the insurance industry as an Underwriter and Program Director with Willis Coroon/Chubb in underwriting risk. He is dedicated to helping customers implement the right solutions and services that best meet their business needs, thus allowing them to achieve new levels of success.

Education & Certifications

University of Michigan, Bachelor of Arts degree in Business Communications and Statistics; Case Western Reserve University, MBA in Management Information & Decision Systems; Stephen has also been a PCI Qualified Security Assessor and a Certified ISO 27001 Auditor.

Industry Contributions

Stephen has been quoted in such magazines as: Banking Info Security, Government IT, Wall Street Technology, Transaction World, Infosec Institute, Crains, Automation World, Modern Economics, among many others. He’s also presented at various events across the country including: ISACA, ISSA, SecureWorld, the Infosec Summit, Business of Security, the IoT World Forum, various Cisco events, and numerous webinars.

Passion for Security

Stephen’s passion is helping people. He addresses not only technical issues, but more importantly the human issues that CISO’s deem as their greatest areas of need. Stephen is counted on as an expert in risk, security, business intelligence, and decision support systems. Enterprise risk management is an area that many executives and boards are struggling with. He has assisted by giving clear direction and putting complex thoughts into layman’s terms.

Recent Blog Posts

Using Azure to Address Endpoint Hygiene Management

By Stephen Marchewitz
In Endpoint Hygiene Automation, Program Development, Remediation Assistance & Training, Security Remediation
Remote workers are set up, but endpoint management is still an issue Setting up a remote workforce during the COVID-19 pandemic presented a huge challenge, especially trying to get so much done in such a short time frame. While getting extra Zoom licenses was likely pretty easy, there are more challenging issues surrounding remote sharing...
Read

Questions after an assessment? Let TrustedSec be your guide.

By Stephen Marchewitz
In Decision Making, Remediation Assistance & Training, Security Remediation
Are you having trouble remediating your penetration test findings? It might be time to get some help from TrustedSec. After TrustedSec consultants complete security assessments, clients will often ask us to re-test the specific findings from the last test. But in many instances, those same problems exist—sometimes they are exactly the same, but other times,...
Read

Attacks on the Rise Through Office 365

By Stephen Marchewitz
In Business Risk Assessment, Incident Response, Incident Response & Forensics, Office 365 Security Assessment, Penetration Testing, Program Assessment & Compliance, Security Program Management, Security Remediation, Threat Hunting
Office 365 is the most popular line of digital services for businesses for a reason, but when it comes to cyberattacks, its ubiquity is creating challenges. If it seems like every week there’s a new headline about a large-scale hacking incident, it’s not a case of rampant fake news. According to the 2018 Symantec Internet Security...
Read
View all posts from Stephen

Recent Webinars

Answering Tough Questions on the Future of Security

Recorded on January 20, 2021. Do You Have Security Questions That Never Get Answers? A lot of research organizations are putting out predictions for security, but some don’t make much sense. TrustedSec CEO David Kennedy and Advisory Practice Lead Justin...
Watch

Improving SIEM and MSSP Performance

Recorded on Wednesday, December 9, 2020. The goal of the Security Information and Event Management (SIEM), and theSecurity Operations Center (SOC) or Managed Security Service Provider (MSSP) that manage it, is to relay actionable intelligence that enables security teams to...
Watch

Using Research to Gain Attack Intelligence

Recorded on November 4, 2020 Many penetration tests are falling short It’s becoming commonplace for penetration testers to encounter maturing products that recognize common attack patterns or post-exploitation activities. Many go-to testing tools are becoming ineffective without code modification to...
Watch
View all webinars from Stephen
Stephen Marchewitz

Want to work with Stephen Marchewitz or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us