Profiles search

Dan Steele

Information Security Professional | CMMC Registered Practitioner (RP) | GRC | Physical Penetration Testing
Pittsburgh, PA, United States

Details

Education: Information Technology

Network Security & Computer Forensics

Pittsburgh Technical College

2019 : 2020



General Studies

Community College of Allegheny County

2015 : 2018
Experience: Governance, Risk, and Compliance consultant focused on CMMC, ISO 27001, data security practices, and physical penetration testing.

2022 : Present

ivision

Information Security Consultant

Compliance, Penetration Testing, Microsoft 365 Security & Compliance administration.

2020 : 2022

Ethical Intruder

Cyber Security Specialist

Compliance & Penetration Testing

2020 : 2020

Plus Consulting

Security Analyst Intern

Help desk and general IT support

2019 : 2020

Matrix Service Company

Contracted IT Technician

Sales role involving asset management

2017 : 2018

Aflac

Special Projects Coordinator
Company: ivision
Years of Experience: 5

Skills

CMMC, Consulting, Customer Service, Cybersecurity, Governance, Risk Management, and Compliance (GRC), HIPAA, ISO 27001, Leadership, Linux, Marketing Strategy, Microsoft 365, Network Administration, Networking, Network Security, NIST, NIST 800-171, Office 365 Administration, Operating Systems, Organization Skills, Payment Card Industry Data Security Standard (PCI DSS), Penetration Testing, Problem Solving, Public Speaking, Report Writing, Sales, Time Management, Troubleshooting

About

Experienced information security professional located in the city of Pittsburgh, Pennsylvania. Consulting experience has included governance, risk, and compliance (GRC) engagements, incident response procedures and tabletop exercises, penetration testing and physical penetration testing.



Fluent in a series of compliance frameworks, NIST SP 800-171, CMMC(2.0), and ISO 27001 series are namely the frameworks I have the most experience in. From policy creation, to readiness assessments for upcoming audits, and the successful implementation of information security controls, no organization is too complex for a successful GRC program implementation.



Performing physical security assessments and penetration testing to ensure that your organization is secure from an individual stealing your data or devices in the office. Organizational physical security controls will be put to the test against a series of physical penetration testing processes and social engineering tactics. I have a proven track-record of discovering gaps and exploiting social engineering tactics to uncover the protected health information (PHI), personally identifable information (PII), and related critical data that is physically retained within your organization.