Michael Orticari
Details
Business Information Technology
Virginia Polytechnic Institute and State University - Pamplin College of Business
B.S., Management
Virginia Polytechnic Institute and State University - Pamplin College of Business
In his role, Michael performs and manages cybersecurity services encompassing :
- Risk Metrics
- Security Program, Policy, and Standard Development
- Security and Risk Assessment
- Enterprise Security Architecture and Change Management
- FedRAMP Cloud Service Security Documentation Development and Assessment
- Vulnerability Management
- Role-Based Training
2014 : Present
Tungsten Security, LLC
Managing Director
2015 :
B&M Consulting Group, Inc.
Cybersecurity Director
As a Manager in PwC's IT Security, Privacy, & Risk practice, Michael focused on providing cybersecurity and IT services to federal and commercial clients. Michael performed and managed consulting services encompassing :
- Executive Briefings and Training (For Federal Agencies and Internally within PwC)
- Governance, Risk, and Compliance for Federal Clients
- Incident Response for Financial and Federal Clients
- Security Architecture Design for Federal Agencies
- Security Assessment Methodology Development for Database Servers and Web Applications
- Security and Risk Assessments for Federal and Aerospace & Defense Clients
- Vulnerability Management for DoD Systems
- Web Application and Database Development for Federal and Financial Clients
Michael managed and contributed to the development of IT Security solutions targeted towards federal clients. He led successful client portfolio capture and business development activities for IT security services.
Michael led the PwC US Database Security Core Team, which is responsible for developing and maintaining security assessment methodologies; developing thought leadership; selecting, overseeing, and supporting the use of database security assessment tools; and providing critical support to database security training for security practitioners. Michael developed whitepapers and database security attacks and auditing. He presented and demonstrated Oracle database security attacks to the global PwC Attack and Penetration Testing Team and practitioners. In this role, Michael managed and contributed to database security projects including
- Developing and maintaining of PwC security assessment methodology and tools
- Developing, maintaining, and delivering of security training to security assessors
- Creating database security thought leadership, including whitepapers
- Selecting vendor tools, supporting use of available tools for practitioners, and managing vendor relationships
2005 : 2014
PricewaterhouseCoopers
Manager
Skills
Application Security, CISSP, COBIT, Computer Forensics, Computer Security, Consulting, Enterprise Risk Management, Governance, Identity Management, Incident Response, Information Security, Information Security Management, Information Technology, ISO 27001, IT Audit, IT Risk Management, IT Strategy, Malware Analysis, Management, PCI DSS, Penetration Testing, Risk Management, Security, Security Architecture Design, Security Audits, Security Awareness, Vulnerability Assessment, Vulnerability Management, Web Application Security
About
Michael is a security leader who assists public sector and commercial clients to overcome cybersecurity challenges.
He has performed and managed cybersecurity services, including enterprise security architecture, enterprise risk management, security program development, security assessments, and training. Michael has worked with civilian and defense public sector government organizations, and Fortune 500 companies.
Michael is a trusted advisor to his clients and has a successful track record of helping them to identify, understand and minimize cybersecurity risk. He routinely trains public sector professionals, from system administrators to executives, on emerging threats, governance, risk management, and ways to improve security.
Profile Photo
