He has provided a variety of security and risk services to various clients in the: Utilities, Energy, Healthcare, Entertainment, Manufacturing, Technology, Pharmaceutical, and Financial industries and has experience assessing the full spectrum of both Information Technology (IT) and Operational Technology (OT) security risks. In addition to cybersecurity assessments, Zack has spent time assisting various organizations in standing up threat and vulnerability management programs. He assisted in implementing security event scanning/monitoring programs, breach incident response and patch management programs; identified further risks to vulnerability management and provided recommendations to shorten the vulnerability lifecycle.
He has focused his recent efforts on performing security maturity assessments as well as regulatory compliance based assessments. He is well versed in applicable federal and commercial information technology controls guidance, audit and testing methodologies, and regulations and directives such as: NIST, FedRAMP, DIACAP, ISO, NERC CIP, NEI 08-09.