GUY DENTON, CISSP, CISM, CRISC, ICEH, QC

919-***-**** ad3245@r.postjobfree.com Raleigh, NC 27615

As a recognized industry leader in cyber security, he has more than 20 years of expertise leading advanced penetration testing, WAF operations, EDR forensics, and security people manager roles in the financial, healthcare, retail, and security consulting industries. This has included roles as VP, and director roles in the establishment and managing of global security teams, all of which have resulted in a considerable reduction in cyber security threats. He has made significant contributions to the disciplines of security, garnering him over eight security patents along the way. Some of his key skills include deep level technical security skills, managing security teams, developing offerings, security architecture, security operations, penetration testing development, financial management, security sales, program creation and process improvement.

EXPERIENCE

HEAD CYBER. COMPLIANCE POINT 2021 -- 2024

As head of the cyber team, he covers vulnerability testing, penetration, cyber forensics, security architecture development and compliance validation for Compliance Point. This includes:

• Developed AWS S3, Azure cloud, and local testing deployments and security architectures for security scanning and penetration testing based on Kali, Ubuntu using Qualys, Windows, Kali, Ubuntu, Nessus, Nexpose, Dradis, Plextrac, Attackforge, and Burp Suite

• Undertook complex network penetration testing initiatives for multiple customers internally, externally, and on web applications and web API instances on cloud and physical network entities using the testing infrastructure he developed

• Undertaking red teaming of a customer using a combination of phishing, and lateral movement testing to test the customer's blue team operations SIEM alerting process.

• Undertook the forensics attack identification, forensics tracking, and mitigating of cyber-attacks from a confidential international government-sponsored hacker source upon state entities, working with an external three-letter agency involving usage of tools such as Unix Syslog, Microsoft Log integration, WAF analysis and Carbon Black EDR into Red Canary MDR

• Managed Cyber Vulnerability technical sales, including developing and penetration scoping and sales model for Compliance Point

• People manager for the cyber security operations forensics and monitoring and penetration teams

• Updated the penetration testing methods to cater for PCI DSS 4.0

• Cloud Assessment and FedRAMP-focused testing in Cloud Security instances

• Cyber people and performance management, financial management, utilization management, and KRI metric tracking

• Operations support for two customers teams identifying and mitigating attacks flagged in IDS sensors, email attachments and Alien Vault WAF alerts.

• Identified and hired new members for the teams.

• Mentored and skills development of his t teams.

• Developing and tracking security metrics across the teams VP/DIRECTOR CYBER SECURITY PROGRAMS TORONTO-DOMINION BANK 2014–2021 Hands-on expertise in security architectures, technical deployment, and managing security teams while serving as VP/Director/VCISO delegate. The following are some of his accomplishments:

• Managing a team, in which he developed and architected the rollout and architecture of TD’s Palo Alto Firewall, Symantec DLP and email content analysis, and Crowdstrike Falcon EDR ATP programs, requiring hands-on skills and Cloud AWS integration.

• Designed and implemented a Multi Factor access program and teams for all network devices across the Bank based on radius, Cisco ISE and TACACS+, including policies and procedures Guy Denton ~ Resume

• Architected and completed a security zero trust program based on Global Protect, working with the business to set risk commitments, mitigation, and remediation timelines, reviewing, and balancing the programs business-as-usual commitments with short-term/immediate priorities and long-term strategic initiatives, reducing effective cyber risks by 40% using tools such as Crowdstrike Falcon EDR ATP, Symantec DLP for outbound data loss prevention control, Palo Alto Global Protect zero trust clients based on AWS and Splunk SIEM

• Managed a team and Developed Crowd Strike deployment linked to Amazon AWS to manage risk-based on behavior analysis; deployed on base of 100K+ end points and service and linked into Banks SIEM environment allowing rapid identification of threats.

• Implemented a program to assess the bank as required by both SWIFT and the FFIEC within the banks IT security environment.

• He managed and developed the banks penetration and new red team program. Trained security practitioners on penetration and red team testing, as well as identified and hired new staff. Conducted security vulnerability and testing programs of the bank’s targeted systems based on the MITRE attack framework.

• Designed and oversaw the Bank's testing program, including the creation of a high-performing assurance execution team and a governance role for vulnerability mitigation because of the tests. Based on NIST CSF and ISO 27001 controls from the FFIEC

• TD Bank’s Swift Program owner and VCISO Swift delegate. In this VCISO role, he managed multiple security teams and architecture programs including communications with other C level senior executives across multiple Banks, external regulators, consultants, and project managers. This included performance management, financial management and KRI metric tracking.

•

SECURITY DIRECTOR PROTIVITI 2011–2014

As director at Protiviti, he worked as a VCISO security executive for customers. The following are some of his accomplishments:

• Managed, designed, and implemented a program to deploy 200+ Palo Alto WAF Firewalls and SIEM alerting systems globally, implementing WAF rules resulting in increased threat awareness and IDS/IPS protection capabilities as well as 30% cost savings for a worldwide banking customer.

• Architected and oversaw the implementation of a penetration testing program at a financial institution.

• Architected and oversaw the implementation of a Cisco managed threat program

• Developed a security risk management program at a major telecommunication company

• Undertook security penetration testing of a multi-national telecommunications company

• PCI QSA and PCI DSS certified

• Developed Application security architecture of a multi-national telecommunications company GLOBAL SECURITY EXECUTIVE IBM 2009–2011

Managed a Global leadership assignment to drive and manage IBM technical security staff globally. The following are some of his accomplishments:

• Managed and trained global penetration teams

• Lead executive of security assessments, and security forensics projects

• Presented talks at security events on penetration testing and red teaming

• Presented to Southern African defense force leaders and European government entities on penetration testing and defense techniques

• IBM PCI DSS leader

• IBM OASIS leader

• Program development and security sales. Managed profitability, SOW scoping resourcing and delivery

• Security leader and security executive to drive security services growth globally

• Provide key contributions in thought leadership efforts through writing and speaking engagements, awarded multiple security patents, and speaking at multiple external engagements

• Developed standardized test methodology for global penetration testing, trained global teams Guy Denton ~ Resume

MANAGING EXECUTIVE CONSULTANT IBM 2003–2009

Managed security services delivery across complex engagements globally. The following are some of his accomplishments:

• Developed security sales, driving revenue and team management across multiple customers. Managed security budgets, ensuring accurate financial tracking and forecasting budget spends.

• Managed direct security teams of 30 local and a global team of 100+ penetration testing staff

• Developed, trained and led the IBM worldwide red team and penetration testing group and programs

• Managed profitability, SOW scoping and resourcing

• Identified new opportunities to grow the engagement and lead new business opportunities

• Provide key contributions in thought leadership efforts through writing and speaking engagements, awarded multiple security patents, and speaking at multiple external engagements

• Undertook red team attacks on nuclear plants, including developing tools for an attack on a proprietary protocol network

• Trained Danish Police on security penetration testing

• Worked with a three-letter agency and space program for security penetration testing of restricted space program initiatives

• Worked with advanced security penetration testing of an international nuclear power plant program GRADUATE EDUCATION

University of the Witwatersrand : B.Sc. in Engineering CERTIFICATIONS

• Certified Information Systems Security Professional (CISSP)

• Certified in Risk and Information Systems Control (CRISC)

• Certified Information Security Manager (CISM)

• Certified Ethical Hacker - IBM (ICEH)

• Qualys Guard Certified (QC)

PATENTS

1. AUTONOMIC SELF-HEALING NETWORK:U.S. Patents 8407240 END820040393 Issued March 26, 2013 2. PAP - POWER ADDRESSABLE PROTOCOL OVER WIRELESS : United States Patent Application END820040400 3. 802.1X AGENT BASED AUTHENTICATION BASED ON REQUIRED SOFTWARE PATCHES AND SOFTWARE INSTALLED : United States Patent Application END820040098 4. SYSTEM AND METHOD FOR CONTROLLING SECURITY OF A REMOTE NETWORK POWER DEVICE : United States Patent Application END920050017CN1

5. METHOD, SYSTEM AND PROGRAM PRODUCT FOR DETECTING INTRUSION OF A WIRELESS NETWORK : United States Patent 8539580, 200******** Issued December 25, 2003 September 17, 2013 6. DETECTION OF INTRUSION IN A WIRELESS NETWORK : United States Patents 201********, 201********, 9143521 Issued November 14, 2013, September 22, 2015, January 10, 2017 7. CHARACTERIZING COMPUTER ATTACKERS : United States Patent 7954158 Issued March 31, 2011 8. METHOD, SYSTEM, AND PROGRAM PRODUCT FOR CHARACTERIZING COMPUTER ATTACKERS : United States Patents 200******** Issued June 19, 2008

TECHNICAL SKILLS

1. Penetration testing tools such as Metasploit, Impacket, Responder, SQLMap, Nessus and Nmap 2. Network Security scanning tools such as Nmap, Nessus, Qualys and Nexpose 3. Security reporting writing tools such as Dradis, Plextrac and Attackforge 4. Applicating testing tools such as Burp Suite, OWASP ZAP and Postman 5. Red team testing tools - Cobalt Strike, SET, PowerShell Empire, Covenant C2 and Bloodhound 6. Crowdstrike Falcon EDR and Carbon Black EDR

Guy Denton ~ Resume

7. Red Canary MDR Forensics

8. Palo Alto Panorama, Palo Alto firewall and Palo Alto zero trust clients 9. Dark web forensics tools

10. Symantec DLP

11. Splunk SIEM

12. Windows Log and Syslog

13. Radius and TACACS+

14. PCI DSS

15. Email SPF, DMARC and DKIM

16. Kali, Linux, Ubuntu and similar

17. Client platforms, Microsoft Windows – multiple, AIX, OSX, Kerberos 18. Bash, Perl, PowerShell, and Python scripting tools 19. Amazon AWS, S3 and Microsoft Azure, Vultr and Google Cloud skills 20. Standards such as FedRAMP, OASIS, Swift CSP, NIST CSF, BS7799 and ISO 27001 21. Multiple performance metric and sales measuring tools

Contact this candidate