Post Job Free
Sign in

Security Engineer Information

Location:
Kent, OH, 44240
Posted:
July 28, 2025

Contact this candidate

Resume:

/

/

MICHAEL PINKERMAN

CISSP-ISSMP, CCSP, CISM PRINCIPAL

INFOSEC ARCHITECT APPSEC & CLOUD

SECURITY DEVSECOPS LEADER RISK

MANAGEMENT & COMPLIANCE EXPERT

EDUCATION

Pickerington High School North 01/2004 - 12/2008

Diploma, General

Ohio University 07/2008 - 04/2013

Bachelor of Applied Science - BASC, Computer Science GPA 3.8 4.0

Columbus State Community College 01/2016 - 05/2018 Associate of Arts and Sciences - AAS, Cyber/Computer Forensics and Counterterrorism

GPA 4.0 4.0

EXPERIENCE

NiSource 06/2025 - Present

Sr Cloud Security Engineer & Architect

Highlight your accomplishments, using numbers if possible. Illumina 07/2022 - 05/2025

Sr. Staff Information Security Engineer VP of Security Engineering Led a team of security engineers ensuring successful project execution with technical expertise, managing budgetary plans/proposals, and mentorship of engineers.

Tasked with being "#2" under VP of Security Engineering and was primary point of contact for all communication, KPIs, reporting, and proposals to MGMT

& Executive leadership.

Oversaw the creation & leadership of cross-functional teams for engineering collaboration across Devs, IT, NetOps, DevOps, and SecDevOps areas. Decreased vulnerabilities by 40% across cloud, containers, and CI/CD infrastructure via automation of security testing, integration of SAST, DAST, and SCA tools; alongside agile triage & auto-remediation workflows. Reduced operational costs by $500,000 through my 'Optimized Secure Architecture' proposals; which refined 'right-sizing' strategies, optimized & automated Infrastructure as Code (IaC), and aligned with AWS Well- Architected Framework for secure baselines & best practices. Managed security for over 2,000,000 cloud hosts & containers, ensuring a robust security posture across all infrastructure with Wiz & CrowdStrike CNAPP & CSPM solutions.

Achieved a 33% increase in accurate threat detection by implementing advanced SIEM, SOAR, CIEM, CDR, and CNAPP solutions. Owned and oversaw security solutions such as CrowdStrike, Wiz, Cortex/Prisma Cloud, Rapid7, Qualys, Palo Alto Firewalls, Fortinet, Recorded Future, and more.

Secured corporate networks from advanced threats by upgrading threat detection systems alongside deployment of SASE, CASB, DLP, XDR, NGFW. CONTACTS

614-***-****

****.**********@*****.***

https://www.linkedin.com/in/mike

pinkerman/

Columbus, Ohio

SUMMARY

Security professional with over 15

years of experience in information

security, deep expertise in cloud

infrastructure, application security,

and compliance framework design.

With a proven track record in leading

teams and developing innovative

security strategies, am eager to

contribute to strengthening the

security posture and supporting

mission with strategic, forward-

thinking, and innovative approaches.

CERTIFICATION

Certified Information

Systems Security

Professional (CISSP)

(ISC)

Certified Information

Systems Security

Professional (CISSP)

(ISC)

Certified Cloud Security

Professional (CCSP)

(ISC)

Information Systems

Security Management

Professional (ISSMP)

(ISC)

EXPERIENCE

Evercast 03/2020 - 01/2022

Senior Information Security Engineer Manager, Security Operations Founded and led the Application Security team, managing a $500K annual budget; driving strategic security initiatives and their successful operational implementation.

Direct-Report to CEO & CTO; Ensuring to enhance executive decision-making by delivering clear, actionable updates on security needs, solutions, and progress directly to ELT, MGMT, and the board of directors. Directed Cloud Security efforts across 12 enterprise initiatives, including Cloud Security Posture, Cloud Detection & Response, Data Platform Management, and Cloud Identity Entitlement Management.

Co-led internal and external audits, achieving 100% compliance for C&A across SOX, SOC2, ISO 27001, ISO 27002, GDPR, and PCI DSS frameworks. Strengthened application security by integrating automated vulnerability scanning through SAST, DAST/IAST, and SCA saving $100K+ and reducing vulnerability risks by over 30% with advanced threat analysis. Led hybrid cloud network re-architecture with global failover, reducing costs, enhancing awareness and InfoSec. Achieved HIPAA, SOC2, and PCI-DSS compliance.

Led Security Incident Response Team (SIRT) for triage & handling of all security incidents across cloud, on-prem, and select client infrastructure; responsible for next-gen(L7) firewalls, CASB, SASE, SIEM/SOAR, XDR, IDS/IPS, and more.

Milestone Health Services 03/2017 - 12/2020

Cybersecurity Manager, Head of Security Architecture & Cloud Infrastructure

Consulted with operations and IT leaders to ensure implementation and enforcement of security controls & solutions. This included asset management, secure operations, continuous monitoring with threat intelligence/detection, and deployment of next-generation firewall, IDS/IPS, CASB/SASE solutions, among others.

Led formation of AppSec, Security Operations, and Engineering teams. Managed budgets, initiatives, and responsibilities. Managed Secure Operations Initiatives by overseeing SecOps engineers to secure 3,000 endpoints annually that ensured 100% uptime alongside 100% visibility via continuous monitoring & threat intelligence efforts. Lead Security Engineering efforts that managed AWS env of 2,000 endpoints that saw 40% reduction in exposure & risk via secure architecture, policy-as- code, security automation, and integration with Dev, IT, and NetOps teams. Reduced cloud security incidents by 35%, and response time (MTTR) by 19% via 'InfoSec Automation' efforts, optimizing detection & threat intelligence with AI/ML tool sets, and designing 'Auto-Remediation' for CSPM & Container Security findings with continuous monitoring capabilities. Achieved 70% decrease in critical vulnerabilities by spearheading application security initiatives & security awareness & training of engineering staff. Provided executive-level reporting on InfoSec operations, engineering, and application security by way of Financial strategy & budget, Key Risk Indicators/Risk MGMT, Compliance Obligations & Audits, and project progress

& success metrics.

CERTIFICATION

Information Systems

Security Engineering

Professional (ISSEP)

(ISC)

Certified Secure Software

Lifecycle

Professional(CSSLP)

(ISC)

Cybersecurity Analyst

(CySA+)

CompTIA

PenTest+

CompTIA

Cybersecurity Analyst

(CySA+)

CompTIA

Network+

CompTIA

Cloud+

CompTIA

A+

CompTIA

Certified Data Privacy

Solutions Engineer(CDPSE)

ISACA

Certified Information

Security Manager (CISM)

ISACA

CSX Expert (CSXE)

ISACA

GIAC Strategic Planning,

Policy, and Leadership

(GSTRT)

GIAC

GIAC Information Security

Professional (GISP)

GIAC

GIAC Web Application

Penetration Tester (GWAPT)

GIAC

EXPERIENCE

Dark Labs & Independent Contractor 2012 - 2017

Independent Security Consultant, InfoSec Analyst, Penetration Tester

Conducted manual exploitation and penetration testing across various environments, from small-scale to enterprise-level networks, encompassing wireless, wired, web applications, and mobile platforms. Developed and executed attack scenarios based on threat intelligence and models, utilizing both off-the-shelf and custom tools and scripts for wide array of threats, risks, and known TTPs of threat actors. Analyzed and correlated security events using custom and industry-standard log aggregation methods and SIEM solutions implemented automation to enhance efficiency in event analysis and response. Implemented risk management controls and advanced monitoring solutions across various assets, including endpoints, perimeter, on-premises, cloud, and web assets.

Contributed to the design and deployment of advanced risk management controls and reporting solutions, including Managed Detection and Response

(MDR), Extended Detection and Response (EDR), and others. Led offensive security engagements and consultations for 200+ organizations. Managed client communication, reporting, and debriefs with Red, Blue, Purple, and IT teams for internal/external projects.

Led a team to oversee a $10 million cloud infrastructure overhaul project involving multiple Fortune500 enterprises.

Architected security solutions for infrastructures serving up-to 10,000,000+ users.

CERTIFICATION

GIAC Exploit Researcher and

Advanced Penetration

Tester (GXPN)

GIAC

GIAC Fundamentals of

Information Security Policy

(GFSP)

GIAC

Licensed Penetration Tester

(LPT)

EC-Council

Certified Ethical Hacker

(CEH)

EC-Council

Certified SOC Analyst (C

SOC)

EC-Council

AWS Certified Solutions

Architect Professional

Amazon

AWS Certified SysOps

Administrator

Amazon

AWS Security Specialty

Certification

Amazon

Google Cloud Certified

Professional Cloud Architect

Google



Contact this candidate