Post Job Free
Sign in

Seasoned Cybersecurity Leader with 25+ Years Experience

Location:
Cullman, AL
Posted:
December 25, 2025

Contact this candidate

Resume:

Stephen Craig Treubig

Fultondale, AL ***** 205-***-**** ********@********.******* LinkedIn

Professional Summary

Highly experienced cybersecurity professional with over 20 years of leadership in incident response, risk assessments, and security operations. Adept at defining and executing security roadmaps by embedding secure development practices and conducting essential gap assessments, including SOC 2 audits and penetration testing. Proven ability to align technical and strategic objectives to build robust security infrastructures that protect systems, data, and users. Driven by a commitment to proactive security and continuous operational improvements.

Technical Skills

•Platforms & Operating Systems: Linux, Unix, BSD “MacOS”

•Security Tools & Solutions: Cisco, IBM/ISS, Palo Alto, DS/IPS Tipping Point, Tripwire, Carbon Black, Magnet Forensics, Cyberea- son, Sentinel One, Kape Kroll Artifact Extractor, FortiClient, Crowdstrike, Burp Suite, Core Impact, Canvas, Coverity, SonarQube, Fortify, Openair

•Compliance & Regulatory: GDPR, SOX, ITIL, ASTM, PCI, NERC/CIP, HIPAA, GLBA Regulatory Compliance

•Certifications & Testing: OSCP, Physical Penetration Testing, Blockchain Certified

•Security Consulting & Assessments: Threat Hunting, Experience Advising Web 2 and Web3 Projects

•Programming & Scripting: Python, Perl, Golang, C#, Visual Basic

•Penetration Testing & Exploitation: Metasploit, Cobalt Strike, Empire, PowerSploit, MimiKatz, Fuzzers, Debuggers, Ghidra, Olly

•Enterprise Solutions: Software as a Service (SaaS), Salesforce, NetSuite, Elastic

Professional Experience

Frontdoor, INC Feb 2023 - Jul 2025

Director of Cyber Security Incident Response Memphis, TN

A senior-level incident responder should demonstrate mastery across cybersecurity disciplines, including:

Detection & Investigation. Managed and led cross-functional teams to effectively manage cybersecurity threats. utilized advanced methodologies to enhance our security posture. Additionally, I collaborated with various departments to ensure compliance and effective communication during incidents, driving improvements in our incident management processes.

- Expertise in threat hunting and behavioral analysis using SIEM tools (e.g. Crowdstrike, Logscale, ELK).

- Proficiency in forensic analysis (disk, memory, network) using tools like EnCase, Volatility, Wireshark.

- Experience analyzing malware and reverse engineering with tools like IDA Pro or Ghidra.

- researching and reviewing SSQL injections events, Social engineering attempts, worked to implement threat management platforms and integrate along with working with compliance when the was i need for osint or forensic research

Defense & Response

- Incident triage and containment strategies across endpoints, network, and cloud.

- Skilled in orchestrating response actions with SOAR platforms (e.g. Palo Alto Cortex XSOAR).

- Familiar with remediation and recovery in complex enterprise environments.

Security Architecture

- Deep understanding of enterprise infrastructure: Active Directory, DNS, email systems.

- Familiarity with cloud platforms (AWS, Azure, GCP) and hybrid security models.

- Experience implementing secure access controls, segmentation, and endpoint hardening.

Reporting & Metrics

- Ability to document IR workflows and produce technical root cause analysis (RCA) reports.

- Develop dashboards that convey security posture and trends to leadership.

Management Experience

Leadership in IR demands a proactive, communicative, and resilient approach:

Strategic Oversight

- Define and evolve incident response plans and playbooks aligned with business goals.

- Conduct tabletop exercises and simulations to validate IR effectiveness.

Team Leadership & Development

- Lead cross-functional response teams during crisis scenarios.

- Mentor junior analysts and drive skill development through training and certifications.

- Manage staffing, hiring, and performance reviews of security personnel.

Collaboration & Escalation

- Liaise with legal, compliance, HR, and executive teams during incidents.

- Interface with external threat intelligence providers, law enforcement, and regulators when required.

Governance & Documentation

- Ensure accurate documentation of incidents for audits and postmortems.

- Champion best practices in knowledge sharing, runbooks, and lessons learned.

Communication Skills

- Translate technical threats into business-impact language for executives.

- Present incident trends, risk assessments, and improvement roadmaps to senior stakeholders.

IntegraOne Feb 2021 - Jan 2023

Director of Cyber Security Incident Response Allentown, PA

•Directed a team of incident responders by developing and implementing incident response plans, procedures, and playbooks to embed secure practices into operational workflows.

•Coordinated incident response operations with IT teams, legal counsel, and external partners to ensure alignment with strategic security controls and regulatory requirements.

•Performed post-incident reviews and analyses to identify vulnerabilities, driving continuous improvements similar to security gap assessments.

•Conducted tabletop exercises and simulated incidents to validate incident readiness and enhance security process maturity.

•Managed forensic and malware analysis to develop mitigation strategies that supported secure development practices and infrastructure hardening.

•Collaborated with multiple stakeholders to align incident response activities with client expectations and broader security governance.

Blackberry Inc Feb 2019 - Jan 2021

Consulting Director of East and Canada Ottawa, Canada

Oversaw cybersecurity consulting services with a focus on improving clients’ security postures by integrating security gap assessments and developing effective remediation strategies.

•Led Red, Blue, and Purple Team engagements, simulating real-world cyberattacks to identify vulnerabilities and ensure robust security controls.

•Conducted simulated attacks using techniques such as social engineering, phishing, network, and application attacks to stress-test security defenses.

•Developed attack strategies and collaborated with technical teams to identify security vulnerabilities, aligning with best practices in security engineering.

•Provided comprehensive reports with actionable recommendations to enhance security infrastructure and support the implementation of baseline policies and controls.

•Stayed current with emerging threats and attack techniques, contributing to a proactive security culture and continuous improvement of security frameworks.

Cylance Feb 2019 - Dec 2019

Director of Strategic Services and vCISO Irvine, CA

•Directed professional services projects by collaborating with cross-functional teams to manage project scope, align security roadmaps, and identify gaps in product security functionalities.

•Assessed and developed security programs including policies, standards, and procedures, supporting initiatives such as vulnerability management and incident response enhancements.

•Implemented security software, programs, and firewalls to reduce cybersecurity threats while reinforcing baseline security controls and risk assessments.

•Monitored internal and external communications to detect abnormalities, supporting proactive security incident management processes.

•Guided incident response projects, acting as executive sponsor and escalation point for critical security events, reinforcing security operational readiness.

•Analyzed system risks and recommended countermeasures to protect confidential information, aligning with secure development and security operations best practices.

Trace3 Sep 2017 - Jan 2019

Director of Malware and Endpoint Technology Irvine, CA

•Oversaw the development and execution of an endpoint security strategy to protect devices including laptops, servers, and mobile platforms against malware and cyber threats.

•Developed and implemented security policies and procedures that supported the identification and mitigation of vulnerabilities, aligning with key security frameworks.

•Monitored and analyzed security logs and alerts to identify potential threats, enhancing overall security posture and incident response readiness.

•Collaborated with IT and security teams to ensure endpoint security initiatives were integrated into the broader security strategy, supporting the secure engineering lifecycle.

•Led incident response efforts in the event of security breaches, incorporating digital forensics and red/blue team exercises to validate remediation actions.

Carbon Black Inc (by the acquisition of Confer Technologies) Sep 2016 - Jan 2017

Senior Risk and Compliance Specialist Waltham, MA

•Conducted comprehensive risk assessments to identify and mitigate cybersecurity threats, directly contributing to the establishment of baseline security controls.

•Developed and maintained policies and procedures to ensure compliance with industry regulations and cybersecurity standards such as GDPR and SOX.

•Collaborated with cross-functional teams to identify compliance gaps, reinforcing security foundations and guiding the implementation of remediation actions.

•Monitored adherence to security policies and procedures, supporting both continuous compliance and proactive risk management initiatives.

•Engaged with external regulatory bodies and auditors to demonstrate effective enforcement of cybersecurity standards, aligning with best practices in security engineering.

Optiv Jan 2011 - Jul 2016

Director of Centers of Excellence and Practice Manager Denver, MA

•Led and mentored a 35-member team of consultants in delivering advanced endpoint security, malware threat prevention, and vulnerability assessments aligned with industry standards.

•Developed new product solutions through scripting and testing, supporting secure development practices and continuous security posture improvements.

•Established information technology security and privacy protection standards, ensuring global compliance with regulatory frameworks and reinforcing secure infrastructure practices.

•Designed and managed vulnerability management programs using tools like Rapid7 Nexpose and Metasploit Pro, enhancing security controls and risk assessments.

•Achieved high customer satisfaction by consistently applying strong security engineering principles to client engagements, reinforcing robust security architectures.

Education

Birmingham Alabama

• Coursework: Coursework in Computer Science and Security

Certification

•OSCP, OSCE, CISSP, or equivalent CEU

•Blockchain Certified Professional and KYC, KYB, CJIS Cleared and Certified

1990



Contact this candidate