We are built for cybersecurity.

Echelon was born from the idea that cybersecurity isn’t something that a professional services firm can just dabble in. Cybersecurity, privacy and technology risk present major threats that disrupt our way of life. That threat is constantly evolving, so we are too. We see it as our calling to stem the tide. We are all in.

Echelon about 2
Our Story

Security is Personal

Echelon was built with a purpose. While other cybersecurity professional services firms tout what they do, few can articulate why they do it. We know exactly what drives us - protecting your basic right to security and privacy.

Our origin story begins with our name. The echelon formation creates a staggered but unified front, used to successfully provide excellent range of vision and protection to each participant. From our name, to how we conduct and manage ourselves on a day-to-day basis, we are built to be that trusted ally.

We are Echelon.
Our Philosophy

See Cybersecurity, Clearly

Navigating the cybersecurity landscape can be very confusing and overwhelming without the right experience and guidance. A trusted and honest partner can help you to define your cybersecurity and technology risk strategies with confidence. We set ourselves apart from our competition by focusing on relationships and service above all.

Laser Focused

Managing cybersecurity, privacy and technology risk is at the core of what we do. It is all we do.

Mission + Values Driven

Our clients choose us not only for what we do, but why we do it. It’s our personal mission to make our clients stronger and smarter.

Tailored Solutions + Outcomes

We focus on your needs, not our solutions. By identifying the areas most at risk, we can achieve outcomes with solutions that are tailored for you.

Cyber Community Leadership

Our team takes pride in contributing and participating in our cyber community. It gives us an edge that helps our team and clients stay vigilant.

Founder's Message

We believe that security and privacy are basic human rights.

The cyber threat landscape is littered with persistent and sophisticated actors who are benefitting by disrupting our government, major institutions, privately held businesses, public companies and our individual safety and privacy. SolarWinds and Colonial Pipeline are just the latest headlines.

The organizations constantly bombarded by threats are the same organizations that make it possible for us to fill our cars with gas so we can make tee-ball practice. They hold our life’s savings, they produce the software that runs the flow of traffic on our streets and the grid that powers our homes.

There is only so much difference one person, one idea, one firm can make. This is why, as we serve our clients, we also pledge to serve the greater cybersecurity community that is fighting this battle along with us. We take our mission to heart.

Dan Desko 2
Our Team

Industry Experts

We believe the best cybersecurity teams are made up of people from varied backgrounds. Diverse backgrounds mean diverse experiences, and flexible thinking in the face of threats.

Dan Desko 1
Dan Desko
CEO + Managing Partner
  • Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Cybersecurity Maturity Model Certification-Registered Practitioner (CMMC-RP) Certified Third-Party Risk Assessor (CTPRA) Certified Third-Party Risk Professional (CTPRP)

Dan is CEO & Managing Partner at Echelon. With nearly 20 years of experience in IT, audit, risk and cybersecurity, he has led and built highly focused cybersecurity teams at top professional service firms before joining Echelon. Dan’s experience establishing and offering new and innovative lines of cybersecurity services not only provides leadership across the industry and organization, it’s the reason Echelon was built and serves as its vision for growth.

Chrisdebo headshot
Chris Debo
Principal Consultant
  • Certified Information Systems Auditor (CISA) Certified ISO/IEC 27001 Senior Lead Implementer
  • A seasoned information security and risk management professional, Chris’ 20-year career has spanned multiple industries and disciplines at Fortune 100 corporations, two of the ten largest banks in the world, and Big 4 consulting. Chris has also designed and taught graduate courses in data analytics and security at Ohio State’s Fisher College of Business and brings unique knowledge of application architectures and design to every engagement.

    Tom Garrubba new2
    Tom Garrubba
    Director of Third-Party Risk Management (TPRM) Services
  • Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) Certified Information Privacy Technologist (CIPT) Certified Third-Party Risk Professional (CTPRP) Certified Third-Party Risk Assessor (CTPRA)
  • Tom is an internationally recognized subject matter expert, author, consultant, lecturer, and instructor for the Certified Third-Party Risk Professional and Assessor (CTPRP, CTPRA) programs. He’s an experienced professional with over 20 years of experience in performing and consulting on IT and operational risk, security, privacy, audit, resilience, and compliance in various industries.

    Kaushik Headshot
    Kaushik Kiran
    Director of VCISO and Cyber Strategy Services
  • Certified Information Systems Auditor (CISA)
  • Kaushik is an accomplished cybersecurity and technology risk transformation leader with over 20 years of rich expertise and passion for driving risk reduction while improving and enhancing client experience. Kaushik has built roadmaps, products, and operationalized successful risk and cybersecurity technology initiatives and frameworks across privacy, awareness, operations, and engineering teams. He has served various industries such as healthcare, digital assets, financial services, life sciences, insurance, and technology.

    Image
    Shea Nangle
    Director of Advisory Services
  • Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Emergency Management and Continuity Planning (EMCP) GIAC Certified ISO-27000 Specialist (G2700)
  • Shea has over 25 years of experience in security consulting, malware campaign investigations, security assessments in interesting places, and compliance. He also co-founded a venture-backed knowledge management startup. He has spoken both domestically and internationally on a wide range of topics including OPSEC, Federal compliance, and disinformation. Shea’s areas of research include elicitation, disinformation, open-source intelligence, and crisis management.

    Dahvid Schloss Echelon
    Dahvid Schloss
    Cybersecurity Manager
  • Offensive Security Certified Professional (OSCP) CompTIA Security+ CompTIA Network+ DEF CON Black Badge Holder
  • With over 10 years of cyber-attack and defense experience, Dahvid has previously worked as a Red Team Operator with a Big 4 consulting firm, leading and conducting Adversarial Emulation exercises. He also previously served as an operator and liaison for the Joint Special Operations Command to other DoD agencies and several intelligence agencies, providing mission-critical planning and coordination of special operation cyber activities.

    Paul Matvey
    Paul Matvey
    Cybersecurity Manager
  • CompTIA A+ CompTIA Network+ Microsoft Certified Professional
  • Paul Matvey is a Cybersecurity Manager at Echelon with over 15 years of experience in IT Infrastructure design and management with a focus in cybersecurity. Prior to joining Echelon, he was the Director of IT and Cybersecurity Operations of a major professional services firm, and a Senior Systems Integrator at one the region's largest Managed Services Providers.

    Ross Flynn Def Con BB
    Ross Flynn
    Cybersecurity Manager
  • Certified Ethical Hacker (CEH) Certificate of Cloud Security Knowledge (CCSK) AWS Certified Cloud Practitioner Holistic Information Security Practitioner (HISP) DEF CON Black Badge Holder
  • Ross enjoys helping our clients achieve measurable cybersecurity improvements in their businesses. Ross’ previous experience leading Disaster Recovery, Incident Response and Risk Management initiatives for a Fortune 200 international manufacturing organization, shaped his holistic approach to addressing security concerns. He equally prioritizes people, processes and technology to tailor fit solutions across highly complex technology environments.

    Chereese langley echelon
    Chereese Langley
    Senior Cybersecurity Consultant
  • Certified Information Systems Auditor (CISA) Certified ISO/IEC 27001 Lead Auditor Certified CSF Practitioner (CCSFP) Cybersecurity Maturity Model Certification – Registered Practitioner (CMMC-RP)
  • Chereese is a Senior Cybersecurity Consultant at Echelon with over six years of combined Internal Audit, IT Audit, Third Party Risk Management (TPRM), Cybersecurity, Governance, Risk, & Compliance (GRC), and Business Continuity experience. She has worked with a wide range of industries, including healthcare, financial services, investments, insurance, manufacturing, and higher education. Chereese has also focused her time with data analytics, automation, and building out executive-level metrics and reporting to deliver security related measurables to leadership. Chereese has a proven track record of delivering successful projects and is dedicated to helping her clients achieve success.

    Steve Snider Headshot
    Steve Snider
    Senior Cybersecurity Consultant
  • Certified Information Systems Security Professional (CISSP) GIAC Certified Penetration Tester (GPEN) GIAC Web Application Penetration Tester (GWAPT)
  • Steve enjoys helping clients improve their overall security programs by increasing awareness within the organizations’ leadership teams. He previously worked as an operator for offensive cyber operations with DoD organizations and intelligence agencies prior to retiring from the military. Following his military career, he spent four years performing Red Team testing, Penetration testing, and Wireless testing for large organizations during his time working as part of a large consulting firm.

    Jeff
    Jeff Hoge
    Senior Cybersecurity Engineer
  • Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) Systems Security Certified Practitioner (SSCP) Certified Ethical Hacker (CEH) EC-Council Certified Incident Handler (ECIH) CompTIA Project+ Cisco Certified Network Associate (CCNA)
  • Jeff has worked in IT for 18 years, including network engineering and systems administration. Most recently, he implemented and led the information security program at a regional healthcare insurer. His passion is helping individuals and organizations better defend themselves from cyber threats with an empathetic, relationship-oriented approach. Jeff currently serves as the Vice-President of the Triad of NC ISSA chapter and loves spending time with his wife and four children.

    Jake Murphy Def Con BB
    Jake Murphy
    Senior Cybersecurity Consultant
  • eLearnSecurity Junior Penetration Tester (eJPT) eLearnSecurity Web Application Penetration Tester Extreme (eWPTX) DEF CON Black Badge Holder
  • Jake has extensive experience in both building and pen testing web applications and network infrastructure. His work with bug bounties and the Bugcrowd platform has resulted in over 70 discovered vulnerabilities in Fortune 500 companies throughout the banking, retail and government industries.

    Evan Hosinski Headshot
    Evan Hosinski
    Senior CyberSecurity Consultant
  • Certified Ethical Hacker (CEH)
  • Evan has been involved in many different facets of cybersecurity, performing incident response, real-time analysis and digital forensics for Fortune 500 companies and government agencies. Most recently, Evan worked as a Senior Pentester and Technical Specialist for a "big 4" consulting firm where he performed network, wireless, physical and social engineering assessments.

    Headshot
    Amy Jo Fisher
    Senior Cybersecurity Consultant
  • Certified Information Privacy Technologist (CIPT) CompTIA Security+
  • Amy Jo Fisher is a Senior Cybersecurity Consultant at Echelon with over six years of combined IT risk, compliance, and cybersecurity engineering experience. She has worked with a wide range of industries, including healthcare, retail and professional services, as well as a wide variety of security fields, including GRC, continuous verification coding, and security portfolio management. She is passionate about helping clients think critically about their security posture to better mature their cyber programs.

    52493741413 129ed5a31b o
    Matt Jones
    Senior Cybersecurity Consultant
  • Certified Information Systems Auditor (CISA) Certified in Risk & Information Systems Controls (CRISC) Certified Information Systems Security Professional (CISSP) Certified Third-Party Risk Professional (CTPRP) CompTIA Server+ CompTIA Linux+ CompTIA Security+ CompTIA Network+
  • Matt has 30+ years of experience in IT and Information Security. Most recently he led third-party risk assessment programs at PepsiCo, evaluating the security controls for all third-party service organizations who accessed, processed, or stored company data in on-premises and cloud environments. He also initiated and led the completion of a self-assessment questionnaire to assess and drive maturity of the overall TPRM program. Matt enjoys leading certification study groups and learning how others implement principles in the real world.

    Shir Butbul
    Shir Butbul
    Cybersecurity Consultant
  • Shir Butbul is an Advisory Consultant at Echelon. Shir has previously worked in the fintech and retail industries, and has over six years of experience in Technology and Security Governance Risk and Compliance. Shir is passionate about helping clients implement practical solutions and streamline existing processes.

    Alberto Anton headshot
    Luis Alberto Anton Delgadillo
    Cybersecurity Consultant
  • eLearnSecurity Junior Penetration Tester (eJPT)
  • As both an entrepreneur and consultant, Anton has helped companies reach digital transformation and fortify cybersecurity measures on all organizational levels. He has dedicated his career to learning how IT infrastructure helps companies reach their business objectives and is passionate about offensive security. He has experience with vulnerability assessments, pen testing, social engineering, cyber governance, risk and compliance.

    Microsoft Teams image 18
    Steeven Rodriguez
    Cybersecurity Consultant
  • eLearnSecurity Junior Penetration Tester (eJPT) CompTIA Pentest+ PaCSP – Cloud Security Professional
  • Steeven is an Offensive Security Consultant at Echelon. He began his career as a web and mobile developer prior to transitioning into cybersecurity and has previously worked as a penetration tester specializing in web and mobile testing. Steeven has led internal and external assessments for companies in banking, retail, and government. He has extensive experience generating realistic scenarios for social engineering exercises.​

    Headshot
    Michael Pettet
    Cybersecurity Consultant
  • eLearnSecurity Junior Penetration Tester (eJPT) eLearnSecurity Certified Professional Penetration Tester (eCPPTv2) CompTIA Net+
  • Michael began his career as a security analyst and wanted to learn more about the offensive side of the field, so he self-studied while working and got his eCCPT. Michael has led internal and external assessments for companies in banking, retail, health and government. He has also done numerous successful covert entry and social engineering engagements for companies across the US.

    Vladimir Mantey Headshot
    Vladimir Mantey
    Cybersecurity Associate
  • eLearn Security Junior Penetration Tester (eJPT)
  • Vladimir is finishing his Cybersecurity Bachelor’s Degree at ITESO, and is located in Guadalajara, Mexico. He is very interested in penetration testing and offsec and has participated in a variety of CTFs. He is also on the Cybersecurity Student Council at ITESO. He has over a year of experience as a professional pen tester working primarily with external and web pen testing. Vladimir has a strong interest in cloud pen testing as well.

    Rodrigo Cano Headshot
    Rodrigo Cano
    Marketing Associate
  • Rodrigo is studying communication and digital media at Tecnológico de Monterrey in Guadalajara. He has experience creating digital media content as well as video and audio post-production for various brands. At Echelon, he manages social media accounts and enjoys coming up with creative marketing solutions.

    Daniella Pairault 2
    Daniella Pairault
    Cybersecurity Associate
  • Daniella is finishing her B.S. in Computer Science and Software Engineering and minor in Business Administration at the University of Washington in Bothell. Through coursework and outside research, she has gained base understanding and developed a strong curiosity and interest to learn more about ethical hacking and risk advisory practices.

    Imagen2
    Rolando Enriquez
    Cybersecurity Intern
  • Rolando is a computer science student at Tecnologico de Monterrey Campus Monterrey, Mexico. He has worked for over two years on web development projects, focusing on the backend. During his internship he will be focusing in learning about Pen Testing, malware analysis and malware development.

    Evan Isaac Headshot
    Evan Isaac
    Cybersecurity Intern
  • eLearnSecurity Certified Professional Penetration Tester (eCPPT) eLearnSecurity Junior Penetration Tester (eJPT)
  • Evan is a Cybersecurity and Networking student at Roger Williams University with a focus in web application and network penetration testing. In his free time, he volunteers to help students learn cybersecurity fundamentals.

    Are you ready to get started?
    Latest Intelligence