Echelon was born from the idea that cybersecurity isn’t something that a professional services firm can just dabble in. Cybersecurity, privacy and technology risk present major threats that disrupt our way of life. That threat is constantly evolving, so we are too. We see it as our calling to stem the tide. We are all in.
Echelon was built with a purpose. While other cybersecurity professional services firms tout what they do, few can articulate why they do it. We know exactly what drives us - protecting your basic right to security and privacy.
Our origin story begins with our name. The echelon formation creates a staggered but unified front, used to successfully provide excellent range of vision and protection to each participant. From our name, to how we conduct and manage ourselves on a day-to-day basis, we are built to be that trusted ally.
Navigating the cybersecurity landscape can be very confusing and overwhelming without the right experience and guidance. A trusted and honest partner can help you to define your cybersecurity and technology risk strategies with confidence. We set ourselves apart from our competition by focusing on relationships and service above all.
Managing cybersecurity, privacy and technology risk is at the core of what we do. It is all we do.
Our clients choose us not only for what we do, but why we do it. It’s our personal mission to make our clients stronger and smarter.
We focus on your needs, not our solutions. By identifying the areas most at risk, we can achieve outcomes with solutions that are tailored for you.
Our team takes pride in contributing and participating in our cyber community. It gives us an edge that helps our team and clients stay vigilant.
We are a passionate team with a common set of core values that govern how we serve clients and manage our firm.
Clients matter most. We believe in delivering "WOW" client experiences, and we prioritize the success of our clients above all else. Our goal is to act as true business partners, building relationships that elevate the way our clients think about working with consultants.
WE over ME. We believe that letting our teammates down is a mortal sin. Working together is the only way to achieve the lofty goals we have for our firm, our clients and our people. We actively seek to collaborate for the greater good, because we all succeed, or no one succeeds.
Interesting people are more fun to work with. We value different backgrounds and perspectives that lead to better outcomes for our clients. We know how to have fun – both on and off the clock – and we build lifelong relationships with our clients and colleagues.
We are true professionals. The amateur has a million plans, and they all start tomorrow. We believe that when we turn pro, we stop running from fears and doubts. The pro focuses on learning, continuous growth, and incremental improvement. We don't wait around for inspiration – we act in anticipation of it.
Show no fear. We directly address challenges and obstacles as they arise, without delay. We believe in confronting problems with courage, clarity, and a proactive attitude. We know that the hairiest issues are the greatest opportunity to shine, so we always run towards the fire.
Lead with passion and purpose. We have a true passion for what we do and a deep connection to our purpose. We approach work and challenges with a unique and spirited approach. We believe in exceeding expectations with zeal, and we always bring entrepreneurial ideas to the table.
Don’t just take our word for it, our Net Promoter Score speaks volumes about the satisfaction and loyalty of our clients.
The cyber threat landscape is littered with persistent and sophisticated actors who are benefitting by disrupting our government, major institutions, privately held businesses, public companies and our individual safety and privacy. SolarWinds and Colonial Pipeline are just the latest headlines.
The organizations constantly bombarded by threats are the same organizations that make it possible for us to fill our cars with gas so we can make tee-ball practice. They hold our life’s savings, they produce the software that runs the flow of traffic on our streets and the grid that powers our homes.
There is only so much difference one person, one idea, one firm can make. This is why, as we serve our clients, we also pledge to serve the greater cybersecurity community that is fighting this battle along with us. We take our mission to heart.
We believe the best cybersecurity teams are made up of people from varied backgrounds. Diverse backgrounds mean diverse experiences, and flexible thinking in the face of threats.
Dan is CEO & Managing Partner at Echelon. With nearly 20 years of experience in IT, audit, risk and cybersecurity, he has led and built highly focused cybersecurity teams at top professional service firms before joining Echelon. Dan’s experience establishing and offering new and innovative lines of cybersecurity services not only provides leadership across the industry and organization, it’s the reason Echelon was built and serves as its vision for growth.
Matt Donato is an expert on security solutioning, consulting, and team building, with a career spanning 20 years across all facets of the cybersecurity industry. Matt has focused on helping companies identify the gaps and resources they need to protect themselves and provide the solid foundation they need to grow. Most recently, Matt was the Managing Director of Client Services at CyberSN and was previously Co-Founder & CEO of cybersecurity and data intelligence advisory firm HuntSource, which serviced various companies throughout the critical infrastructure sectors.
Dave Faraone is a Partner at Echelon Risk & Cyber, leading operations to ensure a seamless and high-quality client journey at every stage. His role includes overseeing deliverability and maintaining exceptional standards. In addition to his role at Echelon, Dave is an adjunct professor at Duke University's Pratt School of Engineering, teaching advanced security topics like cloud security and AI in the master's in cybersecurity engineering program. Before joining Echelon, he was the Senior Director of North America East region consulting at Unit 42, Palo Alto Networks' premier cybersecurity consulting team. He also worked at PricewaterhouseCoopers (PwC), where he led cybersecurity transformation projects, global security technology implementations, and the development of cloud security strategies for Fortune 500 companies.
Lori has over 25 years of experience in marketing and project management. With a keen eye for detail and a strategic mindset, she brings a unique perspective and skillset to the Echelon team. Prior to joining Echelon, she held various leadership roles in the marketing and project management fields, where she gained extensive experience in developing and executing complex projects. As Chief of Staff, she plays a critical role in ensuring the successful execution of all projects and initiatives.
A seasoned information security and risk management professional, Chris’ 20-year career has spanned multiple industries and disciplines at Fortune 100 corporations, two of the ten largest banks in the world, and Big 4 consulting. Chris has also designed and taught graduate courses in data analytics and security at Ohio State’s Fisher College of Business and brings unique knowledge of application architectures and design to every engagement.
Travis is an Army Special Operations veteran and the Senior Director of Offensive Security at Echelon Risk + Cyber. Since leaving the military, Travis has specialized in offensive security, conducting advanced adversarial emulation assessments and leading teams of security practitioners. In addition to his security expertise, Travis is an electronic engineer and embedded firmware developer, known for creating various physical security penetration testing tools. He has spoken at notable conferences such as DEF CON (RF & Red Team Villages), Hack Miami, B-Sides Tampa, and Hack Space Con. His work has been published in Intelligent CIO (article: "Are humans more effective than automation tools...") and PROMPT# Zine (comic: "Better Together"). Travis is also committed to giving back to the Veteran community through mentorship and job placement assistance.
Marissa Salzone is a driven marketing leader with relentless passion and a fearless attitude. Experienced marketing professional with a background in demand generation and marketing strategy. Helped drive a small business from a start-up to a medium-sized industry leader and played a key role in leveraging an acquisition and dual partnership for the company. Led a company to a record-breaking lead-to-prospect conversion rate of 46% using persona messaging and various engagement platforms. Drove sales up 420% with over $22 million in revenue with strategic marketing in the competitive cybersecurity space, gaining acknowledgement in The Washington Post, TIME, and Business Insider. Recognized by the Cybersecurity Excellence Committee as Cybersecurity Marketer of the Year for North America. In her spare time, Marissa enjoys trying new restaurants and going on runs.
Paul is an IT and Security expert with tremendous experience in information security governance, risk, and compliance. Highly motivated, hardworking, and adept at navigating complex security challenges, Paul leads our vCISO and Cybersecurity Advisory practice, where he leverages his expertise to deliver effective information security programs, drive business growth and manage a high-performing team.
Josh Fleming is the Senior Manager of the Risk Advisory Service Line at Echelon Risk + Cyber, where he specializes in incident prevention and response management. He is passionate about technology and its ability to transform our world but also recognizes the risks that come with it. Over the years, Josh has gained extensive experience in both cyber and physical security management, working with clients from various industries and sectors to identify and mitigate potential threats to their systems and overall environments. His expertise lies in developing and implementing effective incident prevention strategies that help clients stay ahead of the curve and protect their critical assets. In addition to his preventive work, Josh specializes in incident response management. He advises executives, C-suites, and board members to develop comprehensive incident response plans, threat assessments, and crisis strategies, ensuring organizations are well-prepared to swiftly respond to any security incident or emergency situation. Josh is committed to staying up-to-date with the latest trends, technologies, and best practices in the cyber and physical security industry. He is passionate about continuously improving his skills and knowledge to provide the best possible service to his strategic partners.
Steve enjoys helping clients improve their overall security programs by increasing awareness within the organizations’ leadership teams. He previously worked as an operator for offensive cyber operations with DoD organizations and intelligence agencies prior to retiring from the military. Following his military career, he spent four years performing Red Team testing, Penetration testing, and Wireless testing for large organizations during his time working as part of a large consulting firm.
Paul Matvey is a Cybersecurity Manager at Echelon with over 15 years of experience in IT Infrastructure design and management with a focus in cybersecurity. Prior to joining Echelon, he was the Director of IT and Cybersecurity Operations of a major professional services firm, and a Senior Systems Integrator at one the region's largest Managed Services Providers.
Tiberiu Szabo has over 17 years of experience in cybersecurity, infrastructure management, and consulting. As the Director of Security Operations at Systems Solution, Inc. (SSI) in King of Prussia, Pennsylvania, he developed security programs, acted as a vCISO for clients, and managed SSI’s Security Operations Center and relationships with outsourced security partners. Previously, as Cyber Security Manager, he contributed to SSI's security strategy and architecture, advising both the technology team and the business. Earlier in his career, he worked as a Technology Consultant, leading projects for several hundred clients and managing technology installations, software upgrades, and network updates, along with overseeing hosted Citrix infrastructure for medium to large-sized companies. Tiberiu's background includes network security, incident response, and policy development, where he has implemented advanced security technologies and practices to protect against emerging threats.
Shir Butbul is a Senior Cybersecurity Consultant for vCISO services at Echelon. With over 7 years of experience in Technology and Security Governance Risk and Compliance, Shir has played a pivotal role in safeguarding organizations during periods of rapid expansion through strategic governance and compliance initiatives. Shir has honed her expertise in conducting audits and readiness assessments, as well as in spearheading comprehensive security awareness and training programs and designing innovative third-party risk assessment models. Shir is passionate about helping clients design and implement practical solutions to streamline and enhance cybersecurity processes and programs.
Zack is a Senior Cybersecurity Consultant at Echelon with over 7 years of experience in IT risk, compliance, and cybersecurity. His work spans across various industries, including engineering, manufacturing, healthcare, cable networks, and technology. With a keen focus on incident response and preparedness, Zack takes pride in empowering clients and elevating their resilience capabilities through the implementation of strategic proactive services such as incident response plan and playbook development and tabletop exercises. He also has previous experience performing a great variety of audits and value-added assessments, specializing in SOC 2, and ISO 27001. His commitment to client success underscores his dedication to fostering robust incident response practices that stand resilient against emerging threats.
Greg DeLeonardis is an accomplished, solution-oriented, business development and client servicesprofessional with twenty-five 25 years of demonstrated success in consultative sales and building trustedadvisor relationships with c-suite business leaders, as well as technology executives. Prior to joiningEchelon Risk + Cyber, Greg spent the last fifteen years in enterprise sales and business developmentin the Oracle Applications space where he has a proven track record of driving results and creating valuefor clients and stakeholders. His strong relationship-oriented style and work ethic helped Greg toconsistently be a top sales performer each of the last fifteen years. Greg is happily married to his wifePaula (since 1997) and is very proud of his 3 sons - Gaetano, Angelo and Rocco.
Born in Columbus, Ohio, Brian served in the US Navy for 24 years, retiring as a Commander after six Overseas Deployments. In the private sector, he's excelled in Sales, Business Development, and Consulting, with three years at Optiv. Brian is happily married to Pamela for two decades, raising five children named Bryce, Peyton, Landon, Camryn, and Greyson. His academic achievements include a BA from the University of Pittsburgh, an MA from the Navy War College, and an MS from the Naval Postgraduate School.
Launa Forehand Rich has over 17 years of experience building relationships and communities within the west and east coast technology sectors with the past 7 years solely focused on serving cybersecurity communities. Launa is committed to providing meaningful solutions for her clients based on assessing true needs and gaps and providing efficient options. Previously, Launa was the National Managing Director for CyberSN, a firm that also provided non-for-profit services to Secure Diversity and Day of Shecurity.
Hernán is a seasoned IT and security professional with over 20 years of experience in the industry. Prior to joining Echelon’s Defensive Security practice, he led cloud, IAM and security engineering teams for large organizations in the financial, oil and gas, and manufacturing sectors, in both the US and Latin America, with a proven record of producing great results while operating quickly and effectively. His superb interpersonal and communication skills allow him to not only establish a great rapport with his clientele, but also provide technical guidance with ease and simplicity no matter the audience.
Devin Jones is a Senior Offensive Security Consultant at Echelon and has over 6 years of technical cybersecurity experience such as incident response, security operations, penetration testing and red teaming. Starting out on the Helpdesk and transitioning to Cybersecurity, his most recent role was with a boutique consultancy firm conducting and leading external and internal network penetration tests, web application assessments, phishing and vulnerability assessments across several different business verticals. Devin enjoys talking about all things offensive security and loves learning and sharing knowledge with others.
Juan is an IT enthusiast with 3 years of experience as a System Administrator and 5 years of experience as an offensive cybersecurity professional. Juan had the opportunity to work in the government of the Tabasco state in Mexico, where he gained valuable knowledge about the overall functioning of organizational networks. Juan began his journey as a cybersecurity professional at a big 4 consulting firm, where he conducted multiple penetration tests on external and internal infrastructures, mobile and thick applications, and wireless networks. Before joining Echelon, Juan held a position as a Red Team operator in a Switzerland-based company that offered cybersecurity services to different companies all over Asia and Europe.
Stephen has worked in a wide range of industries conducting offensive security services for enterprises of various sizes. His education has focused on computer science, software development, and information technology within the context of offensive security. Stephen has a strong background in leadership of offensive security services such as penetration testing and vulnerability scanning. He enjoys the constant cycle of learning from others in the industry and the continuous development of new techniques and technologies in offensive security.
Evan is a recent graduate from Roger Williams University, with a focus in web application and network penetration testing. Evan is passionate about sharing his knowledge with others and spends his free time volunteering to help students learn cybersecurity fundamentals. He also creates educational content on LinkedIn to teach people new techniques in penetration testing and help them stay up-to-date with the latest industry trends.
William is a Senior Consultant with extensive GRC (Governance, Risk, and Compliance) experience and has assisted many organizations in compliance and risk management efforts. He has led and assisted in large-scale audits and compliance efforts for various organizations and has broad knowledge of different control frameworks. He holds the CC and CCSFP certifications and is passionate about assisting clients in their current regulatory compliance requirements and preparing them for future requirements through readiness assessments.
Yesica is an experienced marketing professional with over six years in digital marketing. During her career, she has effectively planned and implemented digital marketing campaigns on different channels such as social media, email automation, paid ads, and content creation, with a focus on lead generation and brand awareness. Having worked with agencies and private companies across Baja California, Guadalajara, and Mexico City, Yesica has cultivated a versatile skill set by working with clients from different industries such as Software As a Service, telecommunications, tourism, among others.
Kelsey is a Risk Advisory Consultant with over 6 years of combined risk, governance, and consulting experience. Most recently, Kelsey was a Senior Security GRC Analyst at a large retailer where she performed risk assessments, created processes to identify new sources of technology risk, and updated cybersecurity policies and procedures. She is passionate about helping clients to integrate security and risk management into their daily processes.
Zach is a Cybersecurity Consulting professional with extensive experience in assisting organizations in achieving their Risk Management and Compliance objectives. As a holder of the CCSFP and CISA certifications, his primary focus revolves around guiding organizations to fulfill their security requirements while ensuring compliance with various regulatory and compliance standards.
Michael began his career as a security analyst and wanted to learn more about the offensive side of the field, so he self-studied while working and got his eCCPT. Michael has led internal and external assessments for companies in banking, retail, health and government. He has also done numerous successful covert entry and social engineering engagements for companies across the US.
Nate is a Cybersecurity Consultant at Echelon with over 14 years of experience in IT, including security, network, and system engineering. Most recently he was an Information Security Analyst primarily responsible for vulnerability management for a Financial Services organization. His passion is helping and empowering technical people in implementing better security practices.
Kris is a recent graduate of Roger Williams University holding a B.S in Cyber Security and Networking, with a focus in Web Application and Network Penetration Testing. With his education and experience, Kris is well-equipped to tackle the challenges of the rapidly evolving cybersecurity landscape. During his free time, Kris presents how to get into cybersecurity to high school students. He also participates in Capture the Flag events to keep his penetration testing skills sharp.
Diego is an Offensive Security Consultant at Echelon with over 4 years of experience in the cybersecurity field. He has worked as training personnel at a notable cybersecurity training company. He also has been part of a bug bounty company where testing vulnerabilities and exploiting them was part of his main activities. A web developer specializing in e-commerce websites. A malware developer and reverse engineering enthusiast.
With a robust background in cybersecurity governance, risk, and compliance, adept at conducting comprehensive assessments, establishing baselines, and implementing controls, Mariah brings a deep passion for securing digital landscapes. Alongside her professional pursuits, she finds joy in traveling and is driven by a relentless commitment to ongoing learning.
Jose Luis has three years of experience working in cybersecurity companies, managing multiple areas such as finance, people management, and the operational part of the business. He is passionate about process improvement, time optimization, and good resource management. Jose has proactively identified and developed functional areas, enhancing operability in its most complex aspects. As an Operations Manager, he has led a team of dedicated specialists in navigating high-pressure environments. His strategic decision-making and meticulous coordination are pivotal in optimizing processes and ensuring seamless execution across all operational facets.
Claudia is the Project Operations Associate at Echelon with over 5 years of experience in Finance. Throughout these years Claudia has worked in developing projections and evaluations of sales and expense performance for business units and geography for 9 countries in Latin America and controlling an average revenue of 26M per quarter. She has experience in doing analysis and reporting that helps different teams such as Operations, Accounting, and the CFO to understand the financial health of the business and to look for improvement solutions.
Daniela, a recent graduate of ITESO, earned her B.S. in cybersecurity and networking. Throughout university, she acquired pentesting experience by actively participating in CTFs and identifying vulnerabilities in web applications. As a Cybersecurity Associate, Daniela currently specializes in web security implementation and research. She is particularly passionate about building Zero Trust infrastructures. One of her main objectives is to inspire students to explore the vast world of cybersecurity and encourage them to pursue careers in the field.
Ernesto is a computer science student at Tecnológico de Monterrey in Guadalajara with a minor in Artificial Intelligence. He has experience in software development and a strong interest in risk advisory and pen testing. During his internship, he will learn to help organizations and individuals secure their systems and protect their sensitive information from cyber threats.
Mitchel is studying Cybersecurity and Networking at Roger Williams University with a focus on Reverse Engineering and Malware Analysis. He has experience doing cybersecurity research and development. During his internship, he will be focusing on learning more about defensive security and malware analysis.
Renata Uribe is a senior B.S. student in Data Science and Mathematics Engineering with a Minor in Advanced Artificial General Intelligence. As a former Microsoft Learn Student Ambassador, she has created events to promote women in STEM fields. She has experience working collaboratively and encouraging approaches to technologies, digital art, electronic literature, and creative writing. Renata also has completed projects in Natural Language Processing and Deep Learning, and has interest in cybersecurity, having performed pen testing and studied cryptographic algorithms, as well as developing a digital signature scheme project for electronic contract certification.
Brayden, a recent Purdue University Cybersecurity graduate, is now part of EchelonDefensive's team. With a focus on network security and zero-trust network architecture, he brings fresh ideas and a passion for learning. Brayden's internships across manufacturing, utilities, and finance sectors gave him practical insights into diverse cybersecurity challenges. He's known for his adaptability and application of knowledge in real-world scenarios, making him invaluable to clients. Beyond technical skills, Brayden is a leader, mentor, and advocate in the cybersecurity community, sharing insights through his newsletter and mentoring students to shape future experts.
Ben is a fourth-year university student pursuing a degree in Cybersecurity & Global Policy at Indiana University - Bloomington. He is the lead lab developer for the Cyber Security Club at Indiana University, creating interactive labs for beginner and advanced students. Ben has a strong passion for network security and computer networking, specifically focusing on offensive security. During his internship, Ben aims to develop a robust understanding of offensive security and improve my skills in identifying and mitigating security threats, while exploring my own interests in this vastly expansive field.
J.R. Hurd is presently in his senior year at Purdue University. He is pursuing a double major in Cybersecurity and Network Engineering Technology, with plans to graduate in May of 2024. J.R. has a passion for hiking, rock climbing, and engaging in board games with friends. Additionally, he is an active member of the Cyber Defense Competition Club and participates in the Purdue University Dance Marathon.
John Blanzy is a Risk Advisory Associate with a BBA majoring in Cybersecurity Management and an MBA from Northwood University. He has experience in information security aiding in the implementation of ISO27001 and FedRAMP controls along with spearheading the vulnerability management process. In addition to this he has aided in investigative work within the cyber threat intelligence community. He is passionate about continuous learning and developing security culture within a company.
Lindsay is a Linux-certified Cybersecurity Associate with a Bachelor's degree in Information Technology & Informatics from Rutgers University. In college, she worked as a Computer Lab Consultant for the Rutgers Office of Information Technology. This position allowed her to develop excellent interpersonal and problem-solving skills. Lindsay also has exposure to containerization concepts and has experience deploying and manipulating Kubernetes objects. In her free time, she enjoys reading, writing, and attending spin classes. Lindsay is passionate about cybersecurity and looks forward to contributing to the Risk Advisory team.
Drew is currently pursuing a double major in Cybersecurity and Criminal Justice at Thomas College. He has a strong passion for consulting, advising, regulatory compliance, risk management, and defensive security within the cybersecurity field. Additionally, Drew also has a passion for sports, hanging out with friends, and video games. During his internship, Drew aims to gain more experience and develop an understanding of the vCISO advisory service and defensive security.
Maanav is a Cybersecurity student at Purdue University. He's a huge sports fan and loves both watching and playing. His favorites are basketball, football and recently golf. His passion for cybersecurity stemmed from a love for computers and technology. He is excited to be a part of the offensive security team!
Hassiell is studying Computer Engineering at UVEG and is strongly passionate about both cybersecurity and music. He considers himself more of a musician than an IT professional. Hassiell has experience in cybersecurity, having been part of a SOC team and an IR team. He enjoys CTFs, playing guitar, fighting games, and eSports. Eager to join Echelon's amazing team, Hassiell brings a unique blend of technical expertise and creative passion.
Cole is a second-year student at Miami University studying Cybersecurity Management and Business Analytics in the Farmer School of Business. Professionally, he interested in the unique intersection between cybersecurity and consulting. At Miami, Cole serves as the Director of Marketing and Social Media for the Miami University Cybersecurity Club. Through the John W. Altman Institute for Entrepreneurship, he acts as a student organizer for TechStars Startup Weekend and Social Innovation Weekend. During his internship, Cole aims to develop his understanding of risk advisory and information security services.
Pamela is a second-year Computer Science student at ITESM with a passion for technology and programming. As a current GitHub Campus Expert, she is dedicated to building a strong community of women in STEM at her university. With a keen interest in cybersecurity, Pamela is excited to join the defensive security team and contribute to their efforts.
Abby graduated Duquesne University in 2024 with a Bachelor’s in Business Administration she is currently pursuing her Master’s in Business Administration at Duquesne University. In her undergraduate studies she competed for the Dukes on the women’s swimming and diving team. She Also competed on the Duquesne Sales team, representing Duquesne on a national level. She is very excited to bring competitive energy to the Echelon Team as an intern!
Niko is studying business at Miami University in Oxford Ohio. He has experience running social media accounts for his universities’ athletic programs. He also has been a part of the marketing team for the athletic program as well. At Echelon, he manages social media accounts and enjoys coming up with creative marketing solutions.