Steven C. Landes, Developer in Troy, OH, United States
Steven is available for hire
Hire Steven

Steven C. Landes

Verified Expert  in Engineering

Security Engineer and Software Developer

Troy, OH, United States

Toptal member since October 25, 2023

Expertise
CybersecurityGoogle SoftwareSystem SecurityTechnical WritingSOC 2( Service Organization Control)Ethical HackingAWSWindows DevelopmentSwift
Bio

Steven is an expert in risk and information security with a rich background in cyber intelligence, risk management, and security operations. His transformative work in the military and private sectors has proven his ability to elevate organizational cyber resilience and strategic risk capabilities, benefitting from his expertise and leadership in navigating complex security landscapes. Steven has also worked for Citi, managing the cyber threat intelligence (CTI) regulator.

Portfolio

Abbott Laboratories
Writing & Editing, Creative Briefs, Risk Management, Security Audits...
Citi
Swift, Predictive Analytics, Technical Writing, Copywriting, Cybersecurity...
National Air and Space Intelligence Center
Analysis, Palantir, Learning, University Teaching, Technical Writing...

Experience

  • Writing & Editing - 20 years
  • Analysis - 15 years
  • Predictive Analytics - 13 years
  • Risk - 13 years
  • Strategic Planning - 13 years
  • Cybersecurity - 13 years
  • Negotiation - 10 years
  • Third-party Risk - 8 years

Availability

Full-time

Preferred Environment

Windows, Mandiant, CrowdStrike, CISO, SOC Compliance

The most amazing...

...thing I've done is working with ARC, where I ran daily intelligence calls for the top 16 financial institutions, shaping responses to systemic risk in finance.

Work Experience

Cyber Threat Intelligence Manager

2021 - PRESENT
Abbott Laboratories
  • Acted as Abbott's representative for eight subgroups of the Healthcare Sector Coordinating Council (HSCC), including supply chain, risk assessment, metrics, IRBC, and five-year planning.
  • Provided real-time, actionable intelligence as the trusted point of contact for internal stakeholders faced with threat actor activity affecting clients or suppliers, equipping them with facts and coaching on client or supplier conversations.
  • Built an efficacious intel operation, doubling its size in five months.
  • Participated as a key author to senior leadership and board papers on emerging cyber concerns in the changing threat landscape.
Technologies: Writing & Editing, Creative Briefs, Risk Management, Security Audits, Technical Writing, Copywriting, Cybersecurity, NIST, Security, IT Security, GRC, Enterprise Risk Management (ERM), Network Security, SOC Compliance

Cyber Business Engagement Manager

2016 - 2021
Citi
  • Acted as Citi's representative on the 19-strong group of FS Partners of the Analysis and Resilience Centre for Systemic Risk (ARC) and identified Citi's risk enablers in the risk steering committee and risk register working group.
  • Worked as the liaison for the National Cyber-Forensics and Training Alliance (NCFTA) with international law enforcement partners, including the FBI, Interpol, and Europol, as well as SWIFT and interbank systems on fraud remediation and recourse.
  • Managed the cyber threat intelligence (CTI) regulator, audit, and compliance team to centralize and deconflict Revenue Acquisition Cost (RAC) responses.
  • Instituted a CTI component into Know Your Customer (KYC) programs for large payment systems clients.
  • Enabled businesses to respond better and faster to cyber threats identified by mapping risk and controls, identifying controls owners and the levers they can pull to ensure business continuity.
  • Conversed with internal stakeholders when intelligence showed activity affecting clients or suppliers, equipping them with key facts to enable action and coaching them to conduct open conversations with their clients, CFO-level clients, or suppliers.
Technologies: Swift, Predictive Analytics, Technical Writing, Copywriting, Cybersecurity, NIST, Security, IT Security, GRC, Enterprise Risk Management (ERM), Network Security, SOC 2, SOC Compliance

Cyber Campaign Analysis Lead

2010 - 2016
National Air and Space Intelligence Center
  • Acted as one of the earliest analysts to see the potential of cyber in military strategy, including cyber intel in planning and shaping roadmaps for cybersecurity initiatives.
  • Assessed adversarial computer network operations (CNO) responses to US operations and developed their non-kinetic strategic course for two military combatant commands' operational and contingency planning (OPLAN and CONPLAN) production.
  • Defined a cyber doctrine for Asian and European adversary countries, distilling adversary abilities to complement, supplement, or utilize them in complex scenarios.
  • Participated as a power user and subject matter expert, helping Palantir develop a repository and an ontology for cyber to be nested within the intelligence community's primary link analysis software.
  • Wrote multiple entries for the Presidential Daily Intel Brief for President Obama.
  • Presented to the government board of scientists, including three-star generals (and below), and made other presentations in classified channels.
  • Taught as an adjunct graduate program professor for cybersecurity and intelligence studies.
Technologies: Analysis, Palantir, Learning, University Teaching, Technical Writing, Copywriting

Trooper

2006 - 2007
Ohio State Highway Patrol
  • Applied analytical skills in organization, assessment, and consolidation while working with the Cincinnati Police on drug and aggressive driving interdiction missions.
  • Addressed legal violations safely within the applicable jurisdiction.
  • Led the post in arrest and follow-up for criminal cases.
Technologies: Law Enforcement

Experience

Supplier Maturity Assessment Support

Navigating a client through a supplier cyber maturity assessment proved vital in securing a contract with a major bank, requiring a thorough evaluation of the supplier's cyber resilience and security practices. We began with a comprehensive review of their security policies, procedures, and controls, ensuring alignment with the bank's stringent cyber security requirements.

Focusing on key areas such as data protection, network security, access control, and incident response capabilities, a gap analysis was conducted to identify areas of improvement. and a remediation plan was established to address identified weaknesses. Throughout the process, clear and consistent communication was maintained with the supplier, providing guidance, best practices, and expert advice to enhance their cyber security posture.

By demonstrating a commitment to cyber maturity and implementing robust security measures, the supplier was able to meet the bank's standards, ultimately facilitating the acquisition of the contract. This reinforced the importance of cyber resilience in supply chain management and my ability to effectively guide clients through complex cyber security assessments, solidifying trust and fostering long-term partnerships.

Education

2021 - 2022

Master's Degree in Executive Business Administration

Quantic School of Business - Washington, DC, United States

1999 - 2003

Bachelor's Degree in History / East Asian Studies

Wittenberg University - Springfield, OH, United States

Certifications

JULY 2023 - PRESENT

CISSP

ISC2

AUGUST 2021 - PRESENT

Real World Risk Certification

Real World Risk Institute

Skills

Tools

Google Workspace

Industry Expertise

Cybersecurity, E-learning, Marketing

Paradigms

HIPAA Compliance

Languages

Swift

Platforms

Windows, CrowdStrike, Amazon Web Services (AWS)

Other

Strategic Planning, Negotiation, Risk, Writing & Editing, Analysis, Third-party Risk, Security, Learning, University Teaching, Country Risk, CISSP, Leadership, Predictive Analytics, Systemic Risk, Risk Management, Security Audits, NIST, Security Management, Cloud Security, IT Security, Google, Identity & Access Management (IAM), Web App Security, ISO 27001, Ethical Hacking, Certified Ethical Hacker (CEH), Technical Writing, Copywriting, GRC, Enterprise Risk Management (ERM), Network Security, CISO, SOC 2, SOC Compliance, Mandiant, Finance, Ethics, Program Management, Communication, Research, Culture, Creative Briefs, Palantir, Law Enforcement, Auditing, Risk Assessment, Tail Risk

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring