ABOUT US
Our Expertise is Discreet.
Your Success is Our Mission.
While our consultants’ identities remain confidential, their impact on your success is unmistakable. At Phalanx Security, we bring a unique blend of professionalism, creativity, ethics, passion, and effectiveness to every project. Our team members have walked in your shoes, with years of hands-on experience as CISOs, cybersecurity directors, and industry experts.
They have secured and protected Fortune 500 companies and government agencies, managing budgets in the millions and headed successful cybersecurity firms. With a deep understanding of your challenges, Phalanx Security is more than just a team of consultants — we’re your partners in achieving measurable, high-value cybersecurity outcomes, all at a reasonable price.
Select a Link Below to Learn More About One of Our Real Team Members
-
OT/Industrial Control Systems Security Specialist has spent the majority of his career securing national critical infrastructure and systems, including both energy production and distribution networks, as well as telecommunications networks and systems. With a unique skill set converging offensive and defensive security with software development, he has worked on several significant critical infrastructure projects at a national laboratory, where he was previously a Principal Member of their technical staff.
Operating in the cybersecurity domain, he provides advisory services to clients who operate at the boundary of physical and electronic security. His areas of expertise include telecommunications networks, SCADA devices, electronic surveillance, IoT devices and protocols, and DevSecOps within critical infrastructure industries.
——————
INDUSTRY POSITIONS HELD
• Principal Member of Technical Staff at a national laboratory
• Chief Technology Officer at a cybersecurity firm
——————
SKILLS
• Cybersecurity (Physical/Electronic)
• Critical Infrastructure Defense
• Wireless Network Security
• DevSecOps
• Offensive Security
• Critical Infrastructure Best Practices (e.g., NERC/FERC)
• Security Architecture and Design
• Security Tool Development (Python, C, Go)
——————
INDUSTRY CERTIFICATIONS AND CLEARANCES
• OSCP (Offensive Security Certified Professional)
• Linux Foundation CKA (Certified Kubernetes Administrator)
——————
FORMAL EDUCATION
• M.S., Electrical and Electronics Engineering
• B.S., Electrical and Electronics Engineering
-
Senior Security Engineer with a proven track record of success in safeguarding critical assets across various sectors, including Federal Government Agencies, Healthcare, Manufacturing, and Financial Services. Over 15 years of expertise in information security strategy, penetration testing, social engineering defense, authentication and encryption technologies, policy development, incident management, wireless network security, and intrusion detection/prevention.
——————
INDUSTRY POSITIONS HELD
• Private Equity Firm: Associate Vice President, Security Engineering and Operations
• Big Four Accounting Firm: Senior Security Consultant
——————
SKILLS
• Information Security Strategy: Excels in devising comprehensive security strategies tailored to the unique needs of each client, ensuring robust protection against emerging threats.
• Network and Application-Layer Penetration Testing: Conducts thorough penetration tests to identify vulnerabilities in networks and applications, fortifying defenses against potential breaches.
• Social Engineering Defense: Evaluates and fortifies defenses against social engineering attacks, mitigating the risk of unauthorized access.
• Authentication and Encryption Technologies (e.g., PKI): Possesses deep expertise in implementing and managing authentication and encryption technologies, safeguarding sensitive data from unauthorized disclosure.
• Policy, Standards, and Procedures Development: Develops comprehensive security policies, standards, and procedures aligned with industry best practices, fostering a culture of compliance and risk mitigation.
• Incident Management and Response: Orchestrates effective incident response strategies, minimizing the impact of security incidents and restoring normal operations promptly.
• Wireless Network Security: Specializes in securing wireless networks, implementing robust security measures to mitigate the risks associated with wireless communications.
• Intrusion Detection and Prevention (IDS/IPS): Deploys cutting-edge intrusion detection and prevention systems, proactively identifying and thwarting potential threats before they can compromise organizational assets.
——————
INDUSTRY CERTIFICATIONS AND CLEARANCES
• ISC2 CISSP (Certified Information Systems Security Professional)
• ISACA CRISC (Certified Risk and Information Systems Control)
• TS/SCI Clearance, w/Full Polygraph
——————
FORMAL EDUCATION
•. B.S., Applied Physics
-
An Offensive Security Specialist with over ten years of experience designing, implementing, and testing security solutions. As an Offensive Security Certified Professional (OSCP), possesses deep knowledge and hands-on experience utilizing real-world attacker techniques to exploit operating systems, applications, and services. Passionate about teaching both advanced security assessment techniques and modern defensive security strategies to a new generation of information security professionals.
——————
INDUSTRY POSITIONS HELD
•. Offensive Security Instructor for a leading defense contractor
• Senior Network Engineer for a major communications firm
• Network Security Analyst for a global technology company
——————
SKILLS
• Application-Layer Penetration Testing
• Cyber Security Training
• Custom Security Tool Development (Python)
• Network Routing Analysis (BGP, OSPF)
• Packet Capture and Analysis
• Firewall Configuration Analysis
• Security Forensics and Incident Response
• Independent Security Research
——————
INDUSTRY CERTIFICATIONS AND CLEARANCES
• OSCP (Offensive Security Certified Professional)
• CEH (Certified Ethical Hacker)
• Cisco CCNA Certified Networking Associate)(
——————
FORMAL EDUCATION
• B.S., Management of Information Systems
-
Senior Security Engineer with over fifteen years of experience successfully defending highly-targeted U.S. government departments and agencies, as well as major U.S.-based corporations across multiple industries. Areas of expertise include offensive security, incident response, and cybersecurity strategy. Previously, worked as the Security Operations Center (SOC) Lead for a major government research agency, leading a team to provide 24x7 security analysis and engineering services. As a Security Operations Branch Chief and an Information Security Specialist, provided enterprise-wide IT security and engineering support to executive-level government offices.
——————
INDUSTRY POSITIONS HELD
• SOC Lead/Senior Cybersecurity Engineer at a major government research agency
• Branch Chief/Cybersecurity at an executive-level government office
——————
SKILLS
• Offensive Security/Red Teaming
• Incident Response
• Internet of Things (IoT) Assessments
• Cybersecurity Strategy
• Social Engineering
• Security Operations Center (SOC) Development/Ops
• Wireless Network Security
• Building Cyber Security Programs
——————
INDUSTRY CERTIFICATIONS AND CLEARANCES
• ISC2 CISSP (Certified Information Systems Security Professional)
• OSCP (Offensive Security Certified Professional)
• CISM (Certified Information Security Manager)
——————
FORMAL EDUCATION
• M.S., Information Security and Assurance
• B.S., Computer Science (Magna Cum Laude)
• B.A., Mathematics
-
Web Application Security Specialist is an experienced CISO, security architect, threat analyst, web application penetration tester, and software developer. Holding a D.Sc. degree in Cybersecurity, with over 20 years of professional experience that includes network, data, application, and security architecture as well as programming across multiple languages including Java, .NET, C/C++, Python, HTML5/Web 2.0, and others. Conducts extensive industry talks and training sessions on topics such as malware analysis, threat modeling, and web application penetration testing.
——————
INDUSTRY POSITIONS HELD
• CISO for Risk, Fraud, and Compliance at a global information services company
• Chief Application Architect (J2EE) at a health services company
——————
SKILLS
• Application-Layer Penetration Testing
• Secure Programming Training
• Threat Modeling
• Software Development in Multiple Languages
• Software Development and DevSecOps
• SDLC Optimization
• Security Forensics and Incident Response
• Independent Security Research
——————
INDUSTRY CERTIFICATIONS AND CLEARANCES
• CEH v7 (Certified Ethical Hacker)
• CISSP (Certified Information Systems Security Professional)
• CRISC (Certified in Risk and Information Systems Control)
• CSSLP (Certified Secure Software Lifecycle Professional)
• SANS GIAC GSSP-Java (GIAC Secure Software Programmer-Java)
• SANS GIAC GSSP-NET (GIAC Secure Software Programmer-.NET)
• SANS GIAC GWAPT (GIAC Web Application Penetration Tester)
• SCEA (Sun Certified Enterprise Architect)
• SCJP (Sun Certified Java Programmer)
——————
FORMAL EDUCATION
• D.Sc., Cybersecurity
• M.B.A., Information Systems Management Concentration
• B.S., Management of Information Systems
• B.A., Political Science (Pre-Law)
John Linkous
Founder and Principal Advisor
John Linkous, the Founder and Principal Advisor of Phalanx Security, brings over 30 years of consulting experience and is a trusted advisor to CISOs, CIOs, and CTOs across both Fortune 500 and mid-market businesses. He founded Phalanx Security to provide comprehensive cyber security services. John is both a successful technology entrepreneur and a hands-on security and compliance expert who has operated from the data center to the boardroom throughout his career. A frequently sought-after security, privacy, and information assurance professional, John has managed and delivered highly successful projects to a broad range of customers, including multiple engagements with global organizations in financial services, technology, healthcare, and manufacturing sectors.
John’s areas of expertise include identity and access management, cyber threat management, IT GRC, security program development, and security awareness training through gamification techniques. He is a recognized thought leader in the information security space and has been a contributor to numerous publications including Network World, Information Week, IT Security Journal, and the RSA Conference blog. He has also been quoted in publications including CSO Magazine, ComputerWorld, Dark Reading, eWeek, Government Security News, SC Magazine, Public Power, American Banker, Wall Street & Technology, Bloomberg, CNN, and USA Today. He regularly engages security professionals with unique, compelling, and thought-provoking presentations and panel discussions at major security events, including RSA Conference, FOCUS, GFIRST, and FedSMC, and he is actively involved in promoting information security education, awareness, and training.
––––––
Industry Positions Held
• Global Director, Identity and Access Management at NYSE/Euronext, New York, NY
• Senior Network Consultant at NASA Goddard Space Flight Center, Greenbelt, MD
• Recipient of NASA’s Individual Contractor of the Year award
• Executive Technology Consultant/CTO at Burger King Corporation, Miami, FL
• Chief Information Security Officer at eIQnetworks, Inc., Boston, MA
––––––
Skills
• Identity and Access Management
• Cyber Security Metrics
• IT Governance, Risk and Compliance (GRC)
• Cyber Security Strategy, Program Development, and Roadmapping
• Security Awareness and Training
• Security/Technology Vendor Evaluation and Advisory
• Project Management (PMBOK Methodologies)
––––––
Formal Education
• B.A., History and English, University of Maryland, College Park, MD