Derek guides a team of cybersecurity professionals focused on helping federal contractors build or remediate their cybersecurity programs to meet DFARS 252.204-7012 and CMMC Level 2. In his role, Derek supports the design and enforcement of the CMMC requirements on client in-scope networks .
He is also responsible for supporting the clients of Aethon Security with thoroughly documenting the compliance of their Covered Contractor Information System through a System Security Plan (SSP) written to NIST SP 800-171A and gathering supporting artifacts.
Prior to starting Aethon Security, Derek was the Director of Cybersecurity Operations of a Managed Security Service Provider (MSSP) and the Deputy CISO of a CMMC 3rd Party Assessment Organization (C3PAO). While at the MSSP, he led a team that guided 2 defense contractors through 110-perfect score Joint Surveillance Voluntary Assessments – the equivalent of CMMC Level 2 certification assessments.
Derek holds the Certified Information Systems Security Professional (CISSP) and Certified Cloud Security Professional (CCSP) certifications from ISC2, the Certified CMMC Assessor (CCA) certification from the Cyber AB, and a Master of Business Administration from William and Mary’s Raymond A. Mason School of Business.
Explore Aethon Security’s comprehensive services, from compliance support to advanced threat protection and risk management
