Protiviti Contact

Protiviti Contact

Michael Lyons

Managing Director

Professional Experience

Michael Lyons is a Managing Director in the Tampa office of Protiviti, providing clients with Security and Privacy Consulting.  Michael has more than 15 years experience within IT and IT Security.  As a Managing Director in the Tampa office, he focuses on Security and Privacy consulting projects for large multi-national organizations across the globe working in the US, Europe, and AsiaPac markets.  Michael has lead security projects ranging from assessments to multi-million dollar enterprise wide engagements. Michael is the Telecommunications lead within Protiviti and has 10 years direct experience within telecommunications.

Major Projects

  • Lead for Managing Director Advisory Services for global telecommunications company including network architecture for segmentation strategy, implementation of vulnerability management program and building penetration testing lab to include application testing program.  Initial design of architecture performed to look at border gateways, packet switching, interior VLAN designs and organizational groups created.  Program was robust to include network, systems, encryption, security tools, SDL, patch management, IDAM/PAM, logging, testing and governance.
  • Global lead for security remediation project.  Specific components for the program include security operations, advisory, implementation, and compliance. Specific projects include, PCI DSS Compliance, CIS Hardening, Penetration Testing, End Point Deployment leveraging CrowdStrike and Symantec DLP, Cloud Security to include Netskope and Palo Alto, Enhanced Security Monitoring with Exabeam, Log Migration via Splunk, creation of control testing procedures for over 380 controls identified with ServiceNOW as enterprise applicable, maturation and execution of Vulnerability Management to include daily operations and acting Chief of Staff to the CISO.

  • Lead for global implementation to reduce PCI DSS compliance requirements through deploying P2PE solution and leveraging iFrame for 11B multi-national retail company.  Program was mapped to leverage an approved P2PE solution for descoping of brick and mortar locations.  Project was executed to implement iFrames for descoping of webservers (leveraging outsourced datacenter).  Migration of call centers to compliant third parties reduced the annual PCI DSS compliance burded from 12 months to 4 months and costs down by 75%.

  • Expertise in building vulnerability management programs.  Have implemented programs to three multi-national companies.  Performed initial vendor analysis for tool selection along with examination of assets both catalogued via CMDB or other tools and then catalogued via console (sample consoles used are Nexpose/Nessus).  Upon review of assets and tuning of tools, built custom dashboards for scanning results along with creating schedule of events.  Built cross team program working in collaboration with IT Operations to create robust patch management program as a results of scanning, including prioritization, testing and roll out.

Areas of Expertise

  • Corporate Security Operations
  • IoT Based Security
  • Telecommunications Security
  • 5G
  • SOC/SIEM
  • Vulnerability Management
  • PCI DSS

Industry Expertise

  • Telecommunication
  • Retail
  • Energy

Education

  • MBA Georgia State University (Dec 2005)
  • BBA - Finance, University of Georgia (Dec 2000)

Professional Memberships & Certifications

  • CISSP
  • CISA
  • QSA