Mike Ortlieb

Mike is a Senior Director in Protiviti’s Orlando Technology practice.  He has over 18 years experience in the Information Security field.  At Protiviti, Mike leads the threat hunting / proactive breach assessment practice and oversees client engagements related to information security program management, compliance, and technical security assessments.  This includes vulnerability assessments, cyber threat intelligence analysis, threat hunting, penetration testing, PCI compliance consulting projects and computer forensic investigations.  Mike is also a member of the Protiviti national information security practice and the Qualified Security Assessor (QSA) team.

Major Projects

• Mike has led multiple compromise assessments and threat hunting engagements for Protiviti’s clients, including the design and implementation of detection capabilities, threat modeling exercises, performing threat hunting in client environments, and supporting breach response projects.
• Mike has led the development and execution of Incident Response Tabletop exercises for Protiviti’s clients.  This involves scenario and content generation, facilitation and post-exercise analysis of team performance as well as providing recommendations for future enhancement.
• Mike has led and performed multiple internal and external penetration tests for Protiviti’s clients in the financial services, healthcare, insurance, hospitality and retail industries.  These penetration tests include discovering network and application layer flaws using both automated and manual techniques as well as social engineering attacks.  At the conclusion of each penetration test, Mike also provides recommendations, guidance and reporting to management on remediation strategies.
• As a QSA, Mike performs the PCI-DSS audit procedures and creates the Report on Compliance (ROC) for Protiviti’s clients in the retail, hospitality, restaurant, and healthcare industries.  Mike leads the assessment effort, assists with remediation strategies and provides training and support to client personnel.

Areas of Expertise

• Incident Response
• Information Security
• Threat Hunting
• Cyber Threat Intelligence
• Penetration Testing
• PCI-DSS Compliance

Industry Expertise

• Hospitality
• Healthcare
• Restaurant & Retail
• Financial Services

Education

• B.S. – Computer Science, University of Central Florida
• Graduate Certificate – Computer Forensics, University of Central Florida

Professional Memberships and Certifications

• CISSP
• GPEN
• GWAPT
• PCI-QSA