Adam Goslin, Chief Operating Officer(COO), brings over 15 years of Information Technology / security experience with deep experience in the realms of process and compliance management. Starting his career in development, he quickly escalated into a leadership role, presiding over the entire System Development Lifecycle for several organizations, leading their Information Technology efforts. This management experience, spanning more than a decade, covered everything from requirements gathering and documentation, through development and developer testing to implementation of these changes via change management into the production environment. In addition, Adam was responsible for all aspects of infrastructure and vendor management across several disparate infrastructures, programming languages, development methodologies and operating systems. With that backdrop of experience, Adam pursued his passion of IT security - focusing on all inclusive engagements to navigate companies through PCI Compliance. All of the aforementioned qualities make him well qualified to bridge the gap between the needs of our customers and the technical staff at High Bit Security.
Adam's guidance allows High Bit to achieve cost reduction in penetration testing through efficient business process, without compromising on test coverage and ensuring the utilization of qualified personnel. Our business processes are designed to ensure early identification of all pertinent information, smooth process flow through the testing engagement and clear, timely communication with customers. These processes result in detailed, timely finding reports that foster a smooth remediation process that drastically reduces time, mistakes, rework, and client misconceptions.
Adam has worked on several end-to-end Payment Card Industry Data Security Standards compliance engagements, bringing these customers from GAP analysis through achieving PCI compliance. His deep technical knowledge in conjunction with his experience with all aspects of PCI DSS compliance allows him to lead our PCI DSS compliance engagements, bringing to bear his experiences on behalf of our customers. His experience spans vendor selection for open issues in our customer GAP analysis, and his broad knowledge of currently available security offerings and vendors is an invaluable benefit to the customers engaging High Bit Security for their PCI compliance engagements. His process for bringing customers through the compliance engagements ensures they are spending their dollars wisely, and leveraging a process that maximizes customer benefit from their expenditures. This results in a streamlined, efficient methodology that guides the customer to achieving their compliance in a cost effective, yet efficient manner.
Jon Coon, Chief Technology Officer(CTO), is a GSEC certified information security professional with over 10 years experience in application and network security, incident response and policy development, and three years experience in PCI-DSS compliance issues. Jon conducted his first application layer penetration test in 2001, and his first penetration test for PCI compliance in 2007.
Jon's past experience includes over fifteen years programming experience in client-server, database, web and e- commerce applications in several languages, architectures and platforms. In addition to conventional programming, his experience includes having personally written PCI compliant web application firewall solutions, encryption key management solutions, and central logging solutions.
Jon's security experience includes subcontracting and re-branding penetration testing services on behalf of certified QSA and ASV companies. He has personally conducted hundreds of penetration tests for PCI compliance for QSA and ASV business partners, in addition to testing performed directly for end clients. He has extensive experience with PCI penetration testing, including facilitating and coordinating communication and deliverables with QSA companies engaged in audit.
His deep testing experience does not end with PCI related testing. He has tested and subsequently compromised systems housing national law enforcement data, systems requiring HIPPA compliance, and numerous private, municipal, county and state government systems.
As High Bit's technical leader, Jon has mandated that all penetration tests are conducted by certified security professionals. PCI-DSS does not specify which certifications are appropriate for penetration testing. In fact, PCI-DSS does not specify that any certification is required. High Bit requires its penetration testers to hold at least one of the following industry recognized professional certifications: GSEC, GWAPT, GPEN or CEH. In addition, our penetration testers are required to have real world web development experience in at least two base languages, frameworks and platforms.