Co-Founder & CTOLinkedin Twitter Github
Jon leads the development of all Seiso services, primarily focused on Simple yet effective solutions for highly complex environments like Kubernetes and cloud-native applications.
Jon takes an active role in contributing to the information security field, authoring and contributing to industry standards, including the Center for Internet Security Benchmarks, and joining advisory boards and working groups for organizations such as the Cloud Native Security Foundation's Security Special Interest Group (CNCF SIG-Security), the Open Source Security Foundation, the Apache Software Foundation, and numerous local schools and colleges.
He is a direct contributor to the Apache Metron project, an open-source big data tool for security monitoring and analysis, and the OSSF Security Tooling and Best Practices for Open Source Developers working groups, and he is the primary maintainer for Seiso's Open Source initiatives.
He has presented at dozens of conferences, including events such as the Three Rivers Information Security Symposium, the Pittsburgh ISC2 chapter, BSides Flood City, Pittsburgh InfraGard, and the Northeast Ohio Information Security Forum.
Prior to Seiso, Jon spent years implementing security solutions to protect companies such as Carnegie Mellon University, American Eagle Outfitters, and PNC Bank. He is also active in the Pittsburgh IT security community as the founder of PittSec, a local infosec community with over 600 active members, founder of Steel City Information Security, Pittsburgh’s largest information security user event with over 900 members, and a core organizer of BSidesPGH, an annual community-organized information security conference.
Additionally, other areas of Jon’s expertise include:
- DevOps and Static Code Analysis
- Secure Infrastructure as Code
- Linux Systems Security
- Network Security Monitoring
- Vulnerability Identification, Exploitation, and Remediation
- Log Aggregation and Analysis
- Distributed Application Security
- Enterprise Secrets Management
- Public Key Infrastructure
- Security Orchestration and Automation
- System Monitoring and Hardening
- Security Controls Validation
Additionally, Jon maintains dozens of certifications, including numerous expert-level achievements in the areas of Linux, Secure Software Development, Penetration Testing, Virtualization, Microsoft Systems, Network Security, and the age-old ISC2 CISSP. He also holds three undergraduate degrees in the information technology and security and forensics fields.Insights Jon Zeolla