Cloud Security Partners was founded in 2017. Today, it is a leading provider of cloud and application security solutions. Since our founding, we have reviewed hundreds of applications for vulnerabilities and thousands of cloud implementations for our clients. Through it all, it's been our mission to focus on customer security and success.
Our team of experts maintains a deep understanding of the security issues our clients face. We use our expertise and skills to create unique solutions to help our clients tackle these challenges. Our clients from very small startups with minimal footprints to the largest Fortune 500 financial institutions. Regardless of size, we deliver tailored solutions to each client for their security needs.
Founder and CEO
Michael McCabe founded Cloud Security Partners in 2017 to create and implement security solutions for a select number of clients. Since then, Cloud Security Partners has grown to become a recognized leader in cloud and application security. Michael’s focus on cloud-native software security coupled with his experience in cloud infrastructure and security enables him to help companies navigate security challenges with unique and client-tailored solutions.
Over the course of his career, Michael has led teams in startups and large financial institutions and guided them through their security journeys. He leads the OWASP Northern Virginia chapter, where he coordinated countless talks and meetups that hosted industry-leading experts. He has been a featured speaker at numerous conferences about application security, cloud security, and more.
When not chasing his two young sons around, Michael enjoys biking and being an amateur mechanic.
CTO
John Poulin leads Cloud Security Partners' technology and platform development. He is an experienced application security practitioner with over 10 years of experience in software development and security. Over his tenure, John has worked with many Fortune 500 companies and startups to perform secure code review, architecture, and design discussions, as well as threat modeling.
Previously, John served as a staff manager of product security engineering, a role in which he and his team focused on performing secure code review of features and services, performing threat modeling, and helping to ensure that Cloud Security Partners' software ecosystem moves toward security maturity. John has also served as the director of engineering, where he focused on leading engineering teams through multiple stages of security-focused product development.
John has given talks or training at many industry conferences, such as DEF CON, LASCON, DevSecCon, CactusCon, and Source, as well as various Ruby and OWASP events about practical application security.
In his free time, John enjoys spending time with his family, traveling, playing adult league softball, and making hot sauce.
Principal Engineer
Brian Henderson has dedicated his 20-year career to cybersecurity, gaining expertise across offensive and defensive security. He began with a focus on application and penetration testing before transitioning to securing cloud infrastructures for both startups and enterprises. In addition to his security expertise, Brian has recently worked as a software engineer, developing enterprise cloud security solutions, leading engineering teams, managing people, shaping product direction, and maintaining strong customer relationships. His broad experience allows him to bridge the gap between security, engineering, and business needs.
Outside of work, Brian enjoys spending time with his family, hiking, and playing board games.
Principal Cloud Security Architect
Marcus Richardson helps Cloud Security Partners' clients navigate complex cloud security and architecture challenges. Marcus assists application developers, cloud architects, and leadership teams in understanding security risks and creating and executing sound solutions. Over the past seven years, he has worked in the application and cloud security space and supported private and public sector organizations of various sizes.
Marcus has also instructed developers in secure coding and adhering to a security-influenced software development life cycle. He has created and curated educational content on application and cloud security. Marcus also has experience in managing and communicating clients' security workload, demand, and capacity metrics to efficiently tackle an organization's cloud security needs.
Outside of the security realm, Marcus enjoys working on various traditional and digital art projects, traveling the world with his wife and daughter, and continuing his quest to find the best ramen.
Principal Cloud Security Architect
Sami Sahi is a highly experienced Security-focused Technology Strategist with over 20 years of experience as a C-Suite Trusted Advisor and Principal Cloud Security Architect. He has managed projects and operations totaling $1 billion in the US public sector and Fortune 20 financial companies.
He has extensive experience in designing and implementing secure frameworks for governance, DevSecOps, and data-centric security for ML/AI and data science platforms. Additionally, he has experience in multiple cloud IaaS, PaaS, and SaaS architectures, disaster recovery and continuity of operations plans, and developing industry-leading certifications.
Sami Sahi is proficient in various technologies, including cloud platforms, networking, security, storage, and operating systems.
Principal Security Consultant
Brian Glas has over 21 years of experience in various roles in IT, with the majority in application development and security. In his "day job," he serves as department chair of computer science and cybersecurity at Union University in Jackson, Tenn. He helped build FedEx's Application Security team, worked on the Trustworthy Computing team at Microsoft, consulted on software security for years, and served as a project lead and active contributor for SAMM v1.1-2.0+ and OWASP Top 10 2017, 2021, and beyond.
Brian is a contributor to the RABET-V Program for assessing non-voting election technology. He holds several cybersecurity and IT certifications and is working on his Doctor of Computer Science degree in cybersecurity and information assurance.
Director of Customer Success
Alexandria focuses on project management and operations at Cloud Security Partners. Alex transitioned from academia, serving nearly 10 years in higher education. In her previous role, she served as a laboratory coordinator and lecturer. In this role, she was in charge of coordinating multiple classes, managed a staff of student employees, oversaw graduate teaching assistants, and taught multiple courses.
In her free time, she enjoys spending time with her family, traveling, cooking, and playing adult league volleyball and softball. She is active in the community as a den leader for Boy Scouts of America, as a PTO member, and other volunteer roles.
Senior Security Consultant
Robert Mikołajski has worked in the IT security field since 2009. His primary focus has been in offensive security. Robert specializes in application and network penetration tests, cloud security audits, and red team engagements. A curious mindset along with multiple years of hands-on pen testing experience has allowed Robert to effectively identify and exploit security vulnerabilities.
In his spare time, Robert enjoys working out, mountain trekking, and playing indie/RPG video games.
Senior Security Consultant
Sean Lyford is a Senior Security Consultant with Cloud Security Partners. He has over 11 years of experience within the information security and development fields. Sean focuses on application and cloud security practices.
Sean has a career of both application security consulting and software engineering. As a software engineer, Sean has experience with high-level web applications, AI/ML integrations, and network application development. With his experience as a software engineer, Sean is able to effectively communicate with development teams and provide remediation guidance and prioritization.
In his free time, Sean spoils good walks (i.e., plays golf) and enjoys video games.
Security Consultant
Jordan Darrah is a Security Consultant at Cloud Security Partners. Jordan's interest in IT started when she was working as a menswear fashion designer and bridal seamstress. Her designs included a G-coded Quentin Tarantino sweatshirt, a color-changing light-up wedding gown, and many ready-to-wear 3-D printed accessories. Since then, she has built a diverse technical background spanning hardware repair, systems administration, regulatory compliance, and penetration testing.
Currently, Jordan specializes in application and cloud security assessments, where she evaluates system vulnerabilities and conducts penetration tests. Jordan holds multiple industry certifications, including CISSP, eJPT, and CompTIA PenTest+. She also runs an OSCP study group along with a blog where she tries to break down concepts and tools for new security professionals.
In her free time, she enjoys sewing, crocheting, and reading too much. She also enjoys playing video games or exploring new parts of town on her bicycle.
