Jonathan E. Cox, MCSECOO, CISO & Managing Partner
areas of expertise
- Security Risk Assessments
- Security Infrastructure Design
- Incident Response Planning
- DR-BCP Advisory
- Compliance Advisory
- Internal Audit Services
- BS, Management Information Systems, USF
Jonathan serves as a Principal Security Consultant and Managing Partner for GoldSky Security. His security and compliance expertise spans over 14+ years and focuses on infrastructure design, risk assessments and leading complex security & compliance management projects.
Jonathan brings a deep understanding of information security controls and compliance framework mandates to his clients.
He has been responsible for leading the security efforts of several company’s and their clients servicing the Banking, Healthcare, Legal, Insurance, Manufacturing, Telecommunications, and DoD Industries, performing gap assessments against NIST 800-173. From the gap assessment, Jonathan and his team assist organizations in implementing all the missing controls, which included:
- Information Security Policies and Procedures
- Risk Assessment
- System Security Plan
- Incident Response Plan, Training and Testing
- Configuration Management Plans
- Firewall Review and Update
- Change/Patch Management Review
Prior to consulting for GoldSky, Jonathan served as Chief Operations Officer for Medicat. He was responsible for developing and managing Medicat’s SaaS EMR software platform that services over 500 Colleges and University’s Student Health Centers.
Jonathan led the companies efforts to achieve SSAE 18 SOC 2 Type II and +HITRUST CSF 8.1 certification. He also led the compliance support efforts for several clients and their audits based on the NIST 800-53 rev. 4, FedRAMP, FISMA, PCI, ISO 27001, NIST 800-30, and HIPAA/HITECH audits.
Throughout Jonathan’s career, he has consulted with companies in providing his expertise in ISO 27001 gap analysis, policy and procedure development, security assessments, and security framework development. Additionally, Jonathan was responsible for creating an Information Security Training Program for all employees and managing third party and customer audits, including SSAE 18, PCI DSS and FISMA.
Effective Methods For Dealing With The Aftermath of a Cyberattack Data has become the engine that empowers businesses in the 21st century. This invaluable asset informs critical business decisions and processes across an organizational value chain. However, this business asset is under a continuous attack by malicious actors seeking to impact critical business infrastructures. Therefore,
How Cybersecurity Could Be The Lone Savior Of Small And Medium-Sized Firms In Their Digital Transformation Journey The threats of cyber incidents outsmarting detective, defensive, and corrective security controls has grown exponentially, as cybercriminals are devising sophisticated tools, tactics, and procedures to compromise organizational information assets. Therefore, the current climate demands that organizations become strategic
A Message from our COO GoldSky Cyber Security is closely monitoring the status updates of Coronavirus (COVID-19) being issued by local health departments, the Centers for Disease Control and Prevention (CDC), the Federal Trade Commission (FTC), the Center for Internet Security (CIS) and the World Health Organization (WHO), and will continue to follow guidelines set