John Stoner - Senior Security Consultant at Google

Disclaimer: This information was obtained from publicly available sources online and is believed to be accurate at the time of publication. Valimates collects this information with proprietary technology and cannot guarantee the accuracy or completeness of the data. The purpose of the data is to inform the reader about the expertise of the individual and should not be used for any other purpose. Valimates does not have any affiliation with the individual.

John Stoner Senior Security Consultant at Google

Claim Profile Update Profile Delete Profile

John Stoner is an impressive and accomplished professional with over 23 years of experience in the US Intelligence Community, DOD, and national security industry. As a CISSP and PMP certified cybersecurity specialist, they have demonstrated expertise in various areas including cyber threat intelligence, instructional design, cyber counterintelligence, and risk management. With their extensive knowledge and experience, John excels in impactful and dynamic roles across different verticals or serving multiple clients.

John has a strong track record of presenting technical analysis in written products and presentations, including conferences and webinars. They are highly passionate about helping others in INFOSEC and have volunteered at multiple cybersecurity events and conferences, including The Diana Initiative, DEFCON, BSides, VetSecCon, and more. In their current position as a Senior Security Consultant at Google, John continues to contribute to the field of information security consulting, managed security services, cyber policy, and program management.

Prior to joining Google, John served in various roles at companies such as Booz Allen Hamilton and CACI International Inc., where they made significant contributions to cybersecurity efforts, threat intelligence analysis, and risk management. They also have experience working with the United States Department of Defense, where they served as the Deputy Director of DCISE and the Chief of Analytics, overseeing mission operations and leading a diverse team of analysts.

John holds an Associate's Degree in Computer Studies from the University of Maryland Global Campus and an Associate of Arts degree in Communication from the College of Southern Maryland. Their broad cybersecurity knowledge and impressive professional history make them an exceptional senior security consultant capable of delivering risk-based, full-lifecycle approaches to cybersecurity.

More about this expert

Full name: John Stoner
Location: Fort George G. Meade, Maryland, United States
Title: Senior Security Consultant
Company: Google
Industry: Software Development
LinkedIn profile: https://www.linkedin.com/in/johnstoner123/
LinkedIn Connections: 2389
Summary: Views & postings = personal view and not that of my employer or any government agency Mr. Stoner, a CISSP and PMP certified professional, has over 23 years of experience in the US Intelligence Community (USIC), DOD, and national security industry with over 13 focused in cybersecurity. He is a cybersecurity specialist who excels in an impactful, dynamic role, ideally across verticals, or serving multiple clients. He has experience with Cyber Threat Intelligence (CTI), instructional design, cyber counterintelligence (CI), Defense Industrial Base (DIB) engagements, NIST 800-171 & 800-53 frameworks, Advanced Persistent Threat (APT) analysis, Risk Management Framework (RMF) and Governance, Risk and Compliance (GRC). His broad cybersecurity knowledge is helpful for risk-based, full-lifecycle approaches to cybersecurity. He is experienced in presenting technical analysis in written products and presentations, including conferences, and online webinars. He is passionate about helping others in INFOSEC and volunteers in the INFOSEC community and volunteers at multiple cybersecurity events.
Skills: Information Security Consulting Python (Programming Language)

Education

University of Maryland Global Campus: Associates Degree
Attended in 2015 - 2016
Field of study: Computer Studies
College of Southern Maryland: Associate of Arts (AA)
Attended in 2012 - 2014
Field of study: Communication

Positions

Google Maryland, United States · Remote: Senior Security Consultant
Oct 2023 - Present

Skills: Information Security Consulting · Managed Security Services · Cyber Security Risk · Cyber Policy · Program Management Professional · Cyber Threat Intelligence (CTI) · Program Management
Freelance: Cybersecurity Conference Talks and Volunteering
Mar 2017 - Present

Currently serving as The Diana Initiative (TDI) Career Village Lead as part of the conference staff

Volunteers at multiple cybersecurity conferences including The Diana Initiative (TDI) 2020-2023, DEFCON 28 Career Hacking Village, multiple BSides conferences, VetSecCon, GrimmCON, Pancakes CON 2 and others.

Presents at various cybersecurity conferences over the years.
Booz Allen Hamilton Maryland, United States: Deputy PM & Threat Intel analyst
Mar 2021 - Sep 2023

- Deputy PM and Lead All Source Cyber Analyst for a 35 person Cyber Threat Intelligence team supporting DHS
- Lead the cybersecurity efforts for a prototype delivery of 5G AR/VR/XR for a DoD client, including leading the System Security Plan (SSP), and contributing to the System Engineering Management Plan (SEMP), and the System Design Document (SDD)
- Assisted in a part time capacity with a USACE client as an ISSO on two software applications
- Provided cybersecurity insights into wearable device project for DoD clients
- Assisted with multiple proposals as a cybersecurity SME
- Performed Risk Management Framework (RMF) and Governance, Risk and Compliance (GRC) activities
- Wrote a white paper on the future of US Army installations, SMART buildings and environmentally friendly reimagining of basing
CACI International Inc Linthicum Heights, Maryland, United States: Cyber Threat Intelligence Analyst
Aug 2020 - Mar 2021

• Conducts cyber threat intelligence analysis of Advanced Persistent Threats (APTs) for the Analytical Group (AG) at DC3
• Writes Intelligence Information Reports (IIRs) on cybersecurity issues, malware, and APT related subjects
• Writes Cyber Intelligence Reports (CIRs) on various cybersecurity topics (long-form narrative reports)
• Identifies patterns, trends, and events in threat actor Tactics, Techniques, and Procedures (TTPs)
• Presented briefing on nation-state specific APTs during first virtual AG Quarterly Conference in November 2020
• Uses various analytic processes and tools, including TestFlight, VirusTotal, DomainTools, Malpedia, Pulse, M3, HOTR, HighPoint, the cyber kill chain, Malpedia, the diamond model, Bianco’s pyramid of pain and MITRE ATT&CK
United States Department of Defense Linthicum, Maryland: DCISE Deputy Director (GS-14)
Aug 2019 - Aug 2020

• As Deputy Director, supervised a mission directorate with 60 civilians, LNOs and contractors
• Oversaw daily mission operations, including cyber threat analysis for more than 750 Cleared Defense Contractors
• Through the budgeting and POM process was able to acquire additional 6 CTR FTE for DCISE in FY21
• Presented at a number of public and classified venues on cybersecurity and cyber threat intelligence topics
• Graduated from the 80-hour in residence OSI Leadership Challenge Forum (LCF) course
• Routinely represented DC3/DCISE at internal and external DOD/USIC and executive meetings
United States Department of Defense Aug 2019 - Aug 2020 · 1 yr 1 mo: Chief of Analytics, DCISE (GS-14)
Nov 2017 - Aug 2019

• As the Chief of Analytics, supervised a diverse team of 34 civilian, LNO and contractor analysts
• Briefed the Cyber Panel for FY21 and the Enterprise IT (EIT) Council at the pentagon regarding funding
• Led a civilian offsite and proactively worked towards future team-building events and offsites

Acting Chief of Analytics, DCISE (GS-13):NOV 2017 – DEC 2018
• Spearheaded Analytic Division re-organization upon assuming role of acting Chief of Analytics
• Wrote the Analytics Division Concept of Operations (CONOPs) from scratch as part of the re-org
• Streamlined the entire Analytic Division’s Job Qualifications Requirements (JQR) plan
• Analyzed cyber threat actors and APTs using Pulse, M3, HOTR, DomainTools, VirusTotal, and DC3 databases