Jeremy Hughes


Policy, Standard, & Procedure Creation & Review
SANS/CIS Critical Security Controls
Vulnerability Scanning & Patching
Nessus, SecurityCenter
HTTPS Connection Evaluation & Remediation for Web Portals
Endpoint Encryption & Recovery (Sophos, Bitlocker)
Mobile Device Security (MobiControl, AirWatch)

Jeremy Hughes

Information Security Consultant


Jeremy Hughes is a cybersecurity professional with a passion for defending healthcare organizations in an increasingly hostile and unforgiving environment. Jeremy has experience with information security and regulatory compliance frameworks, vulnerability management, cryptography, as well as policy writing and contract review. Along with being a great communicator and supportive team player, he is a self-published author of Dystopian Fantasy novels, an avid video gamer, and a dog lover.


  • Advised multiple clients on implementing controls from the NIST Cybersecurity Framework.
  • Assisted with or ran internal vulnerability management solutions for several companies.
  • Developed a set of client-specific standards to match the security controls from the NIST CSF.
  • Evaluated externally facing websites for OWASP and TLS vulnerabilities.
  • Maintained integrity of a secure environment by reviewing and approving/denying ACL request for both North/South and East/West traffic.
  • Configured and deployed network-based security stacks for a secure environment.
  • Managed NIST compliance for multiple ATOs and Continuous Monitoring
  • Served as primary knowledge source for FedRAMP products
  • Assisted PCI compliance programs
  • Built, implemented, and managed a distributed Spiceworks instance for asset inventory and reporting.
  • Built, implemented, and managed a SCCM 2012 environment
  • Managed a Symantec Endpoint Protection system and host-based Intrusion Prevention System
  • Built, implemented, and managed a Nessus/SecurityCenter system for vulnerability scanning
  • Developed a SANS/CIS CSC 20 heat map for current and future control implementation
  • Built, implemented, and managed a Sophos Safeguard Easy endpoint device encryption system.


  • University of Mississippi (Senior Status) B.S., Computer Science, Minor: German 2006
  • H.S., Advanced Diploma 2002 Alabama School of Mathematics and Science, Mobile, AL


  • Certified Information System Security Professional (CISSP) from (ISC)2
  • Security+ CE (Continuing Education) from CompTIA
  • Kali Linux Fundamentals, Cryptography, and TCP/IP micro certifications from


    • Office


    • Email