Kevin Tome


Cybersecurity Architecture
Network Architecture
Network Security
Project Management
Cybersecurity Governance
Risk Analysis
Risk Management
Vulnerability Management
Threat Modeling
Regulatory Compliance
Incident Response
Threat Hunting
Penetration Testing
Security Awareness
Packet Capture and Analysis
Forensic Analysis
HIPAA Compliance
PCI-DSS Compliance
PKI Infrastructure
Encryption and Decryption
Disaster Recovery
Contingency Planning
Configuration Management
End-Point Protection
Security Automation
Training and Mentoring
Technical Documentation
Metrics and Data Analysis

Kevin Tome

Information Security Architect


As the manager of the CTEK’s Remediation Team, Kevin oversees a team of information and cybersecurity consultants, engineers, and architects who provide cybersecurity remediation services to over 300 clients in the healthcare sector. He provides senior-level cybersecurity and risk management consulting and advisory services both internally and for our clients across all industries; with a focus on healthcare. Kevin is responsible for developing new lines of service to remain relevant in the industry and continually review and improve the current lines of service.


  • Utilized 22 years of experience in Healthcare Information Technology and Information Security to provide cybersecurity consulting services for a diverse range of clients in the healthcare industry including risk analysis, risk management, vulnerability management, incident response, cybersecurity advisory services, and more.
  • Advised C-suite, management, and operations personnel to analyze and provide guidance for improving enterprise IT and cybersecurity operations, as well as regulatory compliance including HIPAA, HITRUST, NIST, PCI, ISO, SOX, GBA, GDPR, and many others.
  • Provided advisory services to clients on a variety of subjects including risk management, incident response, security technologies, policy and procedure, IT governance, physical and data security, staffing, and IT budgeting.
  • Oversaw architecture, design, incident response, risk management, vulnerability management, and all security operations for over 20,000 endpoints, 4000 servers, and 17,000 + employees.
  • Instrumental in policy creation and controls mapping and helped design the Enterprise Risk Management Program.
  • Played a key role in new technology acquisition, vendor selection, and interviewing candidates for roles within the Information Security Team.
  • Was the lead architect for the Proof of Concept for an Enterprise Email Threat Protection solution. Reviewed FireEye, Proofpoint, Symantec, and Mimecast during the POC; Proofpoint was selected as the best overall choice, and Kevin was instrumental in negotiating the price down by over 40%.
  • Enterprise rollout of Symantec (formerly BlueCoat) Proxies, Rapid7 “Nexpose” vulnerability scanning engines, and Vulnerability Management Program.
  • Worked directly with the McAfee Administrative Team to develop and implement new policies as well as perform an enterprise upgrade for all endpoints as well as servers. Experience with E-policy Orchestrator, DLP, HIPS, and Full Disk Encryption.
  • Developed and maintained the Enterprise Incident Response policies, procedures, and playbooks.
  • Lead Architect for Forensic Analysis and eDiscovery using a variety of tools including Forensic Toolkit, Cellebrite, Office 365 Security, and Compliance Suite, Tableau, and a variety of other tools.
  • Designed, implemented, and supported secure infrastructure for over 50+ clients in the durable medical equipment and home healthcare industries.


  • Nexpose Certified Admin
  • Stealthwatch Certified Admin
  • Citrix Administrator for XP/Presentation
  • Server/Xen Server


    • Office


    • Email