We sat down with Aaron Goldstein, Head of Security Operations and Incident Response at Todyl, to discuss the journey that led him here, what he is working on, and his career advice for people looking to get into security.
My first foray into “hacking” was when I was eight years old. My older brother was better than I was at Minesweeper, always beating my scores. One day, I discovered that a small “.ini” file contained high scores that could be altered. He never beat my score after that day.
Pushing the boundaries of computer security immediately became a passion of mine. I focused my education on IT and security, receiving my BS in Information Systems Technology from the University of Central Florida. I have a slew of certifications, including my Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst, GIAC Reverse Engineering Malware (GREM), Qualified Security Assessor by PCI, among others.
I regularly attend security conferences to continue my education and give back to the security community. I got my first job after a weekend at Defcon when a well-dressed man approached me asking if I knew anything about the “backtrack Linux” operating system open on my laptop. After a long conversation, he invited me to interview for an Incident Response Consultant position at SecureWorks.
I came to truly love helping organizations prepare for and respond to all kinds of threats in that role. I flew around the world with Pelican cases full of hard drives and laptops. I gained significant experience quickly and soon was leading Incident Response, Endpoint Detection & Response, and Threat Hunting teams at Cylance, Tanium, and Arete.
Throughout my career, I’ve helped respond to over 250 active incidents, ranging from high-profile data breaches to complex ransomware attacks requiring coordination with cyber insurance carriers. I’ve worked with organizations of all sizes, from small mom-and-pop shops to networks with several hundred thousand hosts. These experiences provided a great perspective on how security controls apply to different industries and sizes.
I first heard about Todyl as a rapidly growing startup local in the Denver area. Intrigued by their mission, I followed Todyl’s progress and started to build a relationship with John Nellen. Eventually, the stars aligned where Todyl was looking for someone to help create a unique managed detection and response offering, and I jumped at the opportunity.
Todyl is unlike any other company I’ve worked at, in all the best ways. Everyone here is driven and at the top of their game. We move fast. I can make a direct impact on the company and product. Our mission to simplify security resonated with me. I enjoy empowering smaller organizations with the same tooling and expertise previously accessible to only large organizations.
As the Head of Security Operations and Incident Response, I ensure Todyl’s security posture is at the front and center of our mission. I also apply my knowledge to help interpret, respond, and enrich the vast amount of data and activities Todyl manages for our partners.
A key focus of my role is building a team of security engineers to provide an unparalleled Managed Extended Detection & Response (MXDR) service. We are building something unique with a personalized touch to a commonly impersonal service.
Our growing team allows us to extrapolate our collective knowledge to provide best-in-class security services to organizations of all sizes. Backed by the capabilities of Todyl’s platform, we are providing visibility and control beyond anything they’ve seen before, helping them identify and respond to activities occurring in their environments.
Traveling has always been important to me—I’ve been fortunate enough to step foot on every continent! My wife and I recently had our first child, so much of my time is spent with them these days. As time allows, I enjoy 3D printing, hiking, and camping.
Stay curious. I always tell people interested in security but unsure where to start to stay curious. When you question how and why things work, you inherently learn more than by simply looking for an answer to the problem.
This insatiable curiosity drives me and is what I look for in others on my team. Solving problems is half the equation, but the drive to continuously push yourself to learn in a dynamic industry is the difference between a good and exceptional security engineer.
Subscribe to receive the latest insights, news, and updates from Todyl.