Gino Pepenella
Senior Cybersecurity Engineer & Architect
Strategic Risk Management | Security Architecture & GRC | M.S. Cybersecurity Intelligence
Strategic Security Leadership
Senior Cybersecurity Engineer
US Cyber Command Cyber Range
Leading security strategy and risk management for the world's largest cyber range and the DoD's largest global cloud infrastructure: US Cyber Command's flagship cyber training and mission simulation platform. Architecting enterprise security frameworks, managing organizational risk, and ensuring mission-critical systems support thousands of warfighters through effective governance and security operations. Translating complex technical challenges into strategic business outcomes while mentoring engineering teams on enterprise-scale security delivery.
My GitHub
Vulnerable Application Security Lab
Intentionally vulnerable web application demonstrating OWASP Top 10 vulnerabilities for hands-on security training and research. Used in university cybersecurity courses to provide students real-world exposure to common web application security flaws.
Cybersecurity Workflow & GRC Automation Tools
Security automation suite of tools that solve real operational challenges in day-to-day security engineering and governance work.
Enterprise Security Configurations
Collection of hardened configurations, security baselines, and automation scripts for enterprise infrastructure. Includes STIG compliance automation and security hardening playbooks for production environments.
Strategic Risk & Security Leadership
Strategic Risk Management & Governance
Leading organizational risk assessment and governance programs aligned with business objectives. Implementing NIST RMF, managing security control frameworks, and translating regulatory requirements into actionable security strategies. Bridging executive leadership and technical teams to ensure risk-informed decision making across enterprise operations.
Security Architecture & Infrastructure
Designing enterprise security architectures for large-scale hybrid cloud and on-premises environments. Leading zero trust implementations, cloud security strategy, and infrastructure protection programs. Leveraging deep technical expertise in VMware NSX-T, system hardening, and STIG compliance to deliver secure, scalable solutions aligned with organizational mission.
Security Automation & Technical Leadership
Driving security operations efficiency through strategic automation initiatives and DevSecOps integration. Building high-performing engineering teams and embedding security controls into CI/CD pipelines using Python, Ansible, and Infrastructure-as-Code. Balancing hands-on technical expertise with strategic program management to deliver measurable security improvements at enterprise scale.
Security & Infrastructure Stack
Security Platforms
- Elastic Security / SIEM
- Tenable.sc / Nessus
- Microsoft Defender Suite
- F5 Security Solutions
- VirusTotal Intelligence
Infrastructure & Cloud
- VMware vSphere / NSX-T
- Red Hat Enterprise Linux
- Docker & Containerization
- Infrastructure as Code
Automation & Development
- Python (Security/ML/AI)
- Ansible Automation
- Bash/Shell Scripting
- OpenAI & Claude APIs
- CI/CD Pipeline Security
Compliance & Frameworks
- NIST 800-53 / RMF
- Zero Trust Architecture
- DISA STIG Compliance
- DoD Security Requirements
- Risk Management Framework
Life Outside Cybersecurity
Family First
Husband and father of three kids under 4 years old. Yes its as wonderfull and exhausting as it sounds!
Music Enthusiast
I love to play guitar when I can get away. I love 80s rock and country music riffs!