About

About Us

who is requisite

Decades of hands-on security
and compliance expertise

For over 25 years, Matt has helped organizations navigate their security and compliance challenges, particularly in identifying, exploiting and remediating vulnerabilities. With a strong technical background and extensive experience testing some of the most well-known cloud service providers, Matt understands the continuous challenges organizations face. At Requisite Security, he looks to leverage his knowledge to assist businesses in identifying and implementing the security that is needed to fulfill their goals.

Prior to Requisite Security, Matt was a Managing Principal at Schellman, a Top 50 CPA firm, where he had overall responsibility for the Penetration Testing, PCI, and Digital Trust practices. Originally hired in 2014 to start up the firm’s offensive security practice, Matt quickly built a penetration testing practice known for their thoroughness, technical competence, and knowledge of compliance.

Matt resides in Raleigh, NC, and works with clients across the country.

What we are best at

Typical Roles

vCISO

Provide information security and strategy leadership to an organization. Tasks will vary, but often include establishing a program, meeting compliance requirements, training staff, and managing overall risk.

Merger & Acquisition Advisor

Deliver independent advisory opinions related to merger and acquisition activity. Typically supporting due diligence, assessing technology stack, assisting in integration, and analyzing third-party risk.

Product Security Specialist

Work with software engineering and sales teams to ensure offerings meet the security and compliance requirements customers expect. Responsibilities may involve creating a roadmap to improve secure software development, addressing current and future opportunities, and identifying areas to differentiate.

Vulnerability Management Lead

Oversee the threat and vulnerability management program by supplementing an existing security team or filling in for missing team members. Establishing best practices for the entire life cycle, from identification to remediation. Providing expertise in cloud, application, and network security.