Larry W. Harvey -CISSP -CCSP

Security Consultant

Parkton, North Carolina, United States22 yrs 4 mos experience
Highly Stable

Key Highlights

  • CISSP and CCSP certified security expert.
  • Led executive tabletop exercises with 100+ participants.
  • Nearly two decades of crisis leadership experience.
Stackforce AI infers this person is a Cybersecurity and Healthcare Risk Management expert with a focus on incident readiness.

Contact

larry.harvey.cyber@protonmail.comLinkedIn

Skills

Core Skills

Incident & Crisis ReadinessSecurity Governance And AssuranceIncident ResponseSecurity OperationsCrisis LeadershipSecurity Governance

Other Skills

Executive & Technical Tabletop ExercisesIncident Response Program Design & AssessmentCloud and Regulatory RiskIncident Response Program ManagementGovernance-aligned readiness initiativesNIST 800-61 r2NIST CSF 2.0HIPAAHITECHTabletop ExercisesExecutive EngagementRisk ManagementSecurity Operations Center InfrastructureThreat IntelligenceIncident Response Lifecycle

About

I am a CISSP, CCSP-certified Security Advisory Consultant specializing in enterprise incident and crisis readiness for regulated healthcare organizations. I design, execute, and assess incident response programs, executive and technical tabletop exercises, and governance-aligned readiness initiatives for large healthcare systems, working directly with C-suite, legal, compliance, and IT leadership. My work centers on program ownership, not tool operation—translating cyber incidents into operational, regulatory, patient safety, and business impact decisions. I have independently led large-scale executive tabletop exercises (including a single-facilitator engagement with 100+ executives) and conducted formal incident response plan maturity assessments aligned to NIST 800-61 r2 and NIST CSF 2.0, incorporating HIPAA and HITRUST requirements. I currently serve as the primary security advisor for a portfolio of enterprise healthcare clients, leading ongoing executive risk touchpoints covering threat trends, technology stack considerations, escalation pathways, and incident governance. While my background includes hands-on security operations and incident response, my current focus is on governance, risk, and executive-level incident readiness and decision-making, particularly in cloud-enabled and highly regulated environments. I bring nearly two decades of crisis leadership experience from military service (U.S. Army) and emergency services (Fire/EMS Lieutenant, Paramedic), which directly informs my approach to incident governance, communication discipline, and operational readiness. Areas of focus: • Incident & crisis readiness • Security governance and assurance • Executive & technical tabletop exercises • Incident response program design & assessment • Cloud and regulatory risk (healthcare) Currently open to Security Advisory, GRC, Cloud Risk, and Incident Readiness roles where program ownership, executive engagement, and defensible security outcomes matter.

Experience

22 yrs 4 mos
Total Experience
20 yrs 4 mos
Average Tenure
2 yrs 7 mos
Current Experience

Managed security service provider

Security Advisory Consultant – Incident & Crisis Readiness

Sep 2024Present · 1 yr 8 mos · North Carolina, United States · Remote

  • Own the design, execution, and assessment of enterprise incident and crisis readiness programs for regulated healthcare organizations, including incident response plans (IRPs), executive tabletop exercises, and governance-aligned readiness initiatives.
  • Independently plan and facilitate large-scale executive and technical tabletop exercises, including engagements with 120+ executive participants, translating cyber incidents into operational, regulatory, patient safety, and business impact decisions.
  • Design, assess, and mature enterprise incident response programs aligned to NIST 800-61 r2 and NIST CSF 2.0, incorporating HIPAA and HITECH regulatory requirements.
  • Serve as a primary security advisor to healthcare client leadership, partnering with legal, compliance, and IT stakeholders to align incident governance, communication strategy, and regulatory obligations.
  • Produce executive-facing readiness assessments and advisory deliverables, documenting maturity gaps, risk implications, and prioritized remediation recommendations.
  • Contribute technical insight where necessary (forensics, detection, threat context) to inform governance decisions, without serving as a primary DFIR case handler.
  • Recognized as Employee of the Quarter for rapid assumption of client-facing advisory responsibility and delivery impact within the first 30 days.
Incident & Crisis ReadinessSecurity Governance and AssuranceExecutive & Technical Tabletop ExercisesIncident Response Program Design & AssessmentCloud and Regulatory Risk

Freelance

Security Operations & Incident Response Independent Research

Oct 2023Present · 2 yrs 7 mos · North Carolina, United States · On-site

  • Architected and operate enterprise-grade Security Operations Center infrastructure
  • Velociraptor EDR (server + distributed agents), Suricata IDS, Zeek NSM, centralized ELK/SOF-ELK logging
  • MISP threat intelligence platform with automated IOC ingestion (VirusTotal, Hybrid Analysis)
  • Detected and responded to three real targeted attacks: full IR lifecycle from detection through eradication
  • Blocked 2.1M+ malicious connections, 257K C2 beacon attempts
  • Developed custom Sigma detection rules for behavioral analytics and threat hunting
  • Network segmentation (VLANs), 5Gb fiber infrastructure, Grafana monitoring dashboards
Security Operations Center InfrastructureThreat IntelligenceIncident Response LifecycleNetwork SegmentationBehavioral AnalyticsIncident Response+1

Various companies

Information Security & Operations Leadership U.S. Army (Signal) & Fire/EMS (Lieutenant/Paramedic)

Jan 2004May 2024 · 20 yrs 4 mos

  • Managed cryptographic key material and secure communications infrastructure for classified military operations
  • Implemented identity and access management protocols for protected health information systems
  • Maintained HIPAA compliance for PHI creation, transmission, storage, and disposal across emergency medical services
  • Led crisis response teams in high-stakes operational environments
  • Validated as 5+ years security experience per CISSP certification requirements
Crisis LeadershipSecurity ComplianceIdentity and Access ManagementCrisis Response ManagementSecurity Governance

Education

Western Governors University

Bachelor of Science - BS

Sep 2024Jan 2026

MyComputerCareer

Certifications — Information Technology and Cybersecurity

Feb 2024Sep 2024

Stackforce found 100+ more professionals with Incident & Crisis Readiness & Security Governance And Assurance

Explore similar profiles based on matching skills and experience

Ayush Bhat

Ayush Bhat

Associate Cyber Security Engineer

at KPMG

Gurugram, India2 yrs 9 mos exp
CybersecurityIncident ManagementIT GRC
David Seidman

David Seidman

Head of Platform Security

at Plaid

Issaquah, United States21 yrs 3 mos exp
SecurityManagementSoftware Engineering
TI

Taha Ibrahim

Senior SOC Analyst L2

at Spark Professional Services

Cairo, Egypt3 yrs 7 mos exp
DFIRLog AnalysisSecurity Operations
Latheesh Thotathil

Latheesh Thotathil

Network and Security Consultant

at ANZ

Bengaluru, India18 yrs 5 mos exp
Firewall ArchitectureRisk Management
Kavya Rastogi

Kavya Rastogi

Security Analyst

at Zepto

Delhi, India3 yrs 5 mos exp
Vikram Singh

Vikram Singh

Senior Manager

at Genpact

Faridabad, India13 yrs 6 mos exp
Cyber SecurityNetwork AdministrationNetwork SecurityRisk AssessmentSecurity Operations Center
Vignu Bharath

Vignu Bharath

Manager

at ICON plc

Hyderabad, India11 yrs 7 mos exp
Cyber Threat Intelligence (CTI)Security Risk
Simcha K.

Simcha K.

Senior Security Researcher

at CyberArk

Israel9 yrs 4 mos exp
Security Research