Incident Response · Corporate Security

Nicholas Mercurio

I build and run security programs that scale; from incident response execution and readiness, to corporate security foundations that make audits, investigations, and day-to-day operations easier.

Toronto, CA Speaker Educator

Experience

  • Leading corporate security initiatives across identity, endpoint posture, and SaaS security to reduce risk and improve operational resilience.
  • Designed and implemented a comprehensive vulnerability management program across endpoint and cloud environments.
  • Built and scaled an incident response program (on-call, workflows, automation), improving response speed and consistency.
  • Served as IT & Security SME for SOC2 and SOX audits, strengthening readiness and reducing audit friction.
  • Identified security gaps during audit preparation and drove improvements to streamline future efforts.
  • Partnered cross-functionally to align security practices with standards and improve overall posture.
  • Developed and taught curriculum spanning GRC, malware analysis, and risk management.
  • Delivered hands-on labs and case studies focused on threat detection and incident response.
  • Equipped students with practical skills using industry tools and frameworks.
  • Taught application security (OWASP Top 10, DevSecOps, secure coding).
  • Built lab exercises emphasizing secure design and SDLC integration.
  • Covered modern AuthN/AuthZ patterns and best practices.
  • Built and aligned the information security function with organizational goals.
  • Drove SOC2 and HIPAA compliance efforts; improved privacy and security controls.
  • Modernized policies; advanced vulnerability management (DAST/SAST) and risk practices.
  • Led security risk assessments and embedded security practices cross-functionally.
  • Integrated DevSecOps controls earlier in the SDLC, reducing risk and improving delivery.
  • Led teams improving endpoint security, IAM, and threat detection.
  • Automated SOX processes with identity governance workflows.
  • Ran IR tabletop exercises aligned with MITRE ATT&CK.
  • Deployed CrowdStrike and Intune across 350+ devices to reduce exposure.
  • Rolled out Okta IAM (MFA, provisioning) to protect sensitive systems and data.
  • Built alerting and ticketing workflows for faster triage and response.
  • Implemented Kandji for centralized macOS management and security configuration.
  • Defined SOPs/SLAs for security operations; improved incident handling consistency.
  • Contributed to patching, access control, and vulnerability scanning programs.
  • Performed security assessments for non-profits; delivered actionable remediation plans.
  • Ran awareness campaigns to reduce phishing/malware risk.
  • Improved policies and incident response practices for lean teams.
  • Conducted vendor risk assessments and supported security policy development.
  • Assisted with analysis and mitigation of infrastructure security risks.
  • Provided technical support and operational security improvements across the organization.
  • Implemented updates and security patches to reduce vulnerabilities.
  • Supported monitoring and resolution of security and uptime issues.

Speaking

Certifications

Education

Master of Science, Cybersecurity and Information Assurnace

Western Governors University · 2025

Bachelor of Applied Information Science, Information Systems Security

Sheridan College · 2016 – 2021