Mark Jeanmougin

Mark has been in IT for almost 20 years. His current role as a Cyber Security Design expert at SAP involves him having an excellent understanding of SAP policies & procedures, external compliance requirements, and industry best practices and helping SAP products and services meet and exceed those benchmarks. Before joining SAP in 2018, Mark held previous positions with a CPU manufacturer where he helped launch a motherboard, a physical security company, and a Fortune 50 company. He also helped a bank achieve its first PCI compliance, and he has helped secure a research foundation. Mark has been teaching at SANS since 2017, and he holds GMON and GCIH certifications.

More About Mark


Mark has been in IT for almost 20 years, starting out as a UNIX System Administrator for a global organization. “I saw how solid security practices ensured that good people couldn’t do bad things and wanted to get more involved,” he says. That led him to being nicknamed the ”UNIX Security Guy,” then the “IDS Guy,” the “Windows Security Guy,” the “Firewall Guy” and more roles in cybersecurity.

After getting his feet wet as ”The X Security Guy” and doing forensics for a bit, he had the opportunity to build a security operations center at a financial services company, a highly regulated environment. After running that for a few years, Mark jumped at the opportunity to build a cyber fusion center from scratch. He has had the privilege and opportunity to work with an organization over time and see what it takes to make something work long term. “You will not hear me advocate for techniques that only work on paper or aren’t reasonable long term,” he says.

Mark is really excited to be in cybersecurity, as he used to play cops ‘n’ robbers with the kids from his neighborhood when he was young. But nowadays, it’s no longer a game. “As a Cyber Defender, there are literal bad guys attacking us… international adversaries reaching into our data centers, attacking our employees, and stealing money and intellectual property from us. In Cyber Defense, we get to search for those bad guys and kick them out! I think SOC employees basically should wear capes; we are superheroes.”

Not only does Mark teach students how to control an organization’s network and protect it against cyber-attacks, in his spare time he also teaches car control and driving skills to new drivers. Alongside that, he has been volunteering through a program where he is teaching high school students. “That is where I learned how to engage with and educate students. I wanted to layer on these newfound teaching skills with my expertise and excitement in the Cyber Defense space.”

Mark is well-known for his high energy in class. “I use my energy to partner with my students, leading them on a journey from the morning of day 1 through the afternoon of day 6. I aim to provide an open and relaxed classroom where students are engaged via high energy aural, visual and kinaesthetic methods.” Nothing makes him prouder than seeing people enter their first Cyber Defense jobs and helping them turn into professionals. “I have a former direct report who is now running a SOC at an MSSP,” he says proudly. But also getting the certifications that enable a business to launch a new product line is a highlight of his career. “And, last but not least, working with the bank to pass their first PCI audit” is an experience that remains top of mind for Mark.

In addition to his job at SAP and his work teaching for SANS, Mark has his own consultancy firm that is focused on providing quality IT services to a small number of businesses in the SMB market. “We provide additional expertise or manpower to enable them to securely use IT to better their business.” Also, Mark loves his six cats and driving on racetracks. But not at the same time though, because “that would be weird,” he laughs.

Hear Mark speak on Saving Time with Modern Filtering Techniques:

You can find more from Mark online:

Your 8 Char AD Password is Strong Enough - BSides Cincinnati 2016