Greycat Consulting LLC  ·  Plano, TX

Matthew "Shan" Romanek

vCISO & Principal Information Security Consultant

20+ years of hands-on security experience, from building consulting practices at SecureWorks and Accenture to leading global SOC operations at Fortune 100 scale. Strategy and execution in one engagement, without the enterprise overhead.

Get In Touch View Background

Why Greycat

Advice from someone who's done the work

Most vCISOs come from a management or compliance background. This one built the programs, ran the assessments, and managed the teams.

🛠

Practitioner-Led

OSCP-certified with 8 GIAC certifications. The strategic guidance comes from someone who has personally run penetration tests, built SOC operations, and stood up security programs from scratch. Advice that works in the real world, not just on paper.

Execution-Ready

Strategy and hands-on implementation in one engagement. From program development to security engineering and MSSP operations, with no translation loss between what gets recommended and what gets built.

🎯

Right-Sized

Programs built for your actual context, not a Fortune 500 framework retrofitted onto your business. Every recommendation comes with a clear business reason, because security that doesn't fit your operations won't get used.

Professional Background

Built at enterprise scale. Available at your scale.

Two decades across the organizations that set the standard for security consulting and operations.

2022 – Present Greycat Consulting

vCISO & Principal Consultant

  • vCISO for mid-market and global clients, developing tailored information security programs aligned with business objectives
  • Technical security consulting, threat and risk assessments, attack surface reduction
  • GRC consulting and gap / readiness assessments across NIST CSF, CMMC, ISO 27001, PCI, and HIPAA
  • MSSP operations and support including CrowdStrike, Proofpoint, Microsoft, and Google.
2019 – 2022 Accenture

Senior Manager, Security Operations Lead

  • Led global SOC operations supporting 600K+ users and 50K+ cloud workloads
  • Built and scaled 24×7 Tier 1 & 2 monitoring across Chicago, Bengaluru, and Buenos Aires
  • Reduced false positives by 60% in six months through detection tuning and trend analysis
  • Implemented automation reducing manual analyst workload by 30%
2016 – 2019 Accenture Security

Senior Manager, Threat & Vulnerability Management

  • Led Fortune 100 TVM engagements: vulnerability management, penetration testing, and control assessments
  • Lead Instructor for Accenture Security bootcamps and TVM Workshops at the Q Center
  • Security Engineering SME for a NERC/CIP-regulated utility; architecture for AMI and FAN deployments
  • Senior Security Architect at FusionX (acquired by Accenture)
2009 – 2016 SecureWorks

Senior Manager, Technical Security Consulting Practice

  • Built standardized security service delivery frameworks: scoping, pricing, methodology, and reporting standards used across the practice
  • Managed three consultant teams across Vulnerability/Pen Testing, Application Security, and GRC
  • Delivered advanced assessments including penetration testing, social engineering, Wi-Fi, and application security

Core Competencies

What I bring to the table

Strategy, engineering, and operations covered in one engagement.

vCISO Leadership & Security Strategy

Program development, executive advising, roadmap design, board-level communication, and security governance tailored to your business context.

Threat & Vulnerability Management

Attack surface reduction, continuous control validation (CCV) programs, technical vulnerability assessment, and risk prioritization.

Security Operations & Detection Engineering

SOC design and operations, SIEM/SOAR implementation, EDR deployment and tuning, and incident response.

Technical Security Assessments

Penetration testing, red/purple team operations, social engineering, and application security assessments. PTES, MITRE ATT&CK, OWASP.

Governance, Risk & Compliance

Gap and readiness assessments across NIST CSF, CMMC, ISO 27001, PCI-DSS, and HIPAA. Framework implementation that results in real security improvement, not compliance theater.

Security Engineering & MSSP Operations

Platform implementation and administration, cloud security (AWS, Google), IAM (JumpCloud, Okta, Entra), BCP/DR program development and testing, and AI-accelerated development and prototyping.

Credentials

Certifications & Education

Offensive Security

  • OSCP: Offensive Security Certified Professional
    Offensive Security
  • OSWP: Offensive Security Wireless Professional
    Offensive Security

SANS GIAC (8 Certifications)

  • GCIH: Certified Incident Handler
  • GCIA: Certified Intrusion Analyst
  • GPEN: Penetration Tester
  • GWAS: Web Application Penetration Tester
  • GSEC: Security Essentials
  • GAWN: Assessing & Auditing Wireless Networks
  • GCFW: Certified Firewall Analyst
  • GSAE: Security Architecture Essentials

Education

  • A.S. Electronics Engineering
    York Technical Institute

Instruction & Community

  • GSEC & GCIH Conference Instructor and Local Mentor
    SANS GIAC, onsite delivery at INS, Microsoft, and Premera
  • 1,300+ hours of technical instruction
    Curriculum development and adult learning across technical disciplines
  • ARES Operator & ESCA Volunteer
    Emergency communications, field operations, incident coordination

Get In Touch

Ready to talk security?

I work best by referral and conversation, so let's have one. Whether you need a vCISO, a technical security leader, or just a straight answer about where you stand, reach out.

shan@greykit.com LinkedIn