Tucker Shepard, CISSP

Hi there—I’m an Information Security professional based in the Greater Nashville area of TN, with a deep appreciation for strategic thinking and solving complex challenges. I've been in the tech field for over a decade, and cyber specifically for ~6 of those now. This site will tell you all about my work life, so take a brief moment to learn about the personal side of this dad-joke-driven ball of energy below.

Whether it's tackling puzzles, designing thoughtful solutions, or stepping through high-level business continuity situations, I thoroughly enjoy work that makes you pause, plan, and problem-solve, even at home. That's why the most common place you'll find me is actually not at home: it's probably on someone's porch, about to be solving world problems and lost in conversation for 6 hours.

Some of my favorite things in life include (you guessed it) cybersecurity & telling people about it, holidays & the entire fall season (a Home Goods hates to see me coming), creating games and tools, finding new techy tips & tricks (yes, nerd and I'm proud of it), reading and listening to books, cooking (and baking, shhhh), getting lost in Wikipedia rabbit hole at 3am, binging Netflix TV series, dad jokes, card and board games, and quality time with my friends and family! 

East Tennessee State University

I graduated ETSU with my Bachelor of Science in Computing, conc. in Information Technology. This helped cement the foundation for many of my computing, networking, and programming skills, specifically scripting, PowerShell, C#, Java, data & analytics, and agile methodologies. 

At the recommendation of professors, I enrolled in electives focused on Ethical Hacking, Web Design & Development, Psychology & Sociology, and Information Security. It's here that my passion for security was born.

Continuous Learning

In this field, if you're not learning something every week, you're behind. In this effort, I try to stay on top of various security newsletters, breaking news, podcasts, and training sessions. One of my favorites is BHIS & Antisyphon Training. Check that info out here.

I also think it critical to constantly hone your skills, not just stay on top of the news. Because of this I routinely participate in several professional working groups and attend security conferences. In my efforts for professional growth, I obtained my CISSP in May of 2024. Prior, I had worked with SecureIdeas' CISSP 11-week mentorship program, as well as obtained my Security+ certification. These can also be viewed on the certificates page.

Outside of the industry, as a security executive it's extremely important to be well-versed in business, professional growth, and personal well-being. In lieu of this need, I actively read, seek, and study from seasoned CISO's and other executives from in and out of healthcare. I've found it impactful to have a mentor that can help me grow in all areas, not just security.

Like most others, a given week will likely very tremendously! But I can guarantee you that my mornings won't be complete without some form of coffee (or Starbucks haha!) and a bite to eat. On the weekends, you'll likely find me with family or friends laughing and enjoying a good meal.

Every day, I try to dedicate a specific amount of time to ensuring I'm available for email response, alert review, or simply answering questions and texts that arise.

I also think it's critical to dedicate time each week to security news and research. I tend to review multiple Security News outlets and look for innovation, breaking news, major vulnerabilities/issues, and generally just keep my thumb on the pulse. Some of my favorites are Bleeping Computer, Krebs, TLDR, CISA, and more. 

Lastly, when I have the time I like to work on personal research & projects. This allows me to slowly expand my knowledge & skills over time. Some examples here might be practicing ethical hacking, looking at YouTube or GitHub for POCs, demo'ing open source projects in my homelab, and so on.