Thomas Stamulis
Senior Director
Quick facts
25+ years of cybersecurity experience
Specializes in cyber risk and information security
Areas of concentration are governance, risk and compliance aligning with various regulatory requirements
Contact info
Download V-Card
+1 202 688 4280
Connect on
Tom Stamulis is a Senior Director with Alvarez & Marsal's Global Cyber Risk Services practice in Washington, DC. He specializes in Cyber Risk and Information Security. His primary concentration is helping clients navigate their governance, risk and compliance requirements. His key experience is aligned with ISO-27002, NYDFS-500, FFIEC, GLB, SOX-404, PCI, HIPAA, and NIST regulatory requirements.

With more than 25 years of cybersecurity experience, Mr. Stamulis began his career in the US Army Signal Corps before transitioning to Military Intelligence as a Counterintelligence Agent with assignments in Germany, the US and Middle East.  During his career, he established the first Intelligence Resident Office in Qatar. He helped develop, implement and manage the first network investigative in support of Middle East operations for the 202nd MI Battalion. In 2003, he served as the Senior Intelligence Systems Architect at Camp Victory, Baghdad, where he developed and maintained the architecture for all intelligence networks within the theater of Iraq providing direct support to combat operations during Operation Iraqi Freedom.

Prior to joining A&M, Mr. Stamulis spent nine years with Verizon in Ashburn, VA, where he most recently served as a Director and led the delivery of the Verizon Security Management Program (SMP) to over 130 multi-national companies consisting of over 490 sites across diverse industries and multiple technology environments. SMP is the longest continuous enterprise-wide security control assessment and validation program in the industry. SMP was founded on ISO/IEC 27001 and the Verizon Data Breach Report assessing client information security management systems from network and system analysis to physical infrastructure and policy inspection, improving overall security posture and enabling customers to reduce risk and meet compliance requirements with the Verizon Enterprise certification.

Mr. Stamulis holds the Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified in Risk and Information Systems Control. He is a member the International Information Systems Security Certification Consortium (ISC2), Information Systems Audit and Control Association (ISACA), Information System Security Association (ISSA), Infragard, Washington, DC National Chapter, Veterans of Foreign Wars and Disabled American Veterans.