Behind the Shield

InfusionPoints
  • 5.0 (1)
  • TECHNOLOGY

 Behind the Shield is InfusionPoints’ podcast where we sit down with partners, customers, and industry leaders to talk about FedRAMP, compliance, and cybersecurity in today’s government landscape. Each episode offers laid-back, insightful conversations that blend expertise with real-world experiences. 

  1. 5D AGO

    From Interns to SOC Analysts: Real Cybersecurity Careers Start Here

    In this episode of Behind the Shield, we continue our internship series with a real, behind-the-scenes look at what it’s actually like to start a career in cybersecurity. Host Felisha Daemer sits down with Levi Church and Ben Collins, two former interns turned full-time Security Operations Analysts, to talk through their journeys from local students to working hands-on in a 24/7 SOC environment. They share how they found InfusionPoints, what surprised them most stepping into a professional environment, and how quickly things shift from theory to real-world application. From navigating “acronym soup” on day one to building real solutions during live incidents, including a response to the global CrowdStrike outage, this episode highlights just how impactful hands-on experience can be. You’ll also hear how InfusionPoints’ rotational internship model exposes interns to multiple teams, including security operations, engineering, advisory, cloud ops, and even marketing, helping them find where they thrive. And maybe most importantly, why culture, curiosity, and being willing to figure things out matter just as much as technical knowledge. Whether you’re a student exploring cybersecurity, a hiring manager building an internship program, or just curious how talent actually develops in this space, this episode gives you an unfiltered look. Chapters:  0:10 Introduction 0:31 Levi's Introduction 1:23 Ben's Introduction 2:12 Inspiration to Enter the Field 3:40 Internship Experiences 6:50 Advice for Future Interns 8:23 Certifications and Learning 10:24 Culture and Work Environment 15:00 Projects and Achievements 21:15 Fun Questions What You’ll Learn: What it’s really like transitioning from cybersecurity theory to hands-on work in a SOC How internships can shape and sometimes completely change career paths The value of rotational vs. specialized internship experiences Why “culture shock” is normal and how to push through it How small teams create faster learning opportunities and require wearing multiple hats Building an automated emergency communication system during a major outage Streamlining internal SOC documentation for faster analyst onboarding Automating employee bio updates for operational efficiency Why certifications like AWS Cloud Practitioner, CySA+, and tools like CloudQuest can give you a head start The importance of continuous learning, curiosity, and problem-solving in cybersecurity How collaboration across teams (SOC, marketing, engineering, leadership) accelerates growth What makes a strong intern and what advice current analysts would give to future applicants InfusionPoints Links:  Apply to the Internship- https://infusionpoints.com/careers/InfusionPoints-Internship Felisha Daemer- https://www.linkedin.com/in/felisha-daemer/ Levi Church- https://www.linkedin.com/in/levichurch/ Ben Collins- https://www.linkedin.com/in/benjamincollins001/ https://www.linkedin.com/company/infusionpoints/ https://www.InfusionPoints.com https://infusionpoints.com/contact-us About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

    26 min

  2. MAR 24

    FedRAMP 20x Explained, CMMC Impact, and Real Compliance Talk with Matt Bruggeman

    In this episode of Behind the Shield, Jason Shropshire, InfusionPoints COO, sits down with Matt Bruggeman, Director of GTM Federal at A-LIGN, to explore one of the most unique career paths in the compliance space and how it directly shapes the way he approaches FedRAMP today. Starting in engineering, transitioning into improv comedy, and ultimately moving into sales engineering, Matt brings a perspective that blends technical depth with communication, adaptability, and real-world problem solving. We dive into the realities of FedRAMP, including the friction points that have challenged CSPs over the last several years, from inconsistent interpretations to long timelines and the operational burden of maintaining authorization. Matt shares firsthand insight into how these challenges have impacted both providers and assessors, and where the industry is starting to shift. The conversation also unpacks FedRAMP 20x and what it actually means beyond the headlines. We talk about automation, machine-readable evidence, and what organizations need to start thinking about now if they want to keep pace with where the program is going. This isn’t just about moving faster, it’s about fundamentally changing how compliance is approached. We also touch on CMMC and its growing influence across the defense ecosystem, how it compares to FedRAMP, and why organizations need to think strategically about overlapping requirements and long-term compliance investments. Throughout the episode, Matt highlights the importance of clear communication, storytelling, and being able to translate complex technical requirements into something actionable, especially in a space that often leans too heavily on jargon and process. Whether you're early in your FedRAMP journey, actively working toward authorization, or rethinking your approach in light of 20x, this episode offers practical insight, honest perspective, and a look at where compliance is headed next. What You’ll Learn: • Matt’s journey from engineering to improv and how it shaped his approach to problem-solving • The realities of FedRAMP challenges and why the process has been so difficult historically • How FedRAMP is evolving and what changes are underway • What FedRAMP 20x actually means and what it requires from organizations • The impact of CMMC on the broader compliance and defense ecosystem • Why communication, storytelling, and adaptability matter in technical roles • Key insights for navigating compliance in a rapidly changing environment Chapters: 0:00 - Introduction to the Podcast 0:29 - Meet Matt Bruggeman 1:16 - Matt's Engineering Background 2:13 - Transition to Improv Comedy 4:04 - Sales Engineering Journey 6:02 - Joining A-LIGN and FedRAMP 11:01 - FedRAMP Challenges and Changes 17:12 - CMMC and Industry Impact 23:33 - FedRAMP 20X Discussion 47:43 - Lighter Fare and Closing If you’re building, managing, or defending in regulated environments, make sure to subscribe for more conversations like this. Interested in learning more about FedRAMP 20x? Join our FedRAMP 20x Explained webinar on April 2nd at 1 PM EST: https://xbu40.com/20x-cohort  Guest Links:  Matt Bruggeman Linkedin: https://www.linkedin.com/in/matt-bruggeman/ A-LIGN- https://www.a-lign.com/ Mostly Compliant Podcast- https://www.youtube.com/playlist?list=PLLU5Lb_V9iSyFhftOkbrOE_y0DVAvDmO4 Sooper Doods- https://www.youtube.com/@SooperDoods InfusionPoints Links:  Jason Shropshire, COO- https://www.linkedin.com/in/shrop/ https://www.linkedin.com/company/infusionpoints/ https://www.InfusionPoints.com https://infusionpoints.com/contact-us

    58 min

  3. MAR 17

    Inside the InfusionPoints Internship Program with Rachael & Aidan

    What does an internship at InfusionPoints actually look like, and what can it lead to? In this episode of Behind the Shield, Tanner Bailey sits down with former interns Rachael Smith and Aidan Fratcher, who are now full-time members of the InfusionPoints team, to talk about their journey from students to professionals in cybersecurity, compliance, and cloud. They share how they first connected with InfusionPoints, what made the internship experience stand out, and what it was like to move through the rotational internship program across multiple teams. From shadowing engineers and SOC analysts to learning cloud operations and advisory work, this conversation gives an inside look at how interns gain real exposure to the business, technology, and culture behind the work. Rachael and Aidan also discuss the projects their internship cohorts completed, including real-world automation concepts inspired by operational needs, and reflect on how those experiences helped shape their careers. The episode also dives into advice for students, career changers, and future interns on staying curious, continuing to learn, using AI tools wisely, and standing out in a fast-changing industry. Whether you are exploring cybersecurity careers, interested in the InfusionPoints internship program, or just want a candid look at how early career talent can grow into impactful team members, this episode is packed with helpful perspective. Chapters:  00:08 Welcome and Episode Overview 00:37 Interns' Backgrounds and Interests 02:54 Application Process and Networking Tips 05:26 Infusion Points' Culture and Learning Focus 08:21 Day in the Life of an Intern 09:58 Rotational Program and Team Exposure 12:34 Real-World Projects and Automation Solutions 18:30 Cross-Department Collaboration and Crisis Handling 33:31 Advice for Aspiring Cybersecurity Professionals 42:52 Fun Questions and Closing Thoughts What You'll Learn: • How Rachael and Aidan found the InfusionPoints internship program • What the application and interview process was like • What a day in the life of an InfusionPoints intern looks like • How the rotational program exposes interns to engineering, cloud operations, advisory, and security operations • Real internship project examples and how they created value for the company • Why culture, curiosity, and initiative matter in cybersecurity careers • Advice for students and early career professionals entering the field • A few fun closing questions, including favorite snacks, movies, and shows InfusionPoints Links:  https://infusionpoints.com/careers/InfusionPoints-Internship Tanner Bailey, Senior Consultant: https://www.linkedin.com/in/tanner-b-37a50a132/ Rachael Smith, Consultant: https://www.linkedin.com/in/rachael-n-smith/ Aidan Fratcher, Consultant: https://www.linkedin.com/in/aidanfratcher/ About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

    48 min

  4. MAR 10

    FedRAMP 20x Public Notices: What CSPs and Assessors Need to Know

    FedRAMP modernization is moving quickly, and one of the newest developments is the introduction of FedRAMP Public Notices. In this episode of Behind the Shield, the team explains what these notices are, why the FedRAMP PMO created them, and what they reveal about the future direction of FedRAMP 20x. Public Notices serve as a formal communication channel that provides transparency and a chronological record of key program updates. Instead of relying on blogs or scattered announcements, the FedRAMP Public Notices page offers a centralized place where industry stakeholders can track developments, including outcomes from Requests for Comment (RFCs), operational updates, and emergency directives. During the conversation, the team walks through the first seven FedRAMP Public Notices and discusses what they mean for Cloud Service Providers (CSPs), assessors, and advisors navigating the evolving FedRAMP ecosystem. They highlight outcomes from recent RFCs, including updates to authorization terminology, changes to the FedRAMP Marketplace, and how the program is responding to industry feedback. The episode also explores operational updates such as quarterly security inbox testing requirements and the role of emergency directives that may require CSPs to respond quickly to vulnerabilities. The conversation also touches on the broader FedRAMP 20x modernization effort, including the push toward automation, machine-readable evidence, and reducing barriers to entry for cloud providers supporting federal customers. Chapters: 00:08 Understanding FedRAMP Notices and Their Importance 03:09 Navigating FedRAMP Notices 05:55 Understanding Security Assessments 08:12 Changes in Authorization Designations 10:59 Marketplace Updates and CSP Pathways 13:50 Emergency Directives and Testing Procedures 17:24 Leveraging External Frameworks for Certification 28:35 Conclusion and Future Outlook 30:09 Update: RFC-0023 Notice added 34:14 Alternate Intro Outtake What You’ll Learn: • What FedRAMP Public Notices are and why the FedRAMP PMO introduced them • Key updates and initial outcomes from RFC 19, RFC 20, RFC 21, and RFC 22 • The shift toward FedRAMP Certified designations and new class-based certification levels (A–D) • New security inbox monitoring and quarterly testing expectations for Cloud Service Providers (CSPs) • How FedRAMP may begin leveraging external frameworks like SOC 2 Type II • What these changes signal about the future direction of FedRAMP 20x and cloud authorization modernization Links to visit:  https://www.fedramp.gov/notices/ InfusionPoints Links:  Jason Shropshire, COO- https://www.linkedin.com/in/shrop/ Mike Strohecker, VP of Engineering and Operations: https://www.linkedin.com/in/michael-strohecker-238326172/ Tanner Bailey, Senior Consultant/FedRAMP 20x Lead: https://www.linkedin.com/in/tanner-b-37a50a132/ https://www.linkedin.com/company/infusionpoints/ https://www.InfusionPoints.com https://infusionpoints.com/contact-us About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

    36 min

  5. MAR 3

    Winning Government Work Without the Overwhelm with Nick Bernardo

    Government contracting can feel overwhelming, with complex regulations, countless tools, and uncertainty about where to begin. In this episode of Behind the Shield, host Felisha Daemer is joined by Jeff Bivens of InfusionPoints and Nick Bernardo, President of MyGovWatch.com, to explore how businesses can enter and succeed in the government marketplace without overcomplicating the process. Nick shares how MyGovWatch bridges the gap between low-cost but ineffective lead tools and expensive enterprise platforms, helping organizations identify the right opportunities without unnecessary complexity. The conversation covers how contracting works across federal, state, and local levels, how to build sustainable pipelines, and why reverse engineering your business development strategy is key. They also discuss the real value of AI in opportunity matching, how subcontracting opens doors for new entrants, and common myths that hold companies back. Whether contracts are your primary focus or a supplemental revenue stream, this episode offers practical guidance to help you pursue opportunities strategically and confidently. Chapters: [0:00] Introduction and Guest Introduction [0:26] How We Met and Introduction to MyGovWatch [1:42] The Goldilocks Analogy and Target Users [3:42] Comparison with Competitors and Bid Notification [6:08] Customer Success Story [7:44] Advice for Contractors [10:12] GovWatch Coverage and AI Utilization [16:16] Government Contracting Lifecycle [20:08] Subcontracting Opportunities [25:11] Common Myths in Government Contracting [28:54] Fun Questions and Closing Remarks What You’ll Learn: • How to identify the right government opportunities without expensive enterprise tools • Why reverse engineering your BD strategy saves time and resources • The difference between federal, state, and local contracting pipelines • When subcontracting is a smarter entry point than prime contracting • How AI and smart data curation improve opportunity matching • Common government contracting myths and what is actually true • Ways to build relationships and position your company before an RFP is released • How open records requests can reveal teaming and subcontracting opportunities • Practical advice for companies adding government work as a supplemental revenue stream Book Recommendations:  The Millionaire Next Door -  Thomas J. Stanley, Ph.D. and William D. Danko, Ph.D. The First 90 Days - Michael D. Watkins The Grit Factor: Courage, Resilience, and Leadership in the Most Male-Dominated Organization in the World - Shannon Huffman Polson  Lean In: Women, Work, and the Will to Lead -  Sheryl Sandberg Guest Links:  Nick Bernardo: https://www.linkedin.com/in/nickthegovconguy/ https://www.mygovwatch.com/ InfusionPoints Links:  Felisha Daemer: https://www.linkedin.com/in/felisha-daemer/ Jeff Bivens: https://www.linkedin.com/in/jeffbivens/ https://www.linkedin.com/company/infusionpoints/ https://www.InfusionPoints.com https://infusionpoints.com/contact-us About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

    34 min

  6. FEB 24

    Protecting Community Colleges from Cyber Threats with Michael Wingler, CIO- Wilkes Community College

    In this episode of Behind the Shield, Chad Spears (Director of Security Operations at InfusionPoints) sits down with Michael Wingler, VP of IT & Operations / CIO at Wilkes Community College, to talk about a reality more schools are facing: community colleges are targets now. Michael shares what’s changed in the threat landscape, why attacks love nights, weekends, and holidays, and how limited budgets and staffing make higher-ed security uniquely challenging. They dig into real-world lessons learned from close calls, vendor/partner risk, and why you can’t rely on “8–5 security” when threat actors work 24/7. You’ll also hear what’s working: building a strategic IT program that earns a seat at the leadership table, leveraging security awareness training (including measurable phishing-rate improvements), and partnering locally for 24/7 monitoring and response. If you work in higher ed, SLED, or IT/security leadership, this one hits home. 🔔 Subscribe for more conversations on cybersecurity, leadership, and real-world security operations. Links / resources InfusionPoints: www.InfusionPoints.com Wilkes Community College: www.WilkesCC.edu #Cybersecurity #HigherEd #HigherEdIT #SLED #ITLeadership #SecurityAwareness #Phishing #SOC #MDR #BehindTheShield #InfusionPoints #WilkesCommunityCollege

    1h 4m

  7. FEB 17

    Inside InfusionPoints Development: Command Center, FedRAMP 20x & Hackathon Builds

    Go Behind the Shield with a special 3-segment episode, hosted by Jason Shropshire, featuring members of the InfusionPoints engineering team as they break down what they’re building, how they’re building it, and the lessons learned along the way. Recorded after hours during Hackathon week, this one’s a little less buttoned-up in the best way. Expect real talk, real lessons, and a few laughs as the engineers unwind. Segment 1: Meet Chris Eaves and Gavin Blankenship from R&D as they share how they found InfusionPoints, what it’s like building in a “jack-of-all-trades” environment, and how Command Center became a purpose-built, opinionated GRC platform designed to make complex compliance (FedRAMP, DoD, and more)- manageable without relying on someone else’s roadmap. They also talk roadmap highlights like automated user onboarding, incident response tracking, and a behind-the-scenes look at building a deployment pipeline to scale Command Center across environments. Segment 2: Kay and Mike Strohecker join to talk life on the dev team, what Kay’s working on now (vulnerability + asset management), and what it’s like ramping up in the world of acronym soup—especially in the era of FedRAMP 20x. Plus: Hackathon reality check (no sleeping bags required). Segment 3: Caleb Brinkley (backend) and Matthew Melang (frontend) share what they focus on day-to-day in Command Center, how cross-functional hackathon teams spark better ideas, and how automation (including tools like Power Automate + Teams workflows) can eliminate repetitive work across the business. And yes… there’s a legendary story about AWS Bedrock, throttling, and an accidental “stress test” you don’t want to recreate. 🎧 Topics covered: Command Center as a “one pane of glass” for compliance + security operations FedRAMP 20x and the growing importance of KSIs Continuous monitoring automation + customer feedback loops Infrastructure + serverless architecture (Python, AWS services, Terraform) Hackathon builds: onboarding automation, back-office workflows, and more Lightning round essentials: dark mode, tabs vs spaces, and dev playlists 👍 Like, subscribe, and follow along for more real-world engineering + security conversations from the InfusionPoints team. #BehindTheShield #InfusionPoints #Cybersecurity #Engineering #FedRAMP #FedRAMP20x #GRC #CloudSecurity #DevOps #AWS

    1h 6m

  8. FEB 10

    Selling in AWS Marketplace Without Guessing: Analytics, Private Offers, and Co-Sell with Trés Vance

    What happens when you treat AWS Marketplace like real commerce, not a static listing page? In this episode of Behind the Shield, Gary Daemer and Jason Shropshire sit down in North Wilkesboro with Trés “Trey” Vance, Executive Chairman of CloudSmart, to talk about the business mechanics behind modern cloud go-to-market: marketplace analytics, private offers, channel partner private offers, and why co-sell is the difference between “we built something” and “we built a business.” Trey shares the origin story behind CloudSmart (starting with AMIs and “steak dinner money”), why marketplace reporting has historically been harder than it should be, and how CloudSmart Insights helps sellers understand who’s buying, why they’re buying, and what’s actually working. The conversation also dives into newer marketplace realities, including multi-product solutions and bundles, marketplace APIs, CRM integrations (Salesforce and HubSpot), and the coming wave of AI listings that may force everyone to rely on smarter search and better data. You’ll also hear how InfusionPoints and Trey first connected through the early ATO on AWS days, why focus versus “we do every cloud” matters, and how rural North Carolina tech teams can absolutely compete with the biggest hubs without inheriting the traffic. Topics covered: Marketplace intelligence: payouts, customers, intent, trends Public offers vs. private offers and why 95%+ of transactions are private offers Co-sell vs. go-to-market and why it changes customer acquisition cost Marketplace APIs and CRM connectors to eliminate swivel chair operations Multi-product solutions: bundling software, services, and security tools Usage-based pricing and making buying frictionless Building tech talent pipelines in rural communities 🎧 Watch and listen to the full episode and drop your questions in the comments.

    1h 14m
See All (26)

About

 Behind the Shield is InfusionPoints’ podcast where we sit down with partners, customers, and industry leaders to talk about FedRAMP, compliance, and cybersecurity in today’s government landscape. Each episode offers laid-back, insightful conversations that blend expertise with real-world experiences. 

Information

  • Creator
    InfusionPoints
  • Years Active
    2025 - 2026
  • Episodes
    26
  • Rating
    Clean
  • Copyright
    © 2026 Behind the Shield
  • Show Website
    Behind the Shield