I am a Consulting Manager in the Advisory Services practice of EY. I currently focus on IT compliance, technical product management, information security, data privacy, and digital communications. I established my skill-set through years of IT audit experience, and have since focused on consulting with Fortune 100 clients to modernize their IT compliance programs with technology. Prior to joining EY, I provided design services and guidance on executive communication strategy for similar clients.
September 2010 - June 2014
University of Washington, Michael G. Foster School of Business
Bachelor of Arts (BA), Business Administration: Information Systems
Graduated with magna cum laude honors (top 3.5% of class), achieving an overall GPA of 3.89.
July 2017 - Present
Certified Information Systems Auditor (CISA) - Passed exam with a score in the top 5% of participants.
Managing several interrelated IT projects from end to end, ensuring overall value for the organization is maximized.
Evaluation of an organization's information technology infrastructure, policies and operations as it relates to the organization's financial statement. Control types include: access management, change management, IT operations, security configuration, entity level controls, and automated business controls.
Third Party Reporting Attestations
Evaluation of an organization's information technology infrastructure, policies and operations as it relates to the confidentiality, availability, and integrity of customer's data. Control types include: information security (encryption, data management), public key infrastructure, access management, change management, and business continuity management.
Front-end (client side) design of small to medium sized business websites, enabling brands to communicate their story via the web.
Targeted, measurable, and interactive marketing of products or services using digital technologies to reach potential customers and retain them.
Hobbies & Interests
July 2014 - Present Manager, Advisory Services
Established and currently manage multiple continuous monitoring programs for compliance organizations within a Fortune 100 Technology corporation, leveraging automation and our global delivery team to enable scalable compliance across hundreds of services within multiple cloud environments. Functions include:
‣ Identification and prioritization of risk related to cloud, cyber security, data privacy, and financial compliance
‣ Design and implementation of appropriate mitigating controls and procedures, leveraging automation to mitigate risk at scale
‣ Establishing executive-level reporting and communication to drive effective, timely remediation
‣ Technologies leveraged: Flow, PowerApps/Dynamics CRM, Forms, SharePoint, RPA (BluePrism)
Managed the technical design/implementation of multiple compliance automation products at a Fortune 100 Technology corporation. Functions included: establishing the product vision, roadmap, technical architecture, and functional specifications, as well as managing the product development through deployment
Developed a baseline IT risk and control framework for emerging technologies, specifically a royalties-based blockchain solution leveraging the Quorum (Ethereum-based) platform
Led numerous operational IT and business risk and control assessments to identify areas of performance improvement in highly complex environments; designed/facilitated a training program to establish risk and control knowledge within the engineering organization
Supported the establishment of data privacy programs for multiple clients in the Technology sector to address the EU General Data Protection Regulation (GDPR)
Performed numerous SOX 404 audits and Financial Statement audits for corporations in the Technology, Biopharmaceutical, Manufacturing, and Gaming sectors. Primary functions included:
‣ Control design and operating effectiveness testing related to access management, change management, IT operations, security configuration, entity level controls, and automated business controls.
‣ Leading process walkthrough meetings with process owners to identify potential risks within the IT environment, and IT controls which address such risk.
‣ Technologies: Oracle E-Business Suite, SAP, UNIX, Sage, OS/400, Mainframe, SQL DB, Windows Server.
Third Party Reporting Attestations
Performed multiple third party reporting attestation projects for a Fortune 100 Cloud Service provider, including SOC 1, SOC 2, SOC 3, and WebTrust for CA. Primary functions included:
‣ Control design and operating effectiveness testing related to confidentiality, availability, and integrity of data. Controls related to: information security (encryption, data management), public key infrastructure, access management (both logical and physical), change management, and business continuity management.
January 2010 - June 2014 Co-Founder, Lead Designer
Co-founded a design, development, and web hosting services provider. Primary functions included:
‣ Managed a client base of over 200 small to medium sized businesses
‣ Managed web and graphic design projects utilizing MS Excel, MS Project, and Google Docs
‣ Researched and successfully targeted the high end restaurant market segment for web design
‣ Approved and active as a Themeforest author for businesses around the world
April 2013 - October 2013 Junior Graphic Designer
Served as the Junior Designer for a Seattle based startup design firm in a team of four. Primary functions included:
‣ Collaborated with a local boutique consulting firm on keynote address slide decks, web design, digital marketing, and communication strategy for notable Fortune 500 companies
‣ Attended and spoke in an RFP pitch meeting for a design project worth over $500k per year
‣ Awarded 50% pay raise after less than a month of full time work based on performance
‣ Translated business strategy and brand objectives into strategic design and communication