Fred Nunley
AeroLeads people directory · profile

Fred Nunley Email & Phone Number

Manager, IT GRC and Privacy at Clearspeed
Location: Catonsville, Maryland, United States 7 work roles 2 schools
LinkedIn matched
✓ Verified Jul 2026 3 data sources Profile completeness 86%

Contact Signals

LinkedIn Profile matched
3 free lookups remaining · No credit card
Current company
Role
Manager, IT GRC and Privacy
Location
Catonsville, Maryland, United States
Company size

Who is Fred Nunley? Overview

A concise factual answer block for searchers comparing this professional profile.

Quick answer

Fred Nunley is listed as Manager, IT GRC and Privacy at Clearspeed, a with 19 employees, based in Catonsville, Maryland, United States. AeroLeads shows a matched LinkedIn profile for Fred Nunley.

Fred Nunley previously worked as Independent Consultant at Independent Consultant and Senior Information Technology Audit Manager at Deloitte & Touche Usa, Llp. Fred Nunley holds M.B.A. And M.S. Finance from University Of Baltimore.

Company email context

Email format at Clearspeed

This section adds company-level context without repeating Fred Nunley's masked contact details.

Clearspeed

Review company-level records connected to Fred Nunley before choosing the right outreach path.

Profile bio

About Fred Nunley

Highly motivated, accomplished, proven leader, with diversified management consulting experience, managing both Governance, Risk, and Compliance (GRC) and IT SOX Audit / Audit-readiness engagements for clients within the Financial Services Market. 8 years of Big 4 Senior Leadership experience, with a proven track record for identifying opportunities, developing innovative solutions, and expanding trusted client relationships and business growth.Successfully led project teams of all sizes (up to 30 FTEs) comprised of staff/subcontractors/subject matter resources (SMR)/specialists on high-profile, complex, large multi-national engagements. KEY SKILLS AND AREAS OF EXPERTISE• Governance, Risk, and Compliance (GRC)• Enterprise Risk Management (ERM)• IT Audit and Security Compliance Reviews• Risk Control Self-Assessment (RCSA)• ITGC and Application Control Testing• IT Vulnerability Assessments and Penetration Testing• SSAE 18 SOC1 and SOC2 Attestation• PCI-DSS Compliance• Financial / Business Management• Corporate Accounting and SEC Reporting• Cybersecurity Risk Assessments• SOX 404 Top-Down Risk Assessments (TDRA)• FedRAMP Assessments and Compliance• Business Process Reengineering• Program and Project ManagementACCOMPLISHMENTS•

Current workplace

Fred Nunley's current company

Company context helps verify the profile and gives searchers a useful next step.

Clearspeed
Clearspeed
Manager, IT GRC and Privacy
california, united states
Website
Employees
19
AeroLeads page
7 roles · 16 years

Fred Nunley work experience

A career timeline built from the work history available for this profile.

Manager, It Grc And Privacy

Current

San Diego, California, United States

May 2024 - Present

Independent Consultant

Baltimore, Maryland, United States

Serving as an independent consultant, providing IT consulting and cybersecurity services to client organizations that align with organization policy and industry leading practices. Specific activities include:- IT Risk Management - Assessing the first line risk appetite and current management of IT policies, practices, and frameworks to identify and prioritize uplift against an ideal target state.- IT Application Security - Reviewing and evaluating source code, SQL scripts, algorithms, and formulas for transforming, extracting, and loading relevant source data and creating reports to test the completeness and accuracy of Information Produced by Entity (IPE) and Information Used in the Control (IUC).- Incident Management - Developing and managing phishing campaigns with serial clicking and reporting metrics to better gauge phishing resilience and identify areas of concern.

Sep 2023 - May 2024

Senior Information Technology Audit Manager

Served as the Senior IT Audit Manager and Lead IT Specialist responsible for selling, managing, and delivering technology assurance services across Deloitte’s Financial Services practice. Specific activities included:- AICPA and PCAOB Integrated and Non-Integrated Audits - Evaluated the design and operating effectiveness of IT General, Application, IT-Dependent Manual, and Manual Business Process controls and performed ‘test of one(s)’ (where applicable) to assess critical processes within the systems.- SOC1 and SOC2 Audits - Reported on the fairness of the presentation of management’s description of the service organization’s system and the suitability of the design and operating effectiveness of the IT general, automated, IT-dependent, and manual process controls to achieve the related control objectives included in the description throughout a specified period.- IT GRC - Provided independent oversight, assessment, and effective challenge of first line of defense cybersecurity and technology activities, risks and controls to ensure accountability and support better enterprise security. - Cyber Threat Analysis - Performed automated vulnerability scans over identified open ports on live hosts that tested the organization’s network security controls and penetration testing over any exploitable vulnerabilities that simulated real-life attacks to highlight cybersecurity exposures.- Risk Control Self-Assessment - Facilitated RCSA workshops with client management to lead the auditees in assessing their environment by providing insight about the objectives of controls based on risk assessment.- PCI-DSS Compliance - Implemented strategies for network segmentation and reduced attack surface across the Cardholder Data Environment (CDE) via PCI-compliant firewalls and demilitarized zones (DMZ) to minimize security and compliance risks associated with a breach of the confidentiality, integrity, or availability of critical data.

Dec 2019 - Aug 2023

Director

Served as the Director responsible for driving risk advisory and IT consulting services across KPMG’s Financial Services Market. Led account planning, strategic capture, proposal development, talent management, and client delivery for a Large Multi-Dollar Loan Making Organization client. Specific activities included:- SOX Internal Controls over Financial Reporting (ICFR) – Performed a risk-based SOX 404 assessment and evaluation over ICFR for the following key Loan Guarantee business processes: Eligibility and Application, Approval Process, Loan Servicing, Monitoring and Reporting.- Cybersecurity Threat Management – Implemented a common cyber threat framework to support the compilation of threat data in common terms and categories, and the presentation of content in a consistent and repeatable manner.- Information Technology General Controls (ITGCs) - Recommended changes to security controls, security control baselines, assignment values, associated implementation guidance, and assessment procedures to the CIO.

Jul 2017 - Nov 2019

Senior Manager

Served as the Senior Manager responsible for driving Risk Advisory Services across EY’s Real Estate Finance practice. Led account planning, strategic capture, proposal development, talent management, and client delivery for the Real Estate Finance - Housing accounts. Specific activities included: - SOX Internal Controls over Financial Reporting (ICFR) - Performed a risk-based SOX 404 assessment and evaluation over ICFR for key business processes.- Enterprise Risk Management (ERM) - Implemented a COSO-based ERM framework that incorporated all major risk types i.e., economic, operational, legal, compliance, strategic, reputational, and programmatic risks and utilized common risk vocabulary, categories and definitions, key risk indicators (KRIs), trending reports and other means of risk monitoring.- Corporate Governance - Developed corporate-wide procedures for risk management to ensure organizational compliance with internal, external, and industry standards using the Institute for Internal Auditors (IIA) and the Neel Corporate Governance Center’s Guiding Principles of Corporate Governances.- IT Audit Readiness – Created a continuous monitoring program using NIST standards for reporting on the organization’s progress towards achievement of key IT metrics such as the common security configuration baseline for each hardware asset and mobile device, the type of cloud services used and the vendor for each, the number and percent of privileged and unprivileged users with network accounts, and the number of systems that encrypt sensitive data while at rest.

Jan 2015 - Jul 2017

Senior Manager

Mclean Va

Served as MFC’s Senior Manager responsible for driving risk management, performance improvement, and technology enablement services within MFC’s Risk and Compliance Solutions Financial Services Offering. Managed marketing, full life-cycle business development, teaming partner negotiation, subcontractor management, talent acquisition, and cross-functional/team staff development for the strategic capture/execution of business opportunities in the public and private sector. Specific activities included:- Internal Controls over Operations (ICOOP) – Performed a macro-level analysis to assess the entity and transaction level controls for design and operating effectiveness and rationalized unnecessary, insignificant, and redundant controls (i.e. controls over inconsequential general ledger codes, controls over insignificant business processes/transactions, controls addressing out-of-scope objectives) and leveraged “power controls” to mitigate multiple risks. - Enterprise Risk Management - Developed combined risk registers and risk profiles for all risks by functional area i.e. financial, strategic, operational, compliance, and economic. - Information Technology General Controls (ITGC) - Performed ITGC testing over access security, change management, and network operations in compliance with NIST SP 800-53, revision 4 guidance and recommended Corrective Action Plan (CAPs) development based on identified control failures.

2011 - Jan 2015

Manager / Project Manager

Mclean Va

Served as the Project Manager and key conduit for strategic, business, and program-related information to multiple staff members within the Booz Allen Economic and Risk Analytics Community. Led project teams on a sustained basis for a variety of assignments within the Financial Services Sector. Specific client services included the following: Full Scope SOX/A-123 ICFR Assessments; Segregation of Duties (SOD) Analyses; Vulnerability Assessments; Penetration Testing; and Business Process Reengineering.

Sep 2005 - Sep 2011
Team & coworkers

Colleagues at Clearspeed

Other employees you can reach at clearspeed.com. View company contacts for 19 employees →

2 education records

Fred Nunley education

FAQ

Frequently asked questions about Fred Nunley

Quick answers generated from the profile data available on this page.

What company does Fred Nunley work for?

Fred Nunley works for Clearspeed.

What is Fred Nunley's role at Clearspeed?

Fred Nunley is listed as Manager, IT GRC and Privacy at Clearspeed.

Where is Fred Nunley based?

Fred Nunley is based in Catonsville, Maryland, United States while working with Clearspeed.

What companies has Fred Nunley worked for?

Fred Nunley has worked for Clearspeed, Independent Consultant, Deloitte & Touche Usa, Llp, Kpmg Us, and Ey Technology Solutions.

Who are Fred Nunley's colleagues at Clearspeed?

Fred Nunley's colleagues at Clearspeed include Robert Smith, Rebecca Falk, Sally Griffiths, Dima Rafoul, and Ben Smith.

How can I contact Fred Nunley?

You can use AeroLeads to view verified contact signals for Fred Nunley at Clearspeed, including work email, phone, and LinkedIn data when available.

What schools did Fred Nunley attend?

Fred Nunley holds M.B.A. And M.S. Finance from University Of Baltimore.

Find 750M verified contacts

Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.

People with similar names

Check these profiles if this is not the Fred Nunley you were looking for.

View similar profiles