• Served various clients as an independent cybersecurity and IT audit contractor• Managed day-to-day operations of the business, including client relationship management, marketing, and administrative functionsInitiatives/Projects• Managed the third-party risk management (TPRM) workflow for a mass media company with a newspaper ranked in the top 20 in the world by circulation• Facilitated semi-annual user access review for application, database, and operating system components at the above mentioned media company• Performed cybersecurity assessment work for multiple government entities focused on next generation 9-1-1 readiness• Performed cybersecurity assessment work based on NIST 800-171 standards for a public safety communications consulting firm• Conducted cybersecurity assessment work based on NIST standards as a subcontractor for a major US defense contractor• Performed IT controls testing for SOC1/SOC2 and financial audits while serving in staff augmentation role for a public accounting firm located in the United States

• Performed cybersecurity risk assessments, cyber insurance reviews, and tabletop exercises for entities in the private sector • Utilized a variety of methodologies and control frameworks, including NIST 800-53, NIST Cybersecurity Framework, ISO:27001, and CIS 20 to evaluate the security posture of client organizations • Assisted clients with the development and implementation of the above mentioned frameworks • Ranked risks and developed phased mitigation options specific to the client environment • Assisted client's technical and non-technical staff in implementing or optimizing new cybersecurity capabilities, such as vulnerability management, incident response, and governance programs or initiatives • Conducted interviews with key personnel across critical infrastructure entities to identify cyber risk • Created vivid, informative, and professional presentations for client briefings

• Performed technology risk assessments and reviewed, documented, evaluated and tested information technology controls including change management, security, backup, and operations controls, in a wide range of computing environments, for internal audit and SOC engagements• Observed, reviewed, documented, and tested key business process transactions, access controls, segregation of duties and automated controls for internal audit and SOC engagements• Ensured the delivery of high-quality deliverables and compliance with quality assurance and independence policies on engagements covering SOC 1 and SOC 2 reports and readiness reviews• Responsible for timely communications to RSM SOC leadership and clients on progress of client engagements• Reviewed staff work papers and ensured quality of engagement files to support firm’s quality standards• Assessed IT security policies, procedures, and controls of clients’ business applications, networks, operating systems, and other components of their technology infrastructure• Reviewed, documented, evaluated and tested application controls, including automated controls, on a wide range of software applications across a wide variety of client business processes• Assisted financial audit teams in the identification of control objectives and the design of control procedures to address those objectives• Identified internal IT controls, assessed their design and operational effectiveness, determined risk exposure and developed remediation plans• Determined technical and business impact of identified security and control issues and provided remediation guidance to clients• Communicated findings and recommendations to client personnel• Assisted with staff scheduling and monitoring of utilization • Served as a member of RSM Minneapolis Social Club Committee

• Planned and executed concurrent audits related to software development, ISO27001, GLBA, information security, access management, eBanking, and IT general controls at a client in the financial services industry• Developed project plans, including scope of testing, scheduling interviews, documentation requests, and staffing• Developed work programs and risk and control matrices to support controls testing • Participated in business process controls testing for a client implementing an ERP solution• Tracked metrics relevant to engagement economics, including comparison of budget vs. actual• Assisted with client billing process

• Planned and executed a variety of risk management services, including IT security and privacy, IT general controls, IT SOX, SOC, and financial audit support• Analyzed and assessed client environments related to IT governance, vendor management, workstation security, server security, application security, asset management, change management, business continuity and disaster recovery, and physical security• Managed full engagement life cycle, including planning and conducting fieldwork, discussing findings with client management during exit meetings, documenting work papers, and preparing written reports • Conducted engagements both independently and while leading an engagement team• Gained exposure to various security and control frameworks and regulations, including NIST, COSO, COBIT, ISO, SANS, SSAE 16, HIPAA, FFIEC, and GLBA• Reviewed and provided feedback for staff-level work• Responsible for training new staff regarding engagement policies and procedures• Assisted with scheduling staff on engagements• Monitored engagement economics, including allocated budget and work in process• Conducted internal presentations related to training and/or current events• Chosen as a member of CLA’s Young Advisory Council to the Young Executive Team• Planned and executed security audit for client under consent order from the Consumer Financial Protection Bureau• Developed standalone work programs and report templates for various engagements