AeroLeads people directory · profile

Matthew Corwin Email & Phone Number

Talk to me about AI risk management at National Institute of Standards and Technology (NIST)
Location: United States 11 work roles 2 schools
1 work email found @matthewcorwin.com 3 phones found area 424 and 213 LinkedIn matched
✓ Verified Jul 2026 4 data sources Profile completeness 100%

Contact Signals · 1 work email · 3 phones

Work email m****@matthewcorwin.com
Direct phone (424) ***-****
LinkedIn Profile matched
3 free lookups remaining · No credit card
Role
Talk to me about AI risk management
Location
United States

Who is Matthew Corwin? Overview

A concise factual answer block for searchers comparing this professional profile.

Quick answer

Matthew Corwin is listed as Talk to me about AI risk management at National Institute of Standards and Technology (NIST), based in United States. AeroLeads shows a work email signal at matthewcorwin.com, phone signal with area code 424, 213, and a matched LinkedIn profile for Matthew Corwin.

Matthew Corwin previously worked as Principal Investigator (U.S. Artificial Intelligence Safety Institute) at National Institute Of Standards And Technology (Nist) and vCISO, Managing Director at Guidepost Solutions. Matthew Corwin holds Juris Doctor (Jd), Law from University Of California, Irvine School Of Law.

Company email context

Email format at National Institute of Standards and Technology (NIST)

This section adds company-level context without repeating Matthew Corwin's masked contact details.

*@matthewcorwin.com
68% confidence

AeroLeads found 1 current-domain work email signal for Matthew Corwin. Compare company email patterns before reaching out.

Profile bio

About Matthew Corwin

Please reach out in you are interested in collaborating on safeguards and/or risk management frameworks for artificial intelligence and machine learning.I help heavily regulated companies with a significant technical footprint build security or privacy programs, architect technical risk-based solutions to regulatory compliance challenges, or execute specialized projects to manage risk. I do this by taking the time to understand their business and helping them develop and implement the solutions that are the best fit for their unique circumstances. Hands-on technical leader and CISO with 15+ years of IT security and privacy experience leading teams of up to 25 people at financial, healthcare and tech companies. Managed successful risk-based security and compliance programs to facilitate organizational goals in orgs ranging from small start-ups to the Fortune 50. California licensed attorney (CA State Bar #317406). Experienced expert witness in the areas of cybersecurity, privacy, data breach, damages, digital forensics, and forensic accounting. Opinions expressed via this profile are strictly my own not necessarily those of my employer, NIST, or any other person or entity with which I may be associated. Privacy • Cybersecurity • IT Risk • Cloud Security • Compliance • GRC • Security Architecture Management • Project/Program Management • Threat & Incident Management • Disaster Recovery / Business Continuity • Strategic Planning • Risk Assessments • Data Management • Regulatory Compliance • Data Governance Technology Audits • Identity & Access Control • Change Control Management • Forensics • E-Discovery • GDPR • PCI • QSA • CCPA • HIPAA • SOX • GLBA • FedRAMP • SIEM • OWASP Top 10 • SANS Top 25 • HITECH • CISSP • CISA • CCPA • CPRA • CMMC• DFIR

Listed skills include Strategy, Management, Data Center, Strategic Partnerships, and 35 others.

Current workplace

Matthew Corwin's current company

Company context helps verify the profile and gives searchers a useful next step.

National Institute of Standards and Technology (NIST)
National Institute Of Standards And Technology (Nist)
Talk to me about AI risk management
AeroLeads page
11 roles · 25 years

Matthew Corwin work experience

A career timeline built from the work history available for this profile.

Principal Investigator (U.S. Artificial Intelligence Safety Institute)

Current

Gaithersburg, Md, Us

• Develop new guidelines, tools, methods, protocols and best practices to facilitate the evolution of industry standards for developing or deploying AI in safe, secure, and trustworthy ways• Develop guidance and benchmarks for identifying and evaluating AI capabilities, with a focus on capabilities that could potentially cause harm • Develop approaches to incorporate secure-development practices for generative AI, including special considerations for dual-use foundation models• Assessing and managing the safety, security, and trustworthiness of models and related to privacy-preserving machine learning• Develop and ensure the availability of testing environments• Develop guidance, methods, skills and practices for successful red-teaming and privacy-preserving machine learning• Develop guidance and tools for authenticating digital content• Develop guidance and criteria for AI workforce skills, including risk identification and management, test, evaluation, validation, and verification (TEVV), and domain-specific expertise• Develop guidance for understanding and managing the interdependencies between and among AI actors along the lifecycle

Feb 2024 - Present

Head Of Grc

New York, Ny, Us

Managed a team of six responsible for the security governance program for a 500 person, $7B FinTech. These areas included vulnerability management, security compliance, privacy, third party risk, and financial regulatory compliance. Reported directly into the CISO and quarterly Board reporting.Selected Results:• Successfully led SOC 1, SOC 2, NYDFS Part 500 and Part 200, BCDR, data protection/DLP, US privacy, and security GRC programs. Implemented NIST CSF program and successfully completed numerous external audits. • Worked with business and tech teams to develop and update risk-based technical and process controls that aligned with business objectives to promote effective risk management and business growth.• Designed and implemented continuous monitoring and proper maintenance of controls. Ensured operational effectiveness and that the resulting evidence was organized, available, and free from exceptions.• Built strong relationships with auditors and examiners. Implemented new GRC tools and automations for audit, compliance and risk management.

Feb 2022 - May 2023

Vciso, General Counsel

San Francisco, Ca, Us

Built a privacy large and successful consulting practice from the ground up, and expanded technical consulting for IT GRC and security. Leader of multiple security and privacy projects with clients ranging from start-ups to industry leaders. Manager of SW US region and all staff/budgets.• Developed and deployed innovative strategies and tools serve client needs and meet internal requirements• Initiated, facilitated and led team efforts to gather, analyze and interpret data to formulate conclusions and recommendations for privacy and security projects (many security and privacy frameworks)• Ensured efficient use of resources through project planning and management• Developed solutions for complex client situations to ensure timely realization of goals and objectives• Developed staff performance through mentoring, performance reviews and recruiting• Communicated with all client management levels • Met or exceeded budget and deliverable expectations both internally and with clients• Senior Qualified Security Assessor (PCI)• FTC (Bureau of Consumer Protection) approved independent third party auditor

Aug 2019 - Feb 2022

Us Privacy Consulting Practice Lead

Teaneck, New Jersey, Us

Built the US privacy consulting practice at Cognizant from one person to $15M in annual revenue with dozens of professionals on projects with leading companies nationwide. Selected Results:• Headed the US unit of the company’s Global Privacy and security consulting practice, specializing in AI and Analytics, delivering exceptional services to Fortune 500 clients.• Directed cross-functional teams to ensure compliance with Privacy regulations (such as GDPR and CCPA), implement technical solutions, enact process changes, and integrate services to achieve business, risk, and compliance goals.

Feb 2018 - Jul 2019

Privacy And Regulatory Compliance

Sap

Walldorf, Bw, De

Managed GDPR implementation and compliance for all SAP Ariba products and services, including:- Data mapping, data flow diagrams, Data Protection Impact Assessments (DPIA)- Audited existing privacy and security controls and processes, gap assessment, risk assessment- PM remediation, development and implementation of new controls, policies, and processes- Validated and tested controls, processes, and applications to ensure compliance- Documented, organized and maintained the results so compliance can be demonstrated and certified.- Delivered a GDPR maintenance program to ensure continuous compliance

Oct 2017 - Feb 2018

Internal Audit Manager

San Jose, California, Us

• Managed IT security audits, auditors and risk assessments primarily for PCI DSS and GDPR. Also supported ISO 27001, SOx, FISMA, FEDRAMP, COSO, COBIT and enterprise risk management efforts• Drafted privacy and security sections of vendor service agreements, negotiated security and privacy clauses with vendors, and conducted vendor risk assessments• Implemented a tokenization program which reduced risk and saved $2.6 million in audit and compliance costs• Tested, analyzed, validated and recorded technical controls including: - Routers and firewalls, IDS / IPS- AV, DLP, DCS, Red Seal, FIM, SIEM- Network security architecture and diagrams, vulnerability scans, penetration tests, security and privacy policies and procedures, access control methods, multi-factor authentication, physical security controls, biometrics, database security, cryptography / encryption - Assessed SaaS / IaaS / cloud, SLA / MSA / SOW for vendors with impact to security or privacy risk• Performed data analytics to identify threats and vulnerabilities. Developed PCI and IT risk programs. • Reported, control effectiveness and risk to senior and executive management, proposed remediation strategies. • Addressed inquires of external auditors, stakeholders, and regulators

Jan 2016 - Oct 2017

Practice Group Leader

Long Beach, Ca, Us

• Assessed regulatory compliance posture and advised commercial clients in highly regulated industries• Acted as a primary resource for legal compliance counseling with clients, ensuring compliance with all applicable laws, regulations, policies, and best practices• Identified and assessed compliance risks and opportunities, then worked collaboratively with all stakeholders to develop and implement appropriate mitigation strategies• Drafted and updated legal memos, policies, procedures, and communications with regulators and law enforcement related to client compliance activities • Educated clients and stakeholders on compliance and legal matters, policies and procedures • Established and maintained relationships, credibility and trust with clients, stakeholders, other attorneys, government regulatory officials, law enforcement and law makers• Worked on litigation matters at the trial level and on appeal in state and federal court• Consulted on IT matters

2014 - 2016 ~2 yrs

Chief Information Security Officer (Ciso)

Los Angeles, Ca, Us

• Oversaw network infrastructure, architecture and security for commercial data center/ISP CLEC startup clients including Fortune 500 firms and government agencies• Initiated and led ERM, PCI DSS, SSAE 16 (SAS-70), HIPPA, HITECH, ISO 27001 / 27002 internal audit, vendor risk management, privacy, compliance and security programs• Hired and supervised privacy and litigation counsel• Drafted and maintained customer MSAs/SLAs, 3rd party agreements/SOWs, and commercial leases.• Led M&A and ultimately facilitated acquisition of the company by a major tech firm

2007 - 2013 ~6 yrs

Military Police (95B, 31B) (Active Duty/Reserves)

Arlington, Virginia, Us

• Worked Joint Missions with the US Secret Service (protective details and investigations)• Subject Matter Expert on information technology and telecommunications• Performed physical security assessments and enforced security policies and procedures• Worked Counter-Terrorism and Protective Services details• Various law enforcement duties, conducted investigations, made arrests and testified in court• Worked with prosecution attorneys to develop evidence and prosecute cases

2002 - 2010 ~8 yrs

It And Infosec Manager

Treasure Map Consulting

• Managed information systems and security, deployed web servers and other infrastructure. • Developed applications and products, integrated products and third-party applications with services and products.• Performed security and compliance assessments

2004 - 2007 ~3 yrs
2 education records

Matthew Corwin education

Juris Doctor (Jd), Law

University Of California, Irvine School Of Law

Bachelor Of Science (B.Sc.), Business Administration, Management And Operations

California State University, Los Angeles
FAQ

Frequently asked questions about Matthew Corwin

Quick answers generated from the profile data available on this page.

What company does Matthew Corwin work for?

Matthew Corwin works for National Institute of Standards and Technology (NIST).

What is Matthew Corwin's role at National Institute of Standards and Technology (NIST)?

Matthew Corwin is listed as Talk to me about AI risk management at National Institute of Standards and Technology (NIST).

What is Matthew Corwin's email address?

AeroLeads has found 1 work email signal at @matthewcorwin.com for Matthew Corwin at National Institute of Standards and Technology (NIST).

What is Matthew Corwin's phone number?

AeroLeads has found 3 phone signal(s) with area code 424, 213 for Matthew Corwin at National Institute of Standards and Technology (NIST).

Where is Matthew Corwin based?

Matthew Corwin is based in United States while working with National Institute of Standards and Technology (NIST).

What companies has Matthew Corwin worked for?

Matthew Corwin has worked for National Institute Of Standards And Technology (Nist), Guidepost Solutions, Nydig, Truvantis, and Cognizant.

How can I contact Matthew Corwin?

You can use AeroLeads to view verified contact signals for Matthew Corwin at National Institute of Standards and Technology (NIST), including work email, phone, and LinkedIn data when available.

What schools did Matthew Corwin attend?

Matthew Corwin holds Juris Doctor (Jd), Law from University Of California, Irvine School Of Law.

What skills is Matthew Corwin known for?

Matthew Corwin is listed with skills including Strategy, Management, Data Center, Strategic Partnerships, Telecommunications, Enterprise Software, Crm, and Team Building.

Find 750M verified contacts

Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.