Security and compliance are a passion of mine, and I've loved building programs that make my colleagues happy rather than frustrated. I'm a believer in the paved road model- when I can implement compliance requirements and security safeguards in a way that help people get their work done efficiently and safely, it brings me joy. It's with this approach that I help companies achieve SOC1, SOC2, and ISO 27001 compliance, and build third party risk, enterprise risk, and cybersecurity programs that work.

I believe in the value of a strong security culture and using security and compliance to build safeguards vs. obstacles; and I believe in the power of transparency. Knowledge is power, so empower your team!At Logikcull, I drove embedding security and compliance into the day to day practices of Logikcull's team by maintaining strong cross-team communications, conducting regular and engaging training, and using tooling and dashboards to centralize risk and vulnerability tracking. This enabled continuous visibility and supported prioritization of risk reduction in roadmap and sprint planning.My proudest accomplishments at Logikcull were not the sheer number of improvements made and the maturity of the program we built, but the moments when we could measurably see it's impact. This included the avoidance of impact from third party breaches on more than one occasion and being able to map the reduction in reported vulnerabilities (despite increasing the discovery mechanisms) in direct relationship to the controls we implemented, such as a CSP, monthly patching, and security code training. I loved that when I left this job I was messaged, "I'm going to click on every link I get in protest". The team truly embraced security and that's amazing and warmed my little heart!In partnership with my amazing security, enterprise IT and GRC team, I led the roll out of our:• Security champions program• Accessibility champions program• AI governance steering committee• Bug bounty• RBAC using Okta for centralized access control• DLP solutions• Centralized logging and monitoring with a SIEM solution• Remote working security controls, including enforced MFA, MDM for all laptops, and a zero-trust access platform• Security awareness training program, including HIPAA, global data privacy, security

Compliance and HR Consulting:SOC II Gap AssessmentsRisk AssessmentsInternal Control design Policy Drafting and Procedure DocumentationHRIS Implementation

In a Jill-of-all-trades fashion I took on an array of projects as needed to keep the day to day business functioning and support the business as we scaled.This included:A studs to move-in 12,000 sq. ft office build out in just a few monthsLeading SOC 2 program implementation, earning SOC 2 Type 2 reports with no exceptionsOwning HR, including implementing an HRIS system and managing payroll and 401(k) managementLeading the development and publishing of company policies and handbooksManaging a 4 year financial audit- when the next year's audit came along, I had the auditor's initial requests filled in 2 hours!

Client Relationship and Implementation ManagementCS Team ManagerBusiness Administration & Partnerships