Experience Summary
IT Audit & GRC professional with a solid understanding of IT General Controls and SOC1/SOC2 audits, gained through hands-on experience working with Deloitte on complex finance, healthcare, and technology clients. My niche expertise is in high-impact control areas like access management, change management, and IT operations, where even minor issues can mean big risks. I take a risk-first approach to controls, thinking not only about the existence of controls, but also whether the controls actually work, why they might be failing and how to fix them in a way that makes sense for the organization’s technical environment. I think what differentiates me is my ability to operate at the confluence of IT and governance. I work with engineers, system owners, and compliance teams to turn regulatory requirements into actionable controls that can be executed. This has consistently resulted in reduced friction, increased ownership and measurable improvements in security maturity rather than superficial compliance. I’m a calm, structured, and collaborative working style with a strong focus on clarity, accountability and value. What really gets me going is solving complex security problems in the real world and helping organizations transition from a reactive compliance posture to a forward-thinking governance strategy.
