Andrew serves as the Principal of Security at BD Emerson, assisting clients across many Governance, Risk, and Compliance initiatives to establish and mature their security programs. He has been involved with many regulatory frameworks and audit and assessment requirements, including NIST 800-53, 800-171 (CMMC), NIST CSF, SOC2, and ISO 27001.
Andrew focuses on understanding the clients' environment, identifying gaps and concerns, and ultimately deriving strategic prioritization initiatives to fulfill clients' needs and mature their organizational security posture.
Andrew is a retired Naval Special Operations veteran. He mentors and volunteers across multiple cybersecurity communities and organizations to help young professionals, veterans, and career-transitioning professionals break into the cybersecurity industry.
EXPERIENCE: Security Program Management, Security Audits and Assessments, Risk Management
FOCUS AREAS: Governance, Risk, Compliance, SOC 2 Compliance, NIST (800-53, CSF, 800-171) Compliance, Breach Remediation, Data Security.
CERTIFICATIONS: CISSP, CISM, CRISC, CASP+, CCNA, Cloud+, Sec+, A+, Cyber Threat Management (IBM), Lean Six Sigma White Belt
