RSM US LLP
Andrew has close to twenty years of information security and technology consulting experience serving agencies within the public sector space. As a former ethical hacker, he has a unique combination of technical- and business-related skills which allows him to easily translate technical challenges into business enabling solutions. Andrew has assisted agencies with the development and management of security risk and compliance programs as well as assessments of these programs across multiple frameworks including NIST (800-53, 800-171, and CSF), IRS 1075, ISO (27001, 27002), and CIS.
In his security and privacy public sector leadership role, Andrew works directly with senior government officials on the development and execution of strategic initiatives aligned to agency priorities. This includes leading information security projects for states of Florida, Virginia, and Maryland.
Andrew has had the privilege of speaking at national institution and security conferences, such as DEF CON, ISACA GRC, OWASP AppSec and Rochester Security Summit to name a few.