Work Experience
Wolf & Company, P.C. June 2013 – Present
IT Assurance Senior Consultant
Lead QSA responsible for carrying out PCI DSS audits, as well as cybersecurity team lead responsible for developing and executing technical assessments. Additionally, as an IT Auditor in the IT Assurance Group I directly assist Senior Managers with designing, developing and executing audit procedures to test controls for the firm’s clients automated environment including operating systems, service bureau applications, and communication software products. Also responsible for developing and utilizing audit software to improve the efficiency of the audit process as well as acting as a security and controls consultant for the firm’s clients.
Staff Consultant – June 2013 to September 2016
Education
Bentley University
Bachelor of Science, Information Systems Audit and Control (ISAC) – May 2013 Activities: Football (Team Captain), Bentley Leadership Society (Executive Board Member)
SANS Technology Institute
Master of Science, Information Security Engineering (MSISE) – Candidate
Certifications
Listed in order of attainment
- CISA (Certified Information Systems Auditor) – View on Acclaim
- QSA (Qualified Security Assessor) – View on PCI SSC
- PCIP (Payment Card Industry Professional)
- CISSP (Certified Information Systems Security Professional) – View on Acclaim
- CCSP (Certified Cloud Security Professional) – View on Acclaim
- GSEC (GIAC Security Essentials Certification) – View on GIAC
- GCIH (GIAC Certified Incident Handler) – View on GIAC
Articles
- 18.SEP.2015 – Reducing Risk for Contactless Payments (Wolf & Company, P.C.)
- 10.FEB.2016 – How Data Tokenization Can Help Helathcare Entities Improve Their Data Security (Wolf & Company, P.C.) (Contributing author)
- 14.NOV.2016 – Combating the Rising Threat of “Smart” Devices(s) (Wolf & Company, P.C.)
- 28.SEP.2017 – My CISSP Success Story (Advanced Persistent Security)
- 25.OCT.2017 – What to look for in a QSA (Wolf & Company, P.C.)
- 28.NOV.2017 – DerbyCon 7.0 Legacy Round Up (Wolf & Company, P.C.)
- 09.FEB.2018 – Active Directory Passwords – Who is Right? (Wolf & Company, P.C.)
- 17.APR.2018 – ATM Jackpotting is Just a Symptom (Wolf & Company, P.C.)
- 22.MAY.2018 – Meet the NCUA ACET (WolfPAC Solutions)
- 31.JUL.2018 – Vulnerability Scanning vs. Penetration Testing: What is the difference, and what is right for me?
Speaking Events
Webinars
- 11.APR.2017 – Preparing for the FDIC’s Information Technology Risk Examination (InTREx) Program (Wolf & Company, P.C.) | Slides and Video Recording
- 13.APR.2017 – PCI DSS: What It Is and Why You Should Care (SCIP.org) | SlideShare
- 24.APR.2018 – How to Use PCI DSS for a Stronger IT Security Posture and Streamline Your Compliance Efforts | Slides and Video Recording
Industry-Relevant Volunteer Experience
- US Cyber Patriot Mentor (May 2017-Present)
- Eastern Massachusetts (ISC)2 Board Member (October 2016-Present)
Industry Memberships
- High Technology Crime Investigation Association (HTCIA)
- International Information Systems Security Certification Consortium (ISC)2
- InfraGard – Boston Members Alliance
- Information Systems Audit and Control Association (ISACA)
- GIAC Advisory Board Member
- SANS Security Awareness Community Member
Industry Conference Attendance
2016
- SecureWorld Boston
- ISACA New England Conference
- DefCON 24
2017
- BSides Boston
- BSidesCT
- DerbyCon 7.0 (Remote)
2018
- ISACA New England IT Audit, Security, and Risk Expo
- North America PCI Community Meeting
- Wild West Hackin’ Fest
