My Resume

Below is a detailed overview of my professional experience and qualifications

Download PDF Version

Professional Experience

GitHub

Security GRC Staff Analyst
September 2023 to Present
  • Lead GitHub's International Compliance program, which includes overseeing the implementations of ISO 27001, 27701, 27018, TISAX, and CSA STAR Level 2.
  • Design continuous monitoring for various risk areas within the organization and implement solutions and standard operating procedures.
  • Consult engineering, product, and design on how to make emerging products and technologies compliant with various frameworks on timelines determined by the business.

GitHub

Security GRC Senior Analyst
November 2019 to September 2023
  • Built foundational processes, procedures, and playbooks for GitHub's FedRAMP Tailored program.
  • Provided feedback to and worked closely with Security Operations, Application Security, and Security Telemetry Engineers.
  • Facilitated external assessments for GitHub's SOC 1, 2, and 3 reports.
  • Led and facilitated GitHub's annual FedRAMP Tailored assessment.

Adobe

FedRAMP Technology Compliance Lead
February 2019 to November 2019
  • Directly responsible for the success of seven cloud products in various stages and levels of maturity in the FedRAMP program.
  • Maintained two FedRAMP-authorized, Moderate CSOs and led the effort to switch from an Agency sponsorship to a JAB authorization.
  • Maintained five Tailored CSOs, at various stages of FedRAMP authorization.

Adobe

Senior Technology Risk Analyst
June 2018 to February 2019

Overstock.com

Senior IT Internal Auditor
May 2017 to June 2018

KPMG

IT Audit Senior Associate
October 2016 to May 2017

KPMG

IT Audit Associate
July 2014 to October 2016

Skills & Proficiencies

Proficiencies

Office365, GSuite, MacOS, Windows, GitHub, Slack, and most major compliance frameworks

Professional Exposure

SAP, Oracle, SQL, Ultimate Software (UKG), JIRA, ServiceNow, Tableau, MySQL, VBA, HTML, Python, Splunk, WordPress, Docker, Azure, AWS, YAML, and JSON

Soft Skills

Public speaking and presentations, proactive communication, collaboration and teamwork, maintaining budgets and timelines, and organizing complex projects

Certifications

  • Certified Information Systems Auditor (CISA)
  • Certified Information System Security Professional (CISSP)
  • ISO 27001 Lead Implementor

Volunteer Work

  • Church Activity Days Leader (plan and execute activities for 7- to 11-year-old boys twice a month)
  • GitHub Security Org Culture Club Team Member
  • Adobe (Lehi, UT) Movember Charity Committee Member
  • Overstock.com Wellness Committee Member
  • Junior Achievement Liaison for KPMG and volunteer classroom lead
  • KPMG Involve Committee Member
  • Tutor at Boys & Girls Club of America
  • BYU "Y-Serve" Youth Soccer Coach