Versions Compared

Version Old Version 2 New Version Current
Changes made by

Steven Piliero

Steven Piliero

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Name: David Emily "DaveEm" KimRodriguez

Age: 38 33

Education: Master's in Accounting from the University of Illinois at Urbana-Champaign M.S. in Information Security Engineering from Johns Hopkins University, B.S. in Accounting Computer Science from Indiana University of Illinois Urbana-Champaign

Professional Background:

  • 128+ years of experience in public accountingsecurity engineering and architecture, focusing on audit and assurance services for large commercial and public sector organizationsdesigning and implementing security controls.

  • Focus areas: Leading audit teams, managing client relationships, developing audit plans, executing audit procedures, and reviewing workpapersCloud security, network security, endpoint security, identity and access management (IAM), and security automation.

  • Previous roles: Audit Manager Security Engineer at a Big Four accounting firm, Senior Associate at a national accounting firm, Staff Accountant at a regional accounting firmtechnology company, Cloud Security Architect at a cybersecurity consulting firm, Security Consultant at a government agency.

  • Special certifications or skills: Certified Public Accountant (CPAInformation Systems Security Professional (CISSP), Certified Internal Auditor (CIA), Project Management Professional (PMP)

Industry: Accounting and Audit

Responsibilities:

  • Plan and execute audit engagements, overseeing the work of audit teams and ensuring adherence to professional standards and deadlines.

  • Manage client relationships, addressing client concerns and questions, and providing updates on audit progress.

  • Review audit work papers for accuracy, completeness, and compliance with auditing standards.

  • Identify and assess audit risks and control deficiencies, and develop recommendations for improvement.

  • Mentor and develop junior audit staff, providing guidance and feedback on their work.

Goals:

  • Deliver high-quality audit services that meet or exceed client expectations and regulatory requirements.

  • Build strong relationships with clients and colleagues, fostering trust and collaboration.

  • Develop and mentor a high-performing audit team.

  • Advance within the firm and take on increasing levels of responsibility.

Challenges:

  • Balancing multiple audit engagements with tight deadlines and competing priorities.

  • Managing and motivating audit teams, especially during busy season.

  • Staying up-to-date on evolving auditing standards and regulatory requirements.

  • Communicating complex audit findings and recommendations to clients in a clear and concise manner.

Motivations:

  • Solving complex problems and uncovering the "truth" behind financial information.

  • Helping organizations improve their internal controls and financial reporting processes.

  • Building a successful career in public accounting and becoming a trusted advisor to clients.

  • Mentoring and developing junior audit staff and contributing to their professional growth.

Tech-Savviness:

  • Proficient in using audit software, data analytics tools, and collaboration platforms.

  • Comfortable with leveraging technology to automate audit procedures and streamline workflows.

  • Open to exploring new technologies that can enhance audit efficiency and effectiveness.

Behavioral Traits:

  • Detail-oriented and organized, with a strong focus on accuracy and quality.

  • Analytical and critical thinker, able to identify potential risks and weaknesses in financial information.

  • Excellent communicator and collaborator, able to build rapport with clients and team members.

  • Decisive and able to manage multiple priorities effectively.

Sources of Information:

  • Professional auditing standards and guidelines (e.g., PCAOB, AICPA).

  • Industry publications and research on audit and compliance (e.g., The Journal of Accountancy, Compliance Week).

  • Regulatory updates and guidance from relevant agencies (e.g., SEC, PCAOB).

  • Networking with other audit professionals and attending industry events.

Quote:

...

  • AWS Certified Security - Specialty, Certified Cloud Security Professional (CCSP), SANS GIAC certifications (e.g., GSEC, GWAPT)

Industry: Varies depending on the organization's focus

Responsibilities:

  • Design, implement, and maintain security controls for various systems and infrastructure (e.g., firewalls, intrusion prevention systems, web application firewalls, endpoint protection, and data loss prevention).

  • Develop security architectures and roadmaps to align with business objectives and risk tolerance.

  • Evaluate new security technologies and solutions.

  • Conduct security assessments and penetration testing.

  • Collaborate with other IT and security teams to ensure security is integrated into the development and operations lifecycle.

Goals:

  • Build a robust and layered security defense system that protects the organization from cyber threats.

  • Implement security controls that are effective, efficient, and user-friendly.

  • Stay ahead of emerging threats and vulnerabilities by continuously evaluating and improving security measures.

  • Foster a culture of security awareness and best practices among IT staff.

Challenges:

  • Keeping up with the rapidly evolving threat landscape and new attack techniques.

  • Integrating security into complex and diverse IT environments.

  • Balancing security needs with business requirements and usability.

  • Managing a limited budget and resources for security initiatives.

Motivations:

  • Building secure systems and infrastructure that protect the organization's critical assets and sensitive data.

  • Using technical expertise to solve complex security challenges.

  • Staying at the forefront of security technology and innovation.

  • Collaborating with other security professionals to share knowledge and best practices.

Tech-Savviness:

  • Highly tech-savvy with deep expertise in security technologies, protocols, and architectures.

  • Proficient in various scripting languages, cloud platforms, and security tools.

  • Able to design and implement complex security solutions that meet business requirements.

Behavioral Traits:

  • Analytical and problem-solving mindset, able to identify and address security risks.

  • Detail-oriented and methodical, with a focus on accuracy and thoroughness.

  • Strong communicator, able to explain technical security concepts to non-technical stakeholders.

  • Collaborative and team-oriented, able to work effectively with other IT and security teams.

Sources of Information:

  • Security blogs, forums, and online communities (e.g., SANS, Hacker News)

  • Industry publications and research papers on cybersecurity.

  • Security conferences and workshops (e.g., Black Hat, DEF CON)

  • Vendor documentation and training resources.

Quote:

"Security is not just about building walls; it's about creating a resilient defense that can adapt to new threats and challenges. By constantly learning and improving, we can build a security program that protects our organization and its assets."