Name: Eleanor Sarah "EllieSally" ThompsonAdams
Age: 55 42
Education: MBA from Harvard Business School Master's in Cybersecurity from Stanford University, B.AS. in Accounting Computer Engineering from the University of PennsylvaniaCalifornia, Berkeley
Professional Background:
2518+ years of experience in professional services firms, with a focus on audit and assuranceinformation security, encompassing roles in security operations, incident response, risk management, and compliancesecurity architecture.
Focus areas: Leading large-scale audit and compliance engagements, developing new service offerings, building client relationships, and managing partner teamsCybersecurity strategy development, security operations center (SOC) management, incident response and forensics, vulnerability management, threat intelligence, and security awareness training.
Previous roles: Partner Chief Information Security Officer (CISO) at a Big Four accounting firm, Managing Director of Risk Advisory Services, Head of Compliance Practicetechnology company, Director of Security Operations at a financial institution, Security Consultant at a cybersecurity firm.
Special certifications or skills: Certified Public Accountant (CPAInformation Systems Security Professional (CISSP), Certified Information Systems Auditor Security Manager (CISACISM), Certified in Risk and Information Systems Control (CRISC)
...
Ethical Hacker (CEH), SANS GIAC certifications (e.g., GCIH, GCIA, GSEC)
Industry: Varies depending on the organization's focus (technology, finance, healthcare, government, etc.)
Responsibilities:
Oversee Develop and implement the firmorganization's audit and compliance practice, setting strategic direction and ensuring quality service delivery.
Build and maintain relationships with key clients, including C-suite executives and board members.
Lead business development efforts, identifying new opportunities and expanding the firm's client base.
Manage partner teams, providing mentorship and guidance, and fostering a culture of collaboration and excellence.
Represent the firm at industry events and conferences, building thought leadership and brand awareness.
Goals:
Grow the firm's audit and compliance practice, increasing revenue and market share.
Establish the firm as a trusted advisor and thought leader in the industry.
Attract and retain top talent, building a high-performing team.
Maintain the firm's reputation for quality, integrity, and independence.
Challenges:
Navigating a complex and evolving regulatory landscape.
Managing client expectations and balancing competing priorities.
Maintaining profitability and managing costs in a highly competitive market.
Attracting and retaining top talent in a rapidly changing industry.
Motivations:
Making a positive impact on clients' businesses by helping them improve their risk management and compliance programs.
Building a thriving and successful practice that delivers exceptional value to clients.
Developing the next generation of leaders in the audit and compliance field.
Upholding the highest standards of professionalism and ethical conductoverall cybersecurity strategy and roadmap.
Oversee the day-to-day operations of the security operations center (SOC), ensuring effective threat detection and incident response.
Manage security risks across the organization, conducting risk assessments and implementing mitigation strategies.
Ensure compliance with industry regulations and security standards (e.g., NIST, ISO 27001, PCI DSS).
Lead security awareness and training programs for employees.
Goals:
Protect the organization's critical assets and sensitive data from cyber threats.
Detect and respond to security incidents quickly and effectively, minimizing their impact.
Maintain a strong security posture that aligns with the organization's risk tolerance and business objectives.
Build a culture of security awareness and vigilance throughout the organization.
Establish a reputation as a trusted security leader within the industry.
Challenges:
Keeping pace with the constantly evolving threat landscape and sophisticated attack techniques.
Managing a limited budget and resources while facing increasing security threats.
Attracting and retaining top cybersecurity talent in a highly competitive market.
Balancing the need for security with business needs and user experience.
Motivations:
Protecting the organization from cyberattacks and safeguarding its reputation.
Leading a high-performing security team that is passionate about cybersecurity.
Making a meaningful contribution to the fight against cybercrime.
Staying at the forefront of cybersecurity innovation and best practices.
Tech-Savviness:
Highly tech-savvy , with a deep understanding of the role of technology in audit and compliancedeep expertise in cybersecurity tools, technologies, and methodologies.
Proficient in using audit software, data analytics tools, and collaboration platforms.Open to exploring new technologies, such as artificial intelligence and blockchain, to enhance audit and compliance processesSIEMs, threat intelligence platforms, vulnerability scanners, and incident response tools.
Comfortable with scripting and automation to streamline security operations.
Adept at analyzing security data and identifying patterns and anomalies.
Behavioral Traits:
Strategic thinker with a strong business acumen and leadership leadership and decision-making skills.
Proactive and results-oriented, with a focus on continuous improvement.
Excellent communicator and relationship builder, able to connect with clients and colleagues at all levels.
Results-oriented and driven to achieve ambitious goals.
Passionate about audit and compliance and committed to delivering high-quality servicesto explain complex security concepts to non-technical stakeholders.
Collaborative and team-oriented, fostering a positive and supportive security culture.
Sources of Information:
Threat intelligence feeds and cybersecurity news sources.
Industry publications reports and research reports (e.g., The Journal of Accountancy, Compliance Week).Professional conferences and events (e.g., AICPA & CIMA ENGAGE, ISACA Conference)on cybersecurity trends and best practices.
Security conferences, workshops, and training programs.
Networking with other security professionals in the audit and compliance fieldand industry peers.
Client feedback and surveys.
Quote:
"Our firm's success is built on trust, expertise, and a commitment to delivering exceptional value to our clients. By staying at the forefront of industry trends and embracing new technologies, we can help our clients navigate complex challenges and achieve their strategic objectivesCybersecurity is a never-ending battle, but it's worth fighting. By building a strong security program, fostering a culture of awareness, and staying ahead of the curve, we can protect our organization and its stakeholders from the devastating consequences of cyberattacks."