Jonathan has been in risk advisory and compliance since 2003. He works with SaaS-based companies and assesses their control environments as part of SOC reporting initiatives, as well as financial institutions or publicly trading companies to assess their control environments as part of FDICIA or SOX compliance. This includes the documentation and assessment of the companies' IT processes and controls related to security and availability as defined by the Trust Service Criteria.
Jonathan also manages and delivers third-party reporting services to assess the suitability of the design and operating effectiveness of client controls to achieve defined control objectives and Trust Services Criteria, including SOC 1 and SOC 2 reports for recurring providers.
Prior to joining Moss Adams, Jonathan worked at a Big Four firm as a part of their IT advisory service practice and in the operations division of a large financial services company.