Troy has been providing IT consulting services since 2001. Troy serves clients in a variety of industries including communications and media, utilities and critical infrastructure, health care, and higher education. He is adept at working with the specialty IT compliance and security needs of SEC registrants, private businesses, government and tribal entities.
Troy has extensive experience managing and leading technology security and compliance assessments using a number of different security frameworks including NIST Cybersecurity Framework, NIST Special Publication 800-53, ISO 27002, Cloud Controls Matrix, HIPAA Privacy and Security Rules, Payment Card Industry Data Security Standards (PCI DSS), and others. He also has deep experience managing and leading IT security audits and assessments, social engineering campaigns and penetration testing, PCI DSS audits, HIPAA security and privacy assessments, disaster recovery planning, alternatives analysis, network design and implementation, IT co-sourcing, and SOC audits. He frequently leverages his security expertise to determine areas of potential security weakness and infrastructure needs. Troy is a frequent speaker and highly published thought leader on IT compliance and cybersecurity topics.