About BARR Advisory

Marc serves as ISO practice leader for planning and executing ISO 27001, 27701, 27017, and 27018 audits. Marc is the BARR subject matter expert for ISO and holds certifications including ISO 27001 Lead Auditor, ISO 27701 Lead Auditor, and ISO 31000 Certified Risk Manager.

Prior to BARR, Marc previously worked as a senior associate at KPMG and is a United States Army Veteran. He has a Bachelor of Business Administration in Management Information Systems from Temple University. His certifications include: Certified ISO 27001:2013 Lead Auditor, Certified ISO 27001:2022 Lead Auditor, Certified ISO 27001:2013 Internal Auditor, Certified ISO 27001:2022 Internal Auditor, Certified ISO 27701 Lead Auditor, and ISO 31000 Certified Risk Manager.

As a director of BARR’s attest services practice, Cameron currently serves clients in a range of industries from global technology and media production to financial organizations. He is known for his exemplary client services as well as a strong technical expertise in assessing security and compliance against regulatory standards like ISO 27001, 27701, PCI DSS, and HITRUST.

Cameron owns the project management aspect of client engagements, ensuring evidence is obtained and documented in a timely manner. He strives to engage and build relationships with all BARR clients and ensures top quality for all clients. Cameron earned a Bachelor of Science in Information Systems and Finance from the University of Maryland.

As a senior manager on BARR’s attest services practice, Julie brings extensive experience supporting Internal audits, SOX audits, various compliance framework audits, and technology risk management in support of organizational programs and initiatives.

Outside of work, she volunteers with the ISACA SheLeads Tech and IAPP on various task forces to help shape the future of information security and privacy (children’s privacy).

Julie is a CISA, ISO 27001 Lead Auditor, CCSK, and a CIPT.

As a manager for BARR’s attest services practice, Sydney is responsible for managing a team who plans and executes all aspects of SOC attestation engagements, including testing controls and performing walkthroughs. Her past experience includes developing GRC technologies and issuing SOC 1 and SOC 2 reports. 

Sydney received her Bachelor of Science in Business Administration in Accounting and Finance from Baker University and Master of Accounting from the University of Kansas. She is a Certified Public Accountant (CPA), and prior to BARR, Sydney worked for EY as a Senior Business Consultant. In her spare time, Sydney enjoys running and coaching fifth grade girls’ basketball.

As a manager of BARR’s attest services practice, Barbara serves as the lead for planning and executing information technology audits (SOC 1, SOC 2, SOC 3, and ISO 27001), client risk assessments, and CISO Advisory engagements for clients in a wide range of industries. She is an ISO 27001 Lead Auditor.

Prior to joining BARR, Barbara worked as a senior associate in KPMG’s Audit and Assurance practice. She has a Bachelor of Science in Accounting and Information Systems from Duquesne University.

As a manager for BARR’s attest services practice, Amanda is responsible for assessing security and compliance against regulatory standards, such as ISO 27001, SOC 1, SOC 2, and SOC for Cybersecurity. She has more than five years of experience evaluating risk and IT controls in cloud-based SaaS solutions, as well as on-premises data center systems. Amanda is an ISO 27001 Lead Auditor and holds the CCSK (Certificate of Cloud Security Knowledge) issued by the CSA.

Prior to joining BARR, Amanda held the position of senior associate at Marcum, LLP, where she also served as a member of the diversity, equity, and inclusion task force. She holds a bachelor’s degree in business administration, with a focus in management and information systems / business analytics, from the University of New Hampshire.

As a manager in BARR’s attest services practice, Sarah is responsible for planning and executing information technology audits and risk assessments for clients in the healthcare industry as well as serving as a lead ISO auditor. She is certified in CISA and HITRUST-CCSFP.

Sarah is an experienced consultant with a demonstrated history of working in the information technology and services industry. She is skilled in data privacy, compliance, risk analysis, and critical thinking. Sarah holds a Bachelor of Science with a focus in Psychology from Kennesaw State University.

As manager of BARR’s attest services practice, Steve works closely with organizations in the healthcare industry to identify and mitigate cybersecurity threats by planning and executing risk assessments and audits against frameworks including HITRUST, NIST SP 800-53, PCI, SOC 1, and SOC 2. Steve is an ISO 27001 Lead Auditor, a Certified Information Systems Auditor (CISA), and a HITRUST Certified CSF Practitioner.

Prior to joining BARR, Steve was a senior consultant in Wolf & Company’s IT Assurance practice. He holds a Bachelor of Science in Information Systems from Bentley University.

As a senior consultant for BARR’s attest services practice, Bronwyn is responsible for planning and executing information technology audits and client risk assessments for clients in various highly regulated industries.

Prior to joining BARR, Bronwyn worked with orca whales as a senior specialist at SeaWorld San Diego. She holds a certificate in cybersecurity from Evolve Security Academy, a Bachelor of Arts in Communications, and a Bachelor of Science in Biology, both from the University of Wisconsin-Milwaukee.

As a senior consultant for BARR’s attest services practice, Devin is responsible for planning and executing cyber risk engagements, including information technology audits and risk assessments, for clients in various highly regulated industries.

Devin is a graduate of Western Governors University with a bachelor’s degree in cybersecurity and information assurance. He brings more than half a decade of prior experience as an instructor for special education. His interests include cloud security, information security management, as well as governance, risk management, and compliance.

As a senior consultant for BARR’s attest services practice, Eduardo is responsible for supporting senior consultants with the completion of SOC 2 audits for SaaS clients.

Eduardo graduated from the University of North Texas with a Bachelor of Science in Business Computer Information Systems. He excels when working in a team and has extensive experience in public speaking. Eduardo is fluent in both English and Spanish and can read and write in Hebrew.

As a senior consultant for BARR’s attest services practice, Erica specializes in planning and executing information technology SOC audits as well as client and project relationship management for clients in various highly regulated industries, including information technology.

Erica holds a CompTIA Security+ Certification, Bachelor of Science in Psychology from Georgia State University, a Master of Arts in Teaching Education from Augusta State University, and a specialist degree in education from the University of West Georgia. Erica taught both STEM and English to Speakers of Other Languages at the DeKalb County School District for 11 years, while providing remote desktop support to members of a local church for more than five years.

As senior consultant for BARR’s attest services practice, Gustavo works closely with organizations in a variety of industries to identify and mitigate cybersecurity threats by planning and executing audits against frameworks including ISO 27001, NIST 800-171, SOC 1, SOC 2, and HIPAA. Gustavo is an ISO 27001 Lead Auditor and SOC Engagement Lead.

Prior to joining BARR, Gustavo’s past experience includes Financial Statement Integrated Audit, Internal Audit Co-source and Outsource, SOX controls testing, and SOC attestation and reporting over control environments with professional experience at Binder Dijker Otte and Ernst & Young. He holds a Bachelor of Business Administration in Management Information Systems and an International Business Certificate from Texas A&M University.

As a senior consultant for BARR’s attest services practice, Niti is responsible for planning and executing technology risk readiness assessments and audits for clients in various highly regulated industries.

Prior to joining BARR, Niti served as a senior consultant with EY’s risk advisory practice. She holds a Bachelor of Business Administration in Business Management from James Madison University.

As a senior consultant for BARR’s attest services practice, Ashley supports the planning and execution of cyber risk engagements, including information technology audits and risk assessments for clients in various highly regulated industries.

Ashley previously worked within the audit and assurance team at Ernst & Young. She has served clients on various public and private assurance engagements spanning industries such as retail, manufacturing, real estate, and healthcare. Ashley holds a bachelor’s degree in accounting from the University of Kansas and is currently awaiting licensure after successfully passing the CPA exam.

As an associate consultant for BARR’s attest services practice, Liz supports the planning and execution of cyber risk engagements, including information technology audits and risk assessments for clients in various highly regulated industries.

Liz is an experienced business analyst who specializes in customer relationship management, technical support, and stakeholder engagement. She holds a bachelor’s degree in management information systems from Texas A&M University and certification in the Vanta Auditor Partner program.

As an associate consultant for BARR’s attest services practice, Nathan supports the planning and execution of cyber risk engagements, including information technology audits and risk assessments for clients in various highly regulated industries.

Prior to BARR, Nathan was a cybersecurity staff associate at Cherry Bekaert and worked in vendor risk compliance for CooperVision. He holds a Bachelor of Science from Penn State University.

As an associate consultant for BARR’s attest services practice, Reese supports the planning and execution of cyber risk engagements, including information technology audits and risk assessments for clients across industries.

Reese specializes in customer success and has a strong background in technical implementation as well as leadership and communication. Reese holds a bachelor’s degree in economics from the University of Georgia and a master’s degree in information systems, specializing in cybersecurity, from Georgia State University.

As an associate consultant of BARR’s attest services practice, Sarah supports the planning and execution of cyber risk engagements, including information technology audits and risk assessments for clients in various highly regulated industries.

Prior to BARR, Sarah was a GRC analyst and HIPAA security officer for a Denver-based software solutions firm. She holds a bachelor’s degree from San Francisco State University.

As an associate consultant for BARR’s attest services practice, Zerrick works with clients on cybersecurity strategy, helping them navigate complex security and compliance issues, identify risks, and develop remediation methods. Zerrick has over six years of experience in the IT industry and has most recently worked at Duke Energy Corporation and Synechron.

Zerrick is a Coding Boot Camp graduate with hands-on software engineering experience leveraging C#, ASP.NET MVC, HTML, CSS, JavaScript, SQL, Bootstrap, Visual Studio, jQuery, Object-Oriented Programming, Agile Methodologies, Entity, and Responsive Design. He attended Ohio State University and holds a certificate in Network and Systems Administration from Per Scholas.

As an associate consultant for BARR’s attest services practice, Zikiya supports the planning and execution of cyber risk engagements, including information technology audits and risk assessments for clients in various highly regulated industries.

Zikiya comes to BARR with a Bachelor of Arts in Psychology from North Carolina Central University. She has five years of technical support, audit and risk management, and compliance experience.

As an associate consultant for BARR’s attest services team, Isabella supports the planning and execution of cyber risk engagements, including information technology audits and risk assessments for clients in various highly regulated industries.

Isabella has previous experience as a content developer at McGraw Hill and in design for West Elm. She holds a Bachelor of Science in Business Marketing from the University of Kansas and is highly skilled in project management, data visualization, and design. 

Michelle leads BARR Advisory’s marketing and communications strategy, global brand management, creative services, and strategic partnerships. In her role, Michelle is responsible for developing integrated marketing initiatives designed to showcase BARR’s expanding advisory and compliance services as well as develop key partnerships as a pathway to new business. With nearly a decade of marketing, communications, and branding experience in a wide range of industries, Michelle brings her passion for creativity and innovation to BARR’s dynamic culture.

Prior to BARR, Michelle served as Assistant Director of Marketing for a private university in Kansas City, and held various marketing roles of increasing responsibility in the technology, performing arts, and athletics industries. She holds a bachelor’s degree in mass communications from Kansas State University and a master’s degree from Rockhurst University.

As senior marketing associate for strategic communications, Michelle focuses on expanding BARR’s brand reach in the cybersecurity and compliance B2B markets through paid and earned media opportunities, including social media. Michelle is a journalist and PR writer with more than 200 bylines in print and online.

Prior to joining BARR, Michelle worked as a public relations specialist at Virtual Vocations. She has extensive experience in developing research-based strategies for social media growth and writing content for senior managers and C-suite executives. Michelle holds a Bachelor of Arts in English from Shenandoah University. 

As marketing associate, Christine supports BARR’s marketing and communications strategy. She focuses on writing and designing content to extend BARR’s reach in the cybersecurity and compliance B2B markets.

Christine has more than 15 years of experience in marketing, communications, and content development. She holds a Bachelor of Science in Journalism in Strategic Communication and a Master of Science in Journalism in Integrated Marketing Communications from the University of Kansas.

As BARR’s vice president of business development and growth strategy, Vince forecasts client needs based on industry trends to generate new business opportunities. Vince is known for his diligence, professionalism, and commitment to supporting the needs of BARR clients and future clients.

Prior to joining BARR, Vince ran his own communications company alongside his father and siblings. There, he developed a new digital media product and ran day-to-day operations. He also worked for Wells Fargo in positions of increasing responsibility until joining the BARR team. Vince graduated Summa Cum Laude from Arizona State University with a Bachelor of Arts degree, then went on to earn a Global MBA from the Thunderbird School of Global Management.

As a business development manager, Jim cultivates and maintains client relationships and researches industry trends to identify the needs of BARR’s clients and partners. He also supports growth strategies and efforts across multiple departments.

Prior to joining BARR, Jim worked for JP Morgan Chase & Co. in various client-facing and operational capacities. He holds a Bachelor of Arts in Political Science and Public Policy from the University of Delaware.

As the manager for BARR’s cybersecurity consulting practice, Larry supports small-to-medium sized and enterprise companies in need of a virtual CISO (or CISO on retainer). He plans and executes various engagements including readiness assessments, policy and procedure documentation, vendor risk management assessments, and external audit assistance.

As an experienced cybersecurity professional, Larry specializes in navigating IT governance, risk, and compliance within complex digital landscapes. His expertise extends across implementing robust cybersecurity programs, conducting comprehensive compliance audits, and designing solutions tailored to the unique needs of our clients, ranging from emerging tech startups to established enterprises.

Holding CISSP, CISA, and CRISC certifications, Larry brings a wealth of knowledge and a proven track record in bolstering security postures, ensuring regulatory compliance, and fostering resilient digital ecosystems.

Committed to continuous learning, he keeps up on the latest cybersecurity trends, threats, and innovations, particularly those influencing cloud-based ecosystems. His approach is described as a blend of strategic foresight, technical acumen, and a keen understanding of the evolving cyber threat landscape, empowering our clients to achieve their business objectives securely and compliantly.

As a senior consultant in BARR Advisory’s cybersecurity consulting practice, Brett evaluates the design and effectiveness of clients’ technology controls to prevent breaches and incidents and identify opportunities to operate more efficiently. Brett is recognized as a diligent, disciplined individual who goes above and beyond for his team and his clients.

Prior to BARR, Brett served in the United States Navy for six years, where he was a member of the elite Navy Special Warfare community that conducted special operations. After his service, Brett went on to mentor veteran students — providing support and positive influence to help them achieve academic, career, and life goals.

Brett holds a Bachelor of Science in Accounting from the Bloch School of Management at the University of Missouri-Kansas City.

As a senior consultant, Teddy supports the company’s growing cybersecurity consulting practice, specifically for small-to-medium-sized companies in need of a virtual CISO (or CISO on retainer). He plans and executes various engagements including readiness assessments, policy and procedure documentation, vendor risk management assessments, and external audit assistance.

He is an experienced consulting professional with a history of working in IT governance, risk, and compliance for financial institutions and small-to-medium-sized companies. He maintains CISA, HITRUST CCSFP, and CISSP certifications to fortify his reputation as an IT professional in audit and risk. Teddy graduated from Utica University with a Bachelor of Science in Cybersecurity, and prior to BARR, he worked at Wolf & Company, P.C.

As founder and CEO of BARR Advisory, Brad Thies leads all aspects of the organization’s global client service delivery and security assessment services including SOC, ISO, PCI, NIST, HITRUST, and HIPAA examinations, and cybersecurity consulting services. Under Brad’s leadership, BARR has become one of the most sought-after third-party assessors and consulting providers in the cloud computing space—serving high-growth startups to Fortune 1000 companies in the most regulated industries including technology, financial services, healthcare, and government.

Brad’s specialty is in helping cloud service providers assess, design, and implement processes and controls to meet customer, regulatory, and compliance requirements.

He holds a Bachelor of Science and Master of Accounting degree from the University of Kansas. Brad is a Certified Public Accountant (CPA), Certified Information System Auditor (CISA), and Certified Cloud Security Professional (CSSP).

As vice president of finance and business support, Adam supports all aspects of BARR Advisory’s long-term financial planning and growth. Adam is an entrepreneurial, results-driven leader with 15+ years of experience working in the information technology and financial service industries.

Adam has strong project management and corporate finance skills with a demonstrated ability to lead finance, corporate development, and strategy initiatives. He holds a Bachelor of Science in Accounting and Business Administration from the University of Kansas and an MBA from Indiana University.

As accounting manager, Lynn supports the vice president of finance and business support team with the overall management and supervision of the accounting department. She is responsible for financial reporting, billing, collections, payroll, budget preparation, and compliance.

Lynn previously served as accounting manager at Cameron Manufacturing and Design. She is an experienced financial professional with an exceptional background in project management, bookkeeping, domestic business, and individual tax services. She is an Enrolled Agent of the IRS and a CPA candidate with a bachelor’s degree in accounting from State University of New York at Fredonia.

As BARR’s executive administrative assistant, Krystal provides general administrative support for BARR’s founder and CEO as well as supports the leadership team and overall success of the organization.

Krystal brings 10 years of experience to her role. She previously worked with BDO US, where she was responsible for supporting the BDO Detroit office as well as the Tax Regional Managing Partner. Krystal is accomplished in customer service, training, collections, and administrative work. She has been awarded for strong customer service skills and leadership with the ability to execute deliverables with excellence. Krystal has a degree in business management.

As vice president of people and culture, Jonnae leads the team that aims to attract, develop, and retain top talent, while working to ensure that our employees are happy, healthy, supported, and engaged. With over a decade of experience in human resources, community relations, and higher education, Jonnae brings outstanding leadership and development expertise to BARR.

Prior to joining BARR, Jonnae served in several leadership positions at universities in Missouri. She holds a Bachelor of Arts in Communication from University of Missouri Columbia and a Master of Arts in Educational Administration from University of Missouri Kansas City.

Lauren Hannawald brings 20 years of professional experience to her role as learning and organizational development manager, where she leads comprehensive training programs designed and executed for all levels of the organization. In her role, Lauren ensures all BARR employees are equipped with the knowledge, skills, and resources needed to succeed in their roles and grow their careers. She collaborates frequently with company departments, key business partners, and industry thought leaders to ensure alignment with BARR’s strategic business initiatives.

With an education and marketing communications background, Lauren began her career at Hallmark Cards and VMLY&R. She also served as marketing director at Rockhurst University in Kansas City. Lauren holds a bachelor’s degree in journalism from the University of Kansas and a master’s degree from New York University.

As people & culture strategist, Al helps lead company culture efforts, with an emphasis on Diversity, Equity, and Inclusion internal initiatives. She supports BARR’s organizational strategy and aligns business objectives with people solutions.

Prior to joining BARR, Al worked as a healthcare recruiter for Maxim Healthcare Services. She has a master’s degree in industrial and organizational psychology from Adler University and a bachelor’s degree in psychology from North Carolina Central University.

As director of attest operations, Melody leads internal initiatives that create, improve, and educate the team on client service processes, tools, and methodologies. Melody provides unparalleled support by way of client project management activities, reporting management, tools/new process engagement and education, and training system management. 

Before joining BARR, Melody worked in marketing positions of increasing responsibility at Hallmark Cards and Cox Media. Melody has a Bachelor of Science degree in Business Administration and Marketing from Ramapo College of New Jersey.

Ashlyn has more than half a decade of experience in cybersecurity compliance and risk management, including planning and executing technology risk readiness assessments and audits for clients in various highly regulated industries, and has a strong background in information technology, finance, and data analysis.

Ashlyn is lead quality specialist and holds a Bachelor of Arts in Accounting and Finance with a CPA Concentration from College of Saint Benedict and a Master of Business Administration with a Data Analytics Concentration from University of Northwest, St. Paul. Prior to BARR, she most recently worked for PricewaterhouseCoopers, assisting in audit planning and testing SOC 1 and 2 reports, evaluating business process controls, and testing IT general controls for several Fortune 500 companies.

As technical editor, Jen edits, formats, and assures consistency across a variety of highly technical, time-sensitive reports. Jen ensures information in all BARR reports is complete, accurate, and representative of the BARR brand.

Jen joined the BARR team in 2019 and has more than 15 years of experience in copyediting, content creation, and branding. Prior to BARR, she was director of marketing for a private university and ran her own freelance marketing business. Jen holds both a Bachelor of Science in Public Relations and Marketing and a Bachelor of Arts in Modern Languages from Kansas State University.

As a reports specialist for BARR’s quality and compliance team, Jessica ensures all new and recurring business engagement letters are created for clients and internal stakeholders. She works cross-functionally with Attest Partners, Business Development, Legal, and BARR’S Client Service Operations teams to uphold our processes to make a positive client experience with ease of execution of our letters.

Prior to BARR, Jessica worked in various roles of increasing responsibility at Hudson Technologies for 15 years.