Carrollynn Brown

Carrollynn has over 25 years information security, privacy, and risk management experience and over 30 years of experience in Information Technology. She works for a fortune 50 technology corporation where her current focus is on assessing privacy risks and managing privacy incident response. Over her career, she has a vast range of demonstrated experience in information security, controls, risk and IT compliance management, auditing and governance. She holds and maintains several certifications across cybersecurity (CISSP, GSEC, GPPA, CISA, CRISC), data privacy (CIPT, CDPSE) and audit (CISA) disciplines. She is a member of the GIAC Advisory Board, her local ISACA chapter, and a SANS Local Mentor. She routinely mentors, is an avid leaner and enjoys participating in hacker challenges.

Carrollynn has been responsible for various aspects of information security – ranging from corporate policy development/implementation, audit testing for compliance to Sarbanes-Oxley (SOx), privacy strategy development, incident response and investigations, risk assessments and mitigations controls, and business strategies development for data protection with focus on secure data retention, recovery, and disposal, and security consultation and training. Her work in privacy strategy includes leading a cross-company program that drove the implementation of strategy for protecting personally identifiable information (PII) throughout its lifecycle.

Carrollynn earned honors on her GSEC practical that involved a novel approach of leveraging IT in handling information security requests. In addition to holding certifications across privacy, cybersecurity and auditing domains, she was awarded the “All-Star” Technology Award at the 13th Annual National Women of Color STEM Conference. She holds a Bachelor of Science degree in Business Administration/ Management (Saint Paul's College), a Management of Science degree in Management Information Systems (Bowie State University) and is a certified systems analyst. While in graduate school, she also worked as a system programmer on various U.S. government projects.