Andy Herman

Andy Herman, MSIM, CISSP, currently serves as a Senior Manager in Security Technical Program Management for the CISO at Microsoft. Previously, they held various roles in security and compliance, including positions at Google as a Regulatory Compliance Strategist and at Meta as a Risk Management Lead. Andy also contributed as an Experienced Consultant on the Security and Infrastructure Team at West Monroe Partners and led FedRAMP audits as an Information Security Consultant at First Information Technology Services, Inc. They have academic ties as Guest Faculty at the University of Washington Information School and have served as a Senior Research Assistant at the same institution.