Andrew Budack

Andrew Budack is a seasoned information security professional with extensive experience in application security and compliance. Currently serving as a Senior Information Security Architect at Navient since May 2014, Andrew has successfully revamped the application security program across multiple business lines, significantly expanded ethical hacking initiatives, and launched Bug Bounty and Vulnerability Disclosure Programs. Previous roles include Information Security Architect and Senior Information Security Analyst at Navient, where Andrew led critical penetration testing efforts, drove PCI compliance, and implemented modern security tooling practices. Prior experience at Sallie Mae involved leading vulnerability reduction initiatives and managing PCI compliance audits. Andrew holds a B.S. in Management Information Systems from Indiana State University.