Heather Bearfield, CISA, CISM, CRISC, PCI‑QSA

Principal, MARCUM LLP

bearfield heather 2013

Heather B. Bearfield is a principal in the Firm’s Boston office and serves as the Cyber & IT Risk Services leader. She is also a member of the national Real Estate, Alternative Investment, Healthcare, and Financial Services Industry groups. In addition, Ms. Bearfield chairs the Marcum Diversity & Inclusion Committee.

She has extensive experience with SOC engagements, internal and external audits, application reviews, internal and external vulnerability assessments, wireless assessments and penetration testing.

Her main focus has been around data security and cybersecurity. Engagements include vulnerability assessments, penetration testing, wireless assessments and social engineering.

Ms. Bearfield has comprehensive experience in multiple aspects of risk management across business operations including regulatory compliance. She executes compliance engagements according to various regulations including SOX, MA 201 CMR 17.00 (Data Security), HIPAA Privacy, HIPAA Security, Meaningful Use, Dodd Frank, SOC1, 2, 3 and FISMA. She identifies process and control weaknesses, analyzes complex systems, and works with clients to streamline operations within time and resource constraints. She is also responsible for conducting global and national IT risk assessments and IT control assessments in numerous vertical markets inclusive of manufacturing, banks, financial services, colocation hosting facilities cloud providers, and application service providers.

Designations & Accreditation

  • Certified Information Systems Auditor
  • Certified Information Systems Manager
  • Certified in Risk and Information Systems Control