HEATHER BEARFIELD

Heather Bearfield brings over 20 years of experience in IT risk, compliance, and cybersecurity to UHY’s Technology, Risk, and Compliance Practice. She specializes in SOC engagements, internal and external audits, application reviews, and a full spectrum of cybersecurity assessments including vulnerability assessments, wireless assessments, penetration testing, and social engineering.

Her core focus is helping organizations safeguard data and protecting systems at every layer. Heather’s work spans a wide array of industries, such as manufacturing, financial institutions, cloud and colocation hosting providers, and application service organizations. She collaborates with clients to identify and remediate process and control weaknesses, analyze complex systems, and streamline operations within realistic time and resource constraints.

In addition to technical assessments, Heather leads compliance engagements under SOX, MA 201 CMR 17.00 (Data Security), HIPAA Privacy and Security, Meaningful Use, Dodd-Frank, SOC 1/2/3, and FISMA. Her deep understanding of regulatory requirements and controls enables her to deliver comprehensive risk management solutions tailored to each client’s environment.

Education and Certifications

• MBA, Business Administration (Management Information Systems), University of Vermont
• BS, Business Administration (Management Information Systems), University of Vermont
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Data Privacy Solutions Engineer (CDPSE)