Planes, Trains, and Risk Assessments, Thinking Like a Security Consultant

Marissa Russo

When we talk about security, we often discuss execution. Red team, blue team, GRC but how often are we talking about soft skills? Being a consultant is a hot job, when practitioners start consulting, they often feel not up to par. This talk walks you through skills and thinking like a consultant.

Marissa Russo is a Governance, Risk, and Compliance (GRC) Consultant and Supervisor at Seiso LLC. In her role, she assists her clients in becoming compliant with various security standards and frameworks and performs IT risk assessments for clients in the Pittsburgh area. In her previous role, she worked as a Senior IT Security Consultant at PwC, where she worked with various Fortune 500 companies and allowed her to travel around the USA and internationally. She has a passion for hands-on work and problem solving of consulting, and enjoys mentoring other women who would like to become consultants or join the IT field. Marissa is also the Director of Communication at Womxn in Tech Pittsburgh (WITPGH). WITPGH is a community of women, womxn, non-binary folks, and allies championing for the diverse and intersectional experience in tech and aim for tech equity and advocacy through digital literacy and autonomy.