Thomas Brown is a Senior Analyst in GRF’s Risk & Advisory Services department. He interacts with clients to show them potential weaknesses in their cybersecurity posture and provides guidance on next steps. Mr. Brown is responsible for performing IT Audits, fraud and forensic investigations, co-sourced internal audits, policy and procedure benchmarks, and third-party risk assessments. Additionally, he presents key observations and findings to clients and senior executives.
He also conducts risk assessments to identify, analyze, and review information technology, fraud, and other security risks and vulnerabilities facing organizations both externally and internally. This includes collaborating with clients to efficiently complete assessments and help identify the best ways to implement changes. Additionally, Mr. Brown manages the cybersecurity awareness training and phishing simulation programs for GRF and multiple clients. He recently achieved Certified Information Systems Auditor (CISA) certification.
Before joining GRF, Thomas worked as a Project Manager for managing the configuration and implementation of EMR systems at Epic.