Harrison Martorana
@harrisonmartorana
Technology compliance and risk leader translating NIST and SOC 2 requirements into actionable policy and control programs.
United StatesWhat I'm looking for
I’m a Technology Compliance Product Owner who leads lifecycle management of enterprise Technology Policies and Standards across multi-cloud environments, aligning requirements to NIST, ISO 27001, SOC 2, PCI DSS, and FedRAMP. I translate regulatory and security needs into measurable, actionable policies and standards that teams can execute.
At Adobe, I partner with Engineering, Security Architecture, Compliance, and Legal to review and approve policy and standards exceptions—assessing risk, documenting compensating controls, and defining remediation strategies. I also support internal and external audits by delivering compliance documentation, control evidence, policy mappings, and clear responses to auditor inquiries.
Before that, as a Technology Risk and Controls Consultant at Crowe LLP, I performed IT General Controls (ITGC) assessments and compliance reviews for SOX, SOC 2, HIPAA, and ISO 27001, evaluating control design and operating effectiveness through evidence review, interviews, and walkthroughs. I’m driven by risk-based decision making and by turning control findings into practical improvements.
Experience
Work history, roles, and key accomplishments
Led the lifecycle management of enterprise technology policies and standards across AWS, Azure, and GCP, aligning requirements to NIST, ISO 27001, SOC 2, PCI DSS, and FedRAMP. Partnered with Engineering, Security Architecture, Compliance, and Legal to operationalize measurable policies, manage exceptions, and support internal and external audits.
Performed IT General Controls (ITGC) assessments and compliance reviews supporting SOX, SOC 2, HIPAA, and ISO 27001 requirements. Evaluated control design and operating effectiveness, coordinated audit evidence collection, and provided recommendations to strengthen control environments.
Supported ITGC and IT Application Controls (ITAC) testing across client environments by performing walkthroughs, reviewing evidence, and documenting testing results. Followed up with stakeholders on insufficient or missing evidence and assisted with remediation tracking.
Education
Degrees, certifications, and relevant coursework
Louisiana State University
Master of Business Administration (MBA), Internal Audit and Analytics
Earned a Master of Business Administration (MBA) with specializations in Internal Audit and Analytics from Louisiana State University.
Louisiana State University
Bachelor of Science (B.S.), Business Management
Earned a Bachelor of Science in Business Management from Louisiana State University.
Availability
Location
United StatesAuthorized to work in
Job categories
Skills
Interested in hiring Harrison?
You can contact Harrison and 90k+ other talented remote workers on Himalayas.
Message HarrisonFind your dream job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
