Andrew Weidenhamer

Andrew Weidenhamer is a principal in the RSM LLP technology risk advisory services practice. With close to 20 years of consulting experience within the information security and data governance field, Andrew has a unique combination of technical and business related skills which allow him to perform in multiple roles. The bulk of his Security/Privacy experience has been consulting within the public sector field leading a myriad of engagements including tactical penetration testing and red teaming engagements to large statewide NIST cyber security efforts and strategic roadmap development. As the Security and Privacy Risk Public Sector lead, Andrew’s responsibilities range anywhere from overseeing large government engagements to providing thought leadership, talent development, and other business growth activities. Outside of work Andrew is the co-lead for the DC OWASP chapter and has held the responsibility of helping to organize large information security conferences such as OWASP’s annual US flagship conference, AppSec USA. Andrew has had the privilege of speaking at national industry conferences such as Maryland Association of Counties (MACo), ISACA, Defcon, OWASP AppSec, and Rochester Security Summit to name a few. He has also worked with security researchers on pentesting tool development and has author credits on a well-known red teaming offensive security book. Finally, he keeps his skills sharp by taking industry leading training and has certifications including Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and Offensive Security Certified Professional (OSCP) among others. Andrew has had the privilege of speaking at national security and hacking conferences, such as DEF CON, OWASP AppSec and Rochester Security Summit to name a few. Finally, he has development credits on a well-known penetration testing tool called Backtrack.