Sarah Pevelek

I grew up in Alabama and spent most of my life on the beach. The hardest part about living in Michigan is not wearing flip-flops every day!
Sarah Pavelek
Partner, CISSP, CCSFP, CHQP, CRISC

Experience

As a leader within the cybersecurity group, I advise clients on cybersecurity services that can help them achieve their compliance needs — whether those needs are driven by internal or external forces. I’ve worked in a number of industries including technology, service, insurance, financial institution, and healthcare. While I have experience performing and leading SOC readiness assessments & examinations, HITRUST assessments, Microsoft Data Protection Requirements (DPR) assessments, IT risk assessments, IT audits, privacy assessments (GLBA, HIPAA Security), and ISO 27001 gap assessments & certifications, I specialize in SOC and HITRUST where I assist our clients in understanding the relevant requirements and whether their control structure meets those requirements.

The dynamic nature of what we do every day is what attracted me to this career. It’s true that the cybersecurity landscape is always changing, and with it, the rules and regulations that companies must adhere to. My clients appreciate that I spend time understanding their unique environments and design a project approach that meets their specific needs. Because of the time I invest in each client, they often call us first when they encounter new challenges or move to new organizations.

It’s rewarding to work for a firm where opportunities exist for each unique individual to forge their own path. Everybody’s career looks different at certain intersections in their life – mine certainly has – and I love having the opportunity to help other young leaders navigate their careers. This is one of the reasons I’m actively involved in our Women in Leadership initiative. Teaching and mentoring staff are two of my passions and a big reason why I’m excited to come to work each day.

Because of my expertise, I’ve authored or presented on cybersecurity-related topics in various white papers, newsletters, webinars, and conferences, and have had several segments on local TV stations. I belong to the Information Systems Audit and Control Association (ISACA) and the International Information Systems Security Certification Consortium, Inc. (ISC2). I received my B.S. in accounting and computer science from the University of Alabama. Roll Tide!

I spend my free time with my husband, our two boys, and our dog. We’re outdoor enthusiasts and take our dog on as many of our adventures as we can. Depending on the season you can find us downhill skiing, snowboarding, water skiing, fishing, biking, or running.