Darren Hulem has 10 years of experience working in the Information Technology and cybersecurity space, supporting a variety of client types from small and medium sized businesses, International Non-Governmental Organizations (INGOs), nonprofits, and associations. He has been with GRF’s Risk and Advisory services department for the last 7 years, helping clients better understand the cybersecurity risks to their organizations.
As a Senior Manager, Mr. Hulem oversees planning, fieldwork, reporting, and continuous communication for his engagements. While holding multiple professional certifications and certificates, he enhances client value by delivering a comprehensive approach to each engagement. Committed to being a trusted advisor, he is always striving to stay on top of new trends and technology to add value to his clients. He has recently passed the CMMC Certified Professional (CCP) Exam and will start the CMMC Certified Assessor (CCA) training.
Mr. Hulem, remains accessible year-round to address questions, offer support, and provide guidance on key risks and mitigation strategies. Darren uses his knowledge, experience, and expertise to assist clients with executing detailed cybersecurity engagements in the following areas: cybersecurity risk assessments, vulnerability assessment analysis, IT audits, co-sourced internal IT audits, ISO 27001:2022 compliance internal audits, SOC 2 examination and reporting, IT policy and procedure benchmarks against leading frameworks such as (ISO, NIST, PCI, HIPAA, CIS, SOC 2), penetration testing, IT training, and third-party risk assessments.
He also enjoys providing presentations to his client’s senior leadership and board members in a digestible way. Darren is a seasoned speaker on cybersecurity topics such as: combating the increase in cyber and fraud threats; cybersecurity for nonprofits; organizational reputation risk as a part of a cybersecurity program; minimizing third-party risk with IT and cybersecurity; and an internal auditor’s guide to cybersecurity. He has presented at the IIA International Conference, ISACA and IIA GRC conference, various IIA Chapters, AICPA, MACPA, GWSCPA, Humentum, UST Education, and NYCON. He enjoys sharing his experiences from client triage and cleanup with organizations to the importance of IT controls.
