Resume

Matt Clarke

Experience

Mapbox

Senior Security & Compliance Engineer

March 2022 - Present

  • Implement scalable technical security controls across cloud-native infrastructure, CI/CD pipelines, and SaaS applications, aligning compliance initiatives with practical security engineering.
  • Partner closely with security engineering and DevSecOps to automate control validation, evidence collection, and continuous compliance testing for frameworks such as SOC 2, ISO 27001, and internal security baselines.
  • Champion security-by-design by integrating governance requirements directly into engineering workflows, enabling proactive risk reduction through automation and telemetry.
  • Implemented a robust vulnerability management framework, creating KPIs that enhanced compliance monitoring and reduced security risks by 50% within 6 months.
  • Led risk assessment initiatives across cloud-native environments and SaaS stack, reducing incident response SLAs and improving signal-to-noise across telemetry sources like CloudTrail and GuardDuty.
  • Developed automated infrastructure governance tooling using AWS CDK and Python, enabling continuous enforcement of platform standards and just-in-time access policies.

Coalfire

Senior Manager, Technology Assurance

July 2020 - March 2022

Led strategic cybersecurity engagements for Fortune 500 clients across finance, health, and technology sectors. Managed advisory delivery teams and helped clients design security programs aligned to NIST CSF, HITRUST, and ISO 27001.

  • Maintained a $1M+ book of business for assurance and advisory services by partnering with security and compliance leadership at customer organizations.
  • Innovated across the organization to drive process improvements and create efficiencies in delivery processes.
  • Improved customer satisfaction and experience by managing client engagement responsibilities, including timelines, reporting, and client escalations.
  • Advised CISOs and CTOs on cloud risk strategy, delivering actionable roadmaps based on security assessments.

Senior Consultant, Technology Assurance

Delivered exceptional performance in serving as primary point of contact for all client and internal stakeholder interactions with aim of gaining desired objectives. Communicated with certification bodies to provide positive experience and adherence to industry standards.

  • Increased team members productivity by reviewing work product for quality and accuracy.
  • Generated revenue by exceeding annual utilization targets by 20%.
  • Completed over 40 engagements on time and within budget on annual basis.

Grant Thornton

Senior Associate, IT Risk

February 2018 - July 2020

Steered significant efforts in overseeing all phases of customer engagements from scoping to conclusion. Provided remarkable assistance in conducting numerous SOC 1 and SOC 2 reports, HITRUST Validated Assessments, and IT Audits, while managing more than 5+ concurrent work streams.

  • Achieved excellent results by examining/evaluating cloud infrastructures and traditional on-premises systems.
  • Ensured accuracy and correctness of engagements by coordinating with client/internal management.

Associate, IT Risk

Streamlined workflows by liaising with multi-disciplinary engagement teams. Documented results and findings in professional manner with aim of utilizing in critical situations. Leveraged professional expertise to identify/describe potential weaknesses in client systems and provide recommendations for improvement.

  • Increased efficiency of engagement teams by developing tools and templates.
  • Recognized and proactively identified process gaps, as well as provided relevant remedy recommendations.

Skills

Cloud & Infrastructure

  • Amazon Web Services (AWS)
  • CloudFormation
  • CloudTrail
  • CodePipeline
  • Config
  • GitHub Actions
  • GuardDuty
  • IAM
  • Infrastructure as Code (CDK, Terraform)
  • Lambda
  • Kubernetes
  • Security Hub

Languages & Automation

  • JavaScript / TypeScript
  • Python

Security Domains

  • GRC
  • Incident Response
  • Security Architecture
  • Security Operations

Education

Masters in Cybersecurity

Georgia Institute of Technology - Atlanta, GA May 2025

BBA in Management Information Systems (MIS)

University of Georgia - Athens, GA December 2017

BBA in Finance

University of Georgia - Athens, GA January 2017

Certifications

  • AWS Certified Specialty - Security (SCS) - Amazon Web Services (AWS)
  • AWS Certified Solutions Architect - Associate (SAA) - Amazon Web Services (AWS)
  • AWS Certified Cloud Practitioner (CCP) - Amazon Web Services (AWS)
  • Certificate in Cloud Security Knowledge (CCSK) - Cloud Security Alliance (CSA)

Projects

See Projects for more details.

Volunteering & Leadership

University of Georgia

MIS Advisory Board Member