Marcum LLP
Heather Bearfield
Assurance Services

Email Heather

Heather B. Bearfield is a Principal in the Firm’s Boston office and serves as the National Technology Assurance Services Practice Group Leader. She is also a member of its National Alternative Investment, Healthcare and Financial Services Industry Groups. Ms. Bearfield has extensive experience with SOC engagements, internal and external audits, application reviews, internal and external vulnerability assessments, wireless assessments and penetration testing.

Ms. Bearfield's main focus has been around data security and CyberSecurity. Engagements include vulnerability assessments, penetration testing, wireless assessments and social engineering.

Ms. Bearfield has comprehensive experience in multiple aspects of Risk Management across business operations including regulatory compliance. She executes compliance engagements according to various regulations including SOX, MA 201 CMR 17.00 (Data Security), HIPAA Privacy, HIPAA Security, Meaningful Use, Dodd Frank, SOC1, 2, 3 and FISMA. She identifies process and control weaknesses, analyzes complex systems and works with clients to streamline operations within time and resource constraints. Also she is responsible for conducting global and national IT Risk Assessments and IT Control Assessments in numerous vertical markets inclusive of manufacturing, banks, financial services, colocation hosting facilities cloud providers, and application service providers.


  • SOC 1, 2, 3 (WebTrust, SysTrust)
  • Sarbanes-Oxley Compliance
  • IT Audits
  • Application Reviews
  • Security Assessments
  • Data Security Regulations
  • CyberSecurity


  • Financial Services
  • Healthcare
  • Insurance
  • Manufacturing
  • Data Centers
  • Alternative Investment Funds


  • Master of Business Administration
    University of Vermont
  • Bachelor of Science, Business Administration
    University of Vermont


  • Information Systems Auditing and Control Association (ISACA)
  • Massachusetts Society of Certified Public Accountants (MSCPA)
  • 100 Women in Hedge Funds
  • Boston Chamber of Commerce- Women's Advisory Board


  • Crisis Management in Data Breaches: June 2015
  • Demystifying AML with Data Analytics: April 2015
  • IT Hot Topics. ISACA Conference: June 2015
  • Today's Security Industry: From Broken Windows to Hacked Networks: February 2015
  • Interviewed about Corporate Cybersecurity Vulnerabilities by March 2015
  • "Security Risk Assessments: Helping Achieve Compliance" Featured in South Florida Hospital News & Healthcare Report: November 2014
  • The Wall Street Journal Article, "Retailers Back Obama's Credit Card Protections.": October 2014
  • New England Cable Network "Best Practices for Data Protection.": October 2014
  • Featured on Bloomberg Radio's The Hays Advantage: October 2014
  • Featured in Crain's Chicago Business Article, "Let's Face It: Your Data's as Good as Hacked. So, Now What?": September 2014
  • Featured in AP News Article, "Target Tech Chief Resigns as it Overhauls Security.": March 2014
Facebook LinkedIn Twitter YouTube Blog

© 2015 Marcum LLP. All Rights Reserved.
Visit Full Website