Megan McMahon

In her role, Megan works to bridge the gap between various cross-functional business stakeholders to define, analyze, design, and implement comprehensive data protection solutions with minimal disruption to the business. Within MDR, Megan regularly works with clients to optimize and orchestrate their existing security stack, supplementing with advanced technology to streamline the detection and response process. Megan has experience managing large-scale third party risk management engagements helping clients identify and rank the risk associated with vendors with access to sensitive information. She also has experience managing GDPR, CCPA, and general compliance engagements for a variety of large, multinational clients, focusing on the interplay between stakeholders in legal, compliance, IT, and security.

Megan’s professional experience includes the following:

• CCPA readiness: Designed and implemented a CCPA compliant privacy program from scratch for a multi-billion-dollar hospitality chain in less than four months. Efforts included data mapping, designing and implementing DSAR portals, cookie compliance, and employee trainings.
• Third party risk management (TPRM): Led team engaged to build out a third party risk program for a major U.S. insurance company. Designed and developed workflows including assessment templates, distribution, analysis, and remediation on a leading TPRM platform.
• GDPR readiness: Assisted a large international technology firm in building out a GDPR compliant program. Tasks included data and business process mapping, negotiating data protection agreements, security controls review, managing DSARs, data breach notification to regulators, and the implementation of a privacy program management platform.