About the Team




We foster a culture of teamwork and open communication to effectively work with clients and internal teams in addressing cybersecurity challenges.



Our experts develop customized, forward-thinking plans aligning with clients’ needs and business objectives.



Our project managers implement robust cybersecurity measures and solutions with precision and efficiency to protect client data and assets.



Our team continuously monitors the evolving legal landscape and swiftly adjusts strategies to stay ahead of emerging threats and technologies.

Meet the team

Managing Director

Drew Danner

Drew spearheads BD Emerson's Governance, Risk, Compliance, and Security (GRC+Sec) division, where he channels his expertise into guiding clients through the labyrinth of Information Security, Risk Management, Regulatory Compliance, Data Governance, and Privacy. His stewardship is key in developing tailored programs that not only address the unique challenges faced by businesses but also foster a culture of security and compliance.

Under Drew's leadership, the consulting teams at BD Emerson flourish in conducting meticulous audits, a cornerstone in the firm’s risk analysis endeavors. His adeptness shines through in navigating a myriad of regulations and frameworks including NIST, ISO, HIPAA, GLBA, GDPR, CCPA, CPRA, VCDPA among others​.

Beyond audits, Drew is instrumental in fortifying clients' infrastructural integrity, ensuring the security of applications, and safeguarding critical data. His seasoned perspective as a virtual Chief Information Security Officer (vCISO) has proven invaluable across a spectrum of industries, marking him as a trusted advisor in the realms of security and risk management.

EXPERIENCE: Leading Transformation, Compliance Risk Advisory, vCISO Consulting, Strategy / Management Consulting

INDUSTRIES: Technology, Retail, Finance/Banking, Audit / GRC

FOCUS AREAS: Security, Risk, Change Management

CERTIFICATIONS: CISSP, PMP, ITIL, Net+, Sec+, CSM, PMI Organizational Transformation: Foundation, Six Sigma Black Belt

CONTACT: drew.danner@bdemerson.com

Drew Danner
Principal - Compliance

Jose Gonzalez Jr.

Jose is a talented and effective project manager with expertise in Compliance, Data Governance, Privacy and Data Mapping. He has led various projects and implementations for clients of all sizes and has extensive

Focusing on meeting clients where they are today, Jose drives the completion of security and privacy projects and assessments to meet immediate needs and to improve for the future.

Jose is an Army Veteran and active reservist. He is passionate about supporting service members transitioning into GRC+Sec.

EXPERIENCE: Organizational and Project Management, Regulatory Compliance, Implementing Privacy by Design

FOCUS AREAS: Compliance, Privacy, Operations and Risk Management

CERTIFICATIONS: Certified Information Privacy Professional US (CIPP-US) Certified Scrum Master (CSM), Information Technology Infrastructure Library (ITIL)

CONTACT: jose.gonzalez@bdemerson.com

Jose Gonzalez Jr.
Security Analyst

Liam O'Brien

Liam assists BD Emerson’s clients in implementing appropriate cybersecurity practices and maintaining regulatory compliance. He utilizes his knowledge to protect the client’s data, business, and finances. He has assisted in various topics of security and compliance from breach recovery to regulatory assessments.

Liam supports clients in completing security and privacy projects. His ever-growing skillset is utilized to address critical requirements or plan for a secure future.

EXPERIENCE AND CERTIFICATIONS: Sec+, AWS Cloud Practitioner, APISec University, OneTrust Privacy Professional, DSAR Process Refactoring, Regulatory assessment consulting (Regulatory Compliance), Implementing Privacy by Design, Cookie Management

FOCUS AREAS: Privacy, Compliance, Cybersecurity

Liam O'Brien
Security Analyst

Theodore Kalfas

Theo provides guidance and support to BD Emerson's clients in the establishment of robust cybersecurity measures and ensures adherence to regulatory standards. Drawing upon his expertise, he safeguards the clients' data, business operations, and financial assets. His contributions span a wide range of security and compliance matters, from breach remediation to regulatory evaluations.

Theo offers assistance to clients in executing security and privacy initiatives. Leveraging his continuously expanding expertise, he addresses pivotal needs and strategizes for a fortified future.

EXPERIENCE AND CERTIFICATIONS: AWS Solutions Architect,  AWS Cloud Practitioner, Sec+, OneTrust Privacy Professional, Cloud Security, Regulatory assessment consulting (Regulatory Compliance), Implementing Privacy by Design, Vulnerability Assessments, BurpSuite Expert.

FOCUS AREAS: Cybersecurity, Privacy, Compliance

Theodore Kalfas
Senior Advisory Consultant

Andrew Wilcox

Andrew is a Senior Advisory Consultant assisting clients across many Governance, Risk, and Compliance initiatives to establish and mature their security programs. He has been involved with many regulatory frameworks and audit and assessment requirements, including NIST 800-53, 800-171 (CMMC), NIST CSF, SOC2, and ISO 27001.

Andrew focuses on understanding the clients' environment, identifying gaps and concerns, and ultimately deriving strategic prioritization initiatives to fulfill clients' needs and mature their organizational security posture.

Andrew is a retired Naval Special Operations veteran. He mentors and volunteers across multiple cybersecurity communities and organizations to help young professionals, veterans, and career-transitioning professionals break into the cybersecurity industry.

EXPERIENCE Security Program Management, Security Audits and Assessments, Risk Management

FOCUS AREAS: Governance, Risk, Compliance, SOC 2 Compliance, NIST (800-53, CSF, 800-171) Compliance, Breach Remediation, Data Security.

CERTIFICATIONS: CISSP, CISM, CRISC, CASP+, CCNA, Cloud+, Sec+, A+, Cyber Threat Management (IBM), Lean Six Sigma White Belt

CONTACT: andrew.wilcox@bdemerson.com

Andrew Wilcox
Senior Advisory Consultant

Pam Fulmer

Pam Fulmer has substantial experience litigating all types of intellectual property and commercial disputes, with a special emphasis on licensing disputes. Pam also advises companies on privacy and related data security issues, and how they may impact software licensing.

In addition to her litigation practice, Pam devotes a significant portion of her time to defending companies of all sizes in software audits brought by software publishers known for their aggressive audit tactics such as Oracle, Quest, Micro Focus and others.

EXPERIENCE: 30+ Years in Private Practice, Intellectual Property, Commercial and Privacy Litigator, Licensing Compliance Attorney

INDUSTRIES: Technology, Software, Financial Services, Consumer Products

FOCUS AREAS: Compliance, Risk Management, Advisory Consulting

Pam Fulmer
Senior Advisory Consultant

John Kincaide

John Kincaide advises clients in Data Privacy and Cybersecurity.

John has an extensive business background including marketing and e-Commerce at Intel Corporation.

He is also a licensed attorney with over ten years of experience providing data privacy and cybersecurity solutions as inside corporate counsel and in his private practice.

EXPERIENCE: Licensed attorney focused on data privacy and cybersecurity, Strategy development and implementation, Risk analysis

FOCUS AREAS: Compliance, Security, Strategy

John Kincaide