John Cartwright is a Senior Associate with Schellman & Company, LLC. Prior to joining Schellman & Company, LLC in 2015, John worked as a QSA for IBM, specializing in PCI-DSS gap analyses and Attestations of Compliance, and IT controls. John has worked across many other compliance frameworks, including Sarbanes-Oxley (SOX), ISO 27001 and NERC-CIP. Prior to IBM, John served as an internal security assessor for a Fortune 50 company, as well as a QSA with Secureworks. John is also a documentation specialist, working as an IT and software development technical writer for 10+ years and as a freelance journalist, published in print for over 25 years.
