Danielle Hoffmann is a governance, risk, compliance, audit, cyber risk, and AI governance professional based in New York.
She has more than 15 years of experience building and supporting security, compliance, audit readiness, and regulatory programs across technology, cybersecurity, and financial services environments.
Her work focuses on turning complex requirements into practical governance: clear controls, accountable owners, usable evidence, remediation plans, executive reporting, and programs that can stand up to audit, customer, regulator, and leadership review.
Danielle currently works in information security compliance for ION Group, supporting ION Corporates Cloud. Her work has included ISMS governance, ISO 27001 readiness and transition planning, SOC and ISO audit support, control evidence management, vendor risk reviews, threat and vulnerability management, business continuity planning, and executive security reporting.
Before ION, Danielle served as Vice President of Compliance at Digital Edge Ventures, where she oversaw compliance, risk, security, audit readiness, training, and security consulting operations.
She also served as Vice President, Information Security Officer at Empire State Bank, where she directed cybersecurity strategy, policy governance, incident response planning, disaster recovery, business continuity, and executive cyber risk reporting.
Danielle has worked across a broad range of security, privacy, audit, risk, and compliance frameworks and regulations, including ISO 27001, ISO 27701, ISO 27017, ISO 27018, ISO 42001, SOC 1, SOC 2, NIST CSF, NIST SP 800 Series, HIPAA, HITRUST, GDPR, NYDFS 500, GLBA, PCI DSS, SOX, CCPA/CPRA, DORA, NIS 2, CMMC, COBIT, COSO, CSA CCM, OWASP Top 10, and the EU AI Act.
Danielle's work spans practical governance, security, compliance, risk, audit, and AI oversight.
Core areas include:
GRC program structure
ISMS development and governance
ISO 27001 readiness and maintenance
SOC 1 and SOC 2 audit support
Control design and evidence planning
Regulatory and framework alignment
Vendor and third-party risk management
Cyber risk reporting
Policy architecture
Business continuity and disaster recovery
Threat and vulnerability management
AI governance and ISO 42001 alignment
Executive and board-ready reporting
Danielle has been recognized for professional achievement, leadership, and community impact.
Recognition includes:
Staten Island Power Woman in Business
NYC 40 Under 40 Business Stars
Staten Island Chamber of Commerce Young Professionals' Group Senior Honoree
She is also involved in professional communities including ISACA, PMI, the Staten Island Chamber of Commerce, and Gartner C-Level Communities.
Outside of her professional work, Danielle brings the same sense of accountability, resilience, and follow-through to her personal life.
In 2017, she became a living kidney donor, donating a kidney to a coworker. That experience reflects values that also show up in her work: responsibility, steadiness under pressure, and a willingness to do hard things when they matter.
Danielle's background also includes anthropology, sociology, project management, and mortuary science, giving her an unusually broad perspective on people, systems, risk, communication, and trust.