TITLE: Manager, Cybersecurity & Control Risk Services Team

Antonina McAvoy leads and performs a wide spectrum of cybersecurity attestation services, risk management program assessments, SOX information technology general control (ITGC) reviews, System and Organization Controls (SOC) readiness assessments, independent trust and transparency assurance reporting (SOC 1, 2, 3 and SOC for Cybersecurity), HIPAA reviews, IT internal audits, and control services. She specializes in cybersecurity, as well as data protection and privacy.

Antonina has strong technical skills and is experienced in performing complex data mapping exercises to identify where key data resides in an organization’s environment, assessing the operating effectiveness of control environments, as well as identifying control gaps and weak cybersecurity settings. Antonina is instrumental in analyzing the root cause and impact of IT issues through gaining a deep understanding of an organization’s operations. Clients look to her to translate IT risks, recommend business solutions and design strategies to create and improve sustainable data protection and enterprise-wide risk prevention programs.

Antonina discovered her interest in information technology during her first post-college position when she was presented with the opportunity to work on an IT audit. Her experience since then has led Antonina to assist organizations across industries, both nationally as well as globally. She has found her passion by combining her love for networking with applying the technical knowledge she gained from helping companies identify control gaps and security weaknesses. Her innate ability to connect with people allows her to effectively communicate weaknesses identified and make strong recommendations to management to help improve their cyber-environment. Nearly a decade has passed since she first started assisting companies with their IT environments, yet the fear of cybersecurity preparedness by boards and upper management has only increased as high-profile cyber-attacks become more common and the need for digital trust intensifies. It is Antonina’s mission to help companies strengthen their cyber-resilience to reduce the risk of a security incident occurring that could disrupt business, result in significant financial losses and destroy an organization’s reputation.

Prior to joining PBMares in 2018, Antonina worked with other accounting firms, including a five-year tenure in the Information Systems Assurance group of the sixth largest firm in the United States and three years in the Risk Assurance group at a “big four” firm.

Antonina has achieved the ISACA certification as a Certified Information Systems Auditor (CISA), which is a preferred certification program by individuals and organizations around the world in IS audit, control and security skills. Additionally, in April of 2018, the AICPA developed and established the criteria for a Report on an Entity’s Cybersecurity Risk Management and Controls. Antonina is one of the few cyber consultants in the United States who has completed training and received the Cybersecurity Advisory Services designation.


  • American Institute of Certified Public Accountants (AICPA)
  • ISACA (formerly the Information Systems Audit and Control Association)
  • Hampton Roads Chamber of Commerce
    • THRIVE Regional Engagement Committee


  • Master of Science in Cybersecurity with a concentration in Cyber Operations from Utica College
  • Bachelor of Science in Business Management with a concentration in Accounting from Babson College
  • Associate of Science in Business Administration with a concentration in Accounting from Massachusetts Bay Community College

"One single vulnerability is all an attacker needs to infiltrate an organization. It is my passion and my mission to help companies strengthen their cyber-readiness and improve data privacy and security to lessen the risk of a breach."