Colleen Carroll has built her career at the crossroads of technology, risk, and people. With a foundation in technology risk from her early years at Ernst & Young and a master’s in accounting, she quickly gravitated toward the governance, compliance, and security space. Over time she has expanded her responsibilities to include compliance, risk management, privacy, application security, and fraud operations. What defines her approach isn’t just technical depth, but a clear leadership philosophy: security is a people business.
“In the security world, you do nothing in a silo. You need every team around you,” she says, underscoring her belief that collaboration, trust, and communication are the real levers of progress.
Scaling Security in a High-Growth Environment
After six years at EY, Colleen transitioned to Emburse, where she took on the challenge of building a cohesive compliance program in a rapidly expanding, private-equity-backed organization.
“Before we streamlined our approach, audits were handled in silos, with multiple processes that weren’t fully coordinated. My focus has been on building a unified structure that reduces redundancy and increases efficiency.”
Her responsibilities quickly expanded. “Outside of our 20-plus audits that my team manages, we are SOC 1, SOC 2, ISO, and PCI compliant. I also oversee our GRC activities, all our security risk management and vendor management. And I serve as our data protection officer, so I run our privacy compliance and legal and regulatory adherence as well.”
More recently, she has added application security, employee awareness, and fraud risk activities to her portfolio.
Embracing AI With Guardrails
As Emburse accelerates its use of AI, Colleen has become a key stakeholder in ensuring innovation is balanced with trust.
Across the company, Product and Engineering teams are embedding AI into spend management workflows—from intelligent expense categorization and fraud detection using behavioral signals, to natural language interfaces for reporting and approvals. These capabilities save customers time, reduce errors, and improve compliance, while also laying the foundation for enterprise-scale AI adoption.
Internally, AI is powering enterprise operations such as forecasting, anomaly detection in finance and security, and productivity use cases like code generation, customer support response drafting, and contract review. Together, these initiatives drive efficiency and scalability as Emburse grows.
To guide this innovation responsibly, the company launched AI-Vengers, a cross-functional AI governance and enablement initiative. The program establishes guardrails for responsible AI use—including privacy, bias mitigation, and data security—while promoting safe experimentation across Product, Engineering, Sales, and Support.
Colleen is a central voice in this work. “We’ve definitely embraced AI and we want to use AI, but obviously within the guardrails of ensuring that our information remains safe,” she says. “We’ve been intentional about providing enterprise-grade AI tools so employees have secure, approved options—balancing innovation with the highest standards for data protection.”
The Ongoing Challenge of Identity and Platforms
Like many security leaders, Colleen sees identity as an evergreen challenge. “Identity will always be number one. As soon as you feel like you get a handle on it, there is always more to consider.” People are central to security, which is why building awareness and collaboration across teams is so critical.
She is also pragmatic about the shifting vendor landscape. “We continuously evaluate our vendor landscape to ensure we’re partnering with providers that deliver the broadest, most strategic value—helping us stay both agile and efficient.”
Women in Leadership: Building Trust and Presence
When asked about navigating a male-dominated industry, Colleen is clear-eyed but optimistic.
“It definitely is male dominated, but I’ve never felt like I wasn’t respected. If you know your stuff and you can talk with confidence, that helps break down barriers.”
She credits the presence of strong female leadership at the top of her organization. “I feel fortunate to be in an organization where we have a very strong leader with a woman as our CEO. And she sets a really great tone from the top down.”
For Colleen, the key to influence is not posturing but relationships. “It’s a people business. If you build relationships and build trust with people, that’s how you start to have your voice respected and heard within those rooms. It doesn’t happen overnight; it’s really building those foundations with the people that you’re working with.”
Collaboration as a Leadership Style
Colleen’s leadership philosophy is rooted in collaboration and adaptability. “No one person has all the answers, which is why collaboration and diverse perspectives are essential to success. You can learn so much from people that you’re working around,” she says. “In the security world, you cannot operate in a silo. You need every team around you.”
She also emphasizes the importance of flexing her leadership style to fit the needs of her team. “Everyone needs a little bit of something different from their manager, so for me it’s asking questions to understand what their working styles are and being able to flex with that.”
Privacy and Security: A Converging Frontier
One of Colleen’s current focuses is the convergence of privacy and security. “I am responsible for both of them here. The convergence of privacy and security is evolving rapidly, and our teams are proactively adapting to ensure we meet global requirements and exceed customer expectations. It is essential to establish a privacy program that can adapt and map to the various privacy regulations and changing requirements.”
A Continuous Learner
Colleen is committed to growth, both for herself and her team. “There’s never going to be a point where you feel like you know everything because it’s constantly changing. I am always staying engaged with professional networks.”
Her approach is consistent: build networks, seek out mentors, and learn from adjacent disciplines. As she notes, “Nothing that you do is all that unique. And it’s interesting to hear how other people are working through your same problems and what they’ve found successful.”
Leading Security in the Age of AI
Colleen’s career reflects a powerful blend of risk expertise, collaborative leadership, and pragmatic vision. From transforming siloed compliance programs to driving AI governance and embracing privacy as a core pillar, she consistently demonstrates that effective security leadership is about much more than controls—it is about trust, adaptability, and relationships.
At Emburse, her leadership helps ensure that as AI transforms both products and internal operations, it does so responsibly, with the right balance of speed, safety, and trust.
Subscribe
Stay up to date with cyber security trends and more