Lead BISO for Target's supply chain distribution center facilities and operations. Heavy focus on Operational Technology (OT) security and risk identification within our Global Supply Chain and Logistics organization.Leading security assessments covering IT and OT operational technology/ICS industrial controls at Target's supply chain facilities and processes. Developed and delivered the first security maturity assessment using a customized control framework, successfully identifying critical areas of security risk, resulting in targeted security recommendations and roadmap that drove the business to become a partner in overall security and risk ownership.Providing management consulting in cyber security, risk and governance direction to the stores and supply chain portfolio business lines, developing roadmaps to maintain or decrease security risk. Evaluated third-party vendors supporting OT/IT to co-develop security requirements for agreements and contracts for support to decrease risk and assign security ownership.

Selected by the international PCI Security Standards Council to deliver a presentation on cloud Hardware Security Modules (HSM) at the largest Payment Security Community Meeting conference.Spearheaded a significant initiative that had a direct impact on Target’s financial and security assurance. The project marked the first-ever cross-functional validation of a Point-to-Point Encryption (P2PE) Merchant Managed Solution (MMS) at Target. The objective of the project was to eliminate the potential financial risk associated with the organization's investment in Point of Sale (POS) solutions, should the acquiring bank no longer allow unvalidated in-house solutions. We obtained validation of the P2PE MMS and we were able to significantly reduce the organization's risk exposure.Delivered multiple PCI assessment activities for Target retail and RedCard servicing, playing a crucial role in ensuring that the assessments were executed smoothly, completed on time, and within budget constraints and more importantly deemed within compliance with PCI. Conducted risk assessments to evaluate the current state of security within the enterprise. Utilizing expertise in risk management, I was able to offer valuable recommendations aimed at minimizing risk to the organization. Maintained focus on risk reduction, carefully monitoring the impact of the solutions and making necessary adjustments to ensure ongoing success.Leader of other special projects, undertaking the responsibility of devising strategies to mitigate the risk of guests' payment information exposure from the point of capture in the stores. This involved collaborating with various teams across the organization to understand the current state of payment security and identify potential vulnerabilities. Based on the findings, I led the design and implementation of targeted solutions that would reduce the risk of payment card data exposure and ensure compliance with relevant security standards.

Lead all operations of Optiv's Compliance consulting team, including P&L ownership. Encompassing; team mentorship and leadership, methodology and offering development, sales and marketing support, back end operations, and client-facing consulting and executive-level presentations. Evangelized professional services offerings, responsible for creating and delivering marketing collateral such as blog posts, webinars, and in-person speaking engagements at events like Optiv’s ES3 & Executive Briefings, PCI Community Meeting roundtable discussions, and regional ISSA meetings.Achieved the highest effective margin percentage in the company. Multi-year presidents club award recipient.Operationally focused on consulting delivery, but also sales motivated to help drive increased revenue numbers.Completed the integration of the Accuvant and Fishnet compliance consulting teams into one cohesive team with standardized services.Lead MSSP offering for PCI ASV vulnerability management for hundreds of clients.Developed pricing metrics to facilitate accurate scoping of projects and the development of change orders, ultimately enhancing client satisfaction and profitability.

Selected to lead the combined Accuvant - FishNet Security PCI consulting practice moving forward.Responsible for growing the practice headcount to meet unprecedented demand for our PCI Advisory Services.

Leads a large experienced-team of PCI QSA's; delivering top-notch consulting services around the PCI DSS, PA-DSS and Experian EI3PA standards.

Product Manager of Secure Payment Card Solutions for merchant clients.Focused on providing our merchant clients with payment solutions that ease security and compliance efforts, as well as lower risk using PCI Point to Point Encryption (P2PE) and Tokenization integrated payment terminals.

• Managed all aspects of PCI and Experian EI3PA consulting offerings. Gap Analysis & Reviews, Reports on Compliance (ROC), Reports of Validation (ROV), Strategy, ASV Scanning and Experian Assessments growing the service offerings annual revenue, but driving additional revenue in supporting services and product.• Primary QA lead for the PCI Program ensuring quality deliverables and maintaining the company's QSA certification in good standing.• Assisted hundreds of PCI-bound entities with remediation and program management: retail and ecommerce merchants, data storage and acquiring service providers.• Managed relationship between Accuvant and the PCI SSC. Managing employees’ training and certification requirements.• Maintained personal PCI QSA and ASV certifications for numerous years, as well was trained as an ISO 27001 ISMS Auditor.• Participated in all PCI Community Meetings obtaining more in-depth knowledge that is publicly available and participated as a team lead on the initial Special Interest Group (SIG) for scope reduction. Continued participation in the Point-to-Point Encryption (P2PE) SIG.• Developed and launched new service offerings as well as refined existing ones for higher efficiencies and client satisfaction.• Traveled throughout the US and Canada to deliver best practice consulting and presentations in compliance management.• Managed a tight-knit team of expert PCI & PA QSAs. Included internal and client project staffing, projections, employee reviews, and travel expense management.• Managed the PCI ASV scan service for numerous clients. The lead ASV researching and approving client false positives and delivering final attestations to the clients.• Worked with partners to develop online PCI Portal that offered an online knowledge base, online SAQ, remediation management and on-demand QSA support.• Supported sales and marketing to bring higher client awareness of compliance consulting services and the value of the services.

Manage all PCI Program offerings for clients of Accuvant. PCI QSA and ASV certifications and well as an ISO 27001 ISMS Auditor.PCI On-Site Assessments "Level-1 Audit"PCI Quarterly External Scans as an ASVPCI DSS Gap AssessmentsPCI Remediation Assistance and Solutions DevelopmentPCI Portal Knowledge Base

Senior Security Consultant with 10 years experience in Information Security. Obtained CISSP and CHSP (Certified HIPAA Security Professional -ISC2)Working concentration in vulnerability assessments, penetration tesing, high-level security architecture, acting Information Security Officer (CISO), PCI Compliance and ISO 17799 standards

National Leader - Vulnerability Assessment and Penetration TestingResponsible for developing and growing the Telenisus Attack & Penetration practice nationally. Actively interrogates various high profile Telenisus clients' networks for security vulnerabilities. Gives best practice security information to better secure Internet based security architectures. Clients range from financial institutions, major manufacturers, government, to "dot com" companies.

Manager in the eSecurity Solutions practice. Provided technical security consulting services to large multinational organizations in a broad range of industries. Responsible for Internet/Intranet threat and vulnerability testing for clients with a presence on the Internet. Used attack and penetration methodologies to interrogate client networks for security vulnerabilities and identify exposures. Gave best practice recommendations to clients on the formation of security architectures, policies and enforcement. Evaluated clients existing security policy and architecture to enforce the policies, such as firewalls, intrusion detection and logging systems. Provided risk-based solutions to help address security risks following a formal strategic plan. Implemented various security solutions including: firewalls, intrusion detection systems, VPN /Encryption, and Internet DMZ architectures for leading companies. Responsible for the daily administration and security of the eSS group's security lab.

Senior support and fully qualified Sidewinder and Borderware Firewall Install Engineer. Educated customer's System Administrators with firewall and Internet security concepts. Analyzed customer's networks for possible integration problems and security concerns. Actively participated in an Intrusion Response Team to support customers.

Maintained security and availability of a local network of computers throughout the UW Stout campus. Performed malware removal and educated users on safe computing.

Managed a team of employees.