Leader of strategic planning, cross-functional collaboration, and risk management, while providing oversight to third party audit programs, issue management, and budget planning. • Strategic Planning and Compliance: Develop and execute strategic plans to enhance risk management practices, optimize internal controls, and ensure compliance with PCI DSS, PCI CP, PCI PIN, and SSAE audit programs.• Oversight and Efficiency: Provide oversight and guidance for PCI DSS assessments and SSAE 18 audit engagements, ensure timely audit report deliverables. Led the creation of a Center of Excellence (COE) team to support all audit engagements across the enterprise.• Efficiency and Cost Reduction: Established and led the IT and Cyber Audit Focus Team, resulting in a 40% increase in efficiency and significant cost reduction.• Automated Prioritization: Developed algorithm for automated prioritization of request and validation tasks, reducing turnaround times for audit requests.• Collaboration and Remediation: Coordinate the remediation of audit and assessment findings across product lines, technology, and cyber teams.Fiserv, Inc. (NASDAQ: FISV) is the leading global provider of information management and electronic commerce systems for the financial services industry, driving innovation that transforms experiences for financial institutions and their customers.

Information Security Officer for Fiserv's Output Solutions Division (2000+ associates) and supported Business Units (3) and Data Centers (5). Provide leadership and direction to the Information Security Strategic and Operations teams, Physical Security Teams, and Audit & Compliance teams. As the Senior Information Security Officer for the Division, key responsibilities include working with business leaders and stakeholders to align the Information Security and Compliance programs to the mission, strategy, and business objectives of the organization, maturing security posture through advancements to the detection and prevention strategies, negotiate contracts and manage client and vendor requirements for security, risk, and audit. Highlights of career at Fiserv include: - Expanded regulatory compliance and certification programs to achieve and maintain: - PCI DSS Certification - PCI CP (Card Production) Certification - Visa, MasterCard, AMEX, Discover Vendor Certifications - NIST sp800-53 Compliance - DIACAP Certification (Department of Defense Information Assurance Certification and Accreditation) - Restructuring of the SDLC program to align with NIST sp800-64, incorporating security and risk management into software and infrastructure life cycles - Expanded SSAE 16 audits to include SOC 1, SOC 2, and AT-101 audits validating compliance with NIST sp800-53, HIPAA/Medicare and ISO 9001 standards - Implementation of Client Distributable package to streamline and improve quality and timeliness of client audits - Managed 200+ third-party, regulatory, and client audit to successful and timely completion - Led teams conducting both logical and physical penetration testing exercises across 7 facilities and 4 Tier IV data centers.

Project Manager overseeing enterprise-wide security initiatives, including firewall redesign, intrusion detection, and vulnerability analysis. Led a 8-person team in developing robust security policies, procedures, and best practices. Ensured compliance with regulations and implemented an internal global Computer Emergency Response Team (CERT).

As a member of a 6-person team, I supported global operations and data storage across local and international production systems. My role involved resource analysis to ensure the availability of required resources for successful project completion, recommendation of new technologies to expand the enterprise environment, and increase operational efficiency. Notably, I led the transfer of enterprise EDI systems from existing IBM Mainframes to one of the first Windows Client/Server environments.

As a Project Manager, I led 4 - 6 member teams in developing, implementing, and maintaining Intranet and Internet technologies. Our clients included Fortune 500 companies such as Exxon Corporation, Texaco, Baker Hughes-Inteq, and Koch Enterprises. I coordinated the development of enterprise processes and documentation during network topology upgrades and infrastructure reorganization, conducted network activity analysis, and standardized networks to meet ISO 9000 approval standards.

As Senior Network and Unix Administrator for critical software applications, I provided support to the officers and administrators of Federal Probation and Parole for the Southern District of Texas. I also led the design and development of networks, utilities, and database programs, as well as managed the relocation of computer facilities and equipment. My role extended to serving as a Project Manager for various information technology initiatives, including nationwide software automation projects representing the Southern District of Texas. As a member of the National Networking Committee in Washington, D.C., I contributed to the design and implementation of multi-protocol, multi-platform, local and wide-area network systems for the Judiciary Branch of the United States Government.