John (Jak) Kulas, Cisa, Pci Isa, Isaca Certified Trainer Email & Phone Number

Falls Church, US

I've updated, or written, 50 policies so far this 1st year, using the NIST family of controls as a framework. I've successfully completed multiple audits: PCI-DSS, SOC2 Type 2, NYCRR, NIST 800-53, and soon ISO27K, I'm really happy working with all the people here, and they seem very happy with me.

Dodgeville, WI, US

• Sole analyst responsible for on-going and annual PCI-DSS audit by 3rd party.
• Finished the 2nd half of 2021 PCI AoC audit (my predecessor left the company)
• Initiated a deep review of PCI-DSS scope to address the gaps I saw during the 2021 PCI AoC audit.
• Recommendation available from the manager.

Seattle, WA, US

- Continued managing audit for what was HomeAway then Vrbo.- PCI audit expanded to include "front end" card collection pages using "back end" iFrames

Seattle, WA, US

- oversight of PCI-DSS compliance programs, collaborating with IT and business to map business processes and technology to requirements. - clarify and simplify complex processes to remediate gaps

- oversight of PCI-DSS compliance programs, collaborating with IT and business to map business processes and technology to requirements. - clarify and simplify complex processes to remediate gaps

Woonsocket, RI, US

• Explain various PCI-DSS requirements to staff
• Evaluate proposed compliance resolutions for various PCI-DSS requirements
• Evaluate details of overall OS+Application Log Reviews (PCI-DSS #10).

Florham Park, New Jersey, US

My part of Xerox became Conduent on January 3, 2017. I also changed to address PCI-DSS compliance across all of Conduent.

Norwalk, Connecticut, US

General I.T. security and compliance, with emphasis on PCI-DSS and SSAE16

Norwalk, Connecticut, US

contract via Bridge360: Working at client Xerox on I.T. regulatory compliance and governance.

Laredo, TX, US

- Interviewed over 100 managers and staff to write over 200 pages for enterprise Business Impact Analysis report, Business and IT Risk Assessment, and FFIEC Gap Analysis. - Wrote Business Continuity Local Physical Risk & Security analysis for 4 locations (including 130 site photos and reference citations). - Researched business continuity software to.

Providing PCI-DSS, SOX and general security consultation and compliance services.

San Antonio, TX, US

Performed interviews to create Business Impact Analysis reports and IT Disaster Recovery Plans to support Business Continuity Plans.

Manager of Security team for access control, and IT Audit Compliance manager.

Jacksonville, FL, US

Compliance review and remediation project management for PCI-DSS, SOX and corporate policies and standards.

Campbell, CA, US

Rainmaker achieved its first SOX certification in 2007. I perform and manage compliance activities for SOX, PCI-DSS, ISO27k and general security, as well as oversee related daily business processes.

Round Rock, Texas, US

Audit and compliance review and enforcement for disaster recovery standards.

Santa Clara, California, US

• 2006—Project managed, reviewed, and generated IT Security compliance evidence for AMD’s Sarbanes-Oxley 404 (SOX) controls. Wrote process-and-procedure documents based on interviews and observation. Deeply investigated.
• 2005—Audited, reviewed, and suggested improvements for IT compliance evidence for AMD’s worldwide Security, Data Management, and Infrastructure User Access SOX controls.

• Project managed Sarbanes-Oxley ("SOX") section 404 Data Management process documentation and evidence compliance for 55 applications within 4 lines of business crossing 4 locations. Worked 3 process owner executives and 100 IT workers and management. Researched materiality to SOX. Managed remediation projects. Assisted Access Administration, Operations.

Austin, Texas, US

* Deployed staging and development systems to mirror production system. Installed software and maintenance. Exported data and user accounts. Functionally tested configuration of system.* Programming in Perl using MySQL.

Armonk, New York, NY, US

* Led project team of 14 business owners and 26 application programmers to merge 2 public webservers into 1 infrastructure server. Set base for future load balancing and failover architecture.* Led division’s compliance remediation for Sarbenes-Oxley compliance for over 150 AIX and Windows servers. Achieved continuous satisfactory audit ratings.* Received.

Armonk, New York, NY, US

* Received “Distinguished Contribution” award for leading USA team for 1997 Japanese and Korean language content enablement deployment, and supporting technical expertise.* Designed, coded, deployed and maintained webserver applications supporting customer technical support (entitled forums and “Ask A Question”).* Designed, coded, deployed and maintained.