• Led Cybersecurity Project Teams: Managed a team of cybersecurity consultants through the end-to-end lifecycle of complex projects, overseeing planning, resource allocation, execution, and final delivery. Developed detailed project plans, tracked progress, and mitigated risks to ensure timely, successful outcomes.• Conducted PCI DSS Gap Analysis: Performed a comprehensive gap analysis and scoping assessment for a PCI Level 1 Fortune 500 client, uncovering additional payment channels that expanded the project’s scope. Verified the security of these channels to ensure PCI DSS compliance, preventing potential fines and remediation costs.• Authored & Implemented Information Security Policy: Developed and rolled out an updated Information Security Policy (ISP) aligned with NIST 800-53, ISO, and PCI DSS 4.0 requirements, ensuring ongoing compliance with industry standards and reinforcing the organization’s risk management strategy.• Developed Control Matrix for Compliance: Created and managed a comprehensive control matrix aligning company security policies with NIS2, NIST 800-53 Rev 5, and PCI DSS 4.0. This matrix streamlined compliance efforts, reduced redundancies, and strengthened overall security posture.• Delivered Detailed Audit Assessments: Conducted Attestation of Compliance (AOCs) and Self-Assessment Questionnaires (SAQs), providing clear, actionable assessments that enhanced client satisfaction and strengthened collaborative relationships.

• PCI DSS Compliance Management: Spearheaded PCI DSS compliance initiatives for secure payment card data handling across multiple retail establishments. Implemented controls to ensure regulatory adherence and safeguard sensitive data across all channels.• Audit Execution & Compliance Enhancement: Conducted in-depth audits to assess compliance status, identified key improvement areas, and implemented corrective actions to close gaps and enhance overall security.• Cross-Functional Collaboration & Security Alignment: Collaborated with internal teams and external partners to ensure PCI DSS compliance, strengthening payment data security and establishing a cohesive approach to data protection.• Risk Mitigation Strategy Development: Designed and executed risk mitigation strategies tailored to data handling practices, reducing vulnerabilities and minimizing the risk of data breaches.• Security Awareness Training & Policy Implementation: Delivered PCI DSS compliance training to staff and partners, fostering a culture of security awareness and equipping team members with best practices to maintain ongoing compliance and proactive risk management.