Associate Director - Senior Cyber Security Specialist
Current-Built a security team from the ground up with a mission to rollout SSDLC program-PCI integration into SSDLC Framework-Principal Security Architect for many PCI initiatives; Tokenisation system integration, Generic Payment Hub, Card On File framework, CVV2 implementation, Acquirer integration (i.e. PayPal, Moneris, Elavon...etc) -Supported the establishment and tracking of executive security objectives-Briefed executives on security initiatives and optimal remediation methods-Hardened and matured the corporate cyber security program-Supporting legal teams during regulatory initiatives (i.e. data privacy, cookie/mobile consent, audit...etc) Managed Teams who performed the following activities:-Security Control design, implementation, and configuration of cloud, hybrid, and locally hosted applications-Deployed transport and Database encryption solutions for our most sensitive systems-Improved inventory accuracy and enhanced the depth of security scanning-Created next-generation cyber security tools and processes-Integration of networks, firewalls, WAF, Anti-Bot from smaller corporations into central stacks-Performing cloud and hybrid cloud security assessments-CIAM Program-Integrated applications into the central sSDLC program (including SCA, SAST and DAST)-Designing and implementing Data Retention Policies-Automated patching, configuration hardening, and VM hardening solutions-Designing Middleware Lifecycle plans-Developed tools to scan for and remediate unsafe public file shares-Performed Penetration Testing on internal Assets-Data Privacy and CPPA implementation