Director, Information Security And Technology Compliance
CurrentI apply my high energy and focused work style to manage all aspects of organizational security operations, risk management, and IT policies. Support, develop and monitor IT systems policies and controls, information security, asset tracking control, and regulatory compliance. Direct and oversee security operations team. Daily coordination with the DevOps team to ensure security initiatives are working IRL.Implement, support and report on IT Security systems to be compliant with regulations and standards (PCI, GDPR, ISO27001, NIST 800-53, etc.)Develop, maintain, and oversee backup and disaster recovery (DR)/business continuity plans. Manages institutional risk related to data storage and security.Develop, operate, and maintain the company's PKI, TLS, and X.509 infrastructures.Technical expert for audits in many countries and jurisdictions. Created operational policies and deployed controls to maintain technical compliance with UK Gambling Commission, Gibraltar Gaming Commission, Malta Gaming Authority, many others. Interface with technical auditors, build audit packages, develop and oversee remediation schedules.Technologies used daily include PaloAlto, Rapid7, AWS, Google GCP, LogEntries, Sophos Email and Endpoint protection, many others.Developed integrations and utility scripts for AWS, Google Cloud DNS, Certbot, Cloudfloor, and others. Develop and maintain the due diligence programs and systems, alerting on any deviations.