Tim S. Email & Phone Number

Jacksonville, FL, US

• Responsible for the planning, preparation and pre-assessment exercises related to PCI-DSS version change to version4.
• Responsible for translating regulatory and compliance requirements for critical business operations into actionable project activities
• Provide oversight and assist coordinating activities such as internal and external IT audits and IT compliance activities including SOC 1&2, PCI DSS, SSAE 18, HITRUST, and HIPAA
• Conduct and oversee continual internal assessments to ensure compliance is maintained
• Monitor and assist with IT governance including researching compliance frameworks as the environment changes, creating and/or updating corporate policies, standards, and procedures
• Assess compliance and operational risks

• Responsible for translating regulatory and compliance requirements for critical business operations into actionable project activities
• Provide oversight and assist coordinating activities such as internal and external IT audits and IT compliance activities including SOC 1&2, PCI DSS, SSAE 18, HITRUST, and HIPAA
• Conduct and oversee continual internal assessments to ensure compliance is maintained
• Monitor and assist with IT governance including researching compliance frameworks as the environment changes, creating and/or updating corporate policies, standards, and procedures
• Assess compliance and operational risks
• Collaborate with other non-IT compliance organizations (Human Resources, Finance, Development, others) for organizational compliance requirements

Jacksonville, Florida, US

• Responsible for performing scans against the environment to identify and lead the remediation of discovered vulnerabilities, respond to audit inquiries and ensure enterprise-wide DISA/NIST compliance. Core Job Functions
• Monitor and analyze vulnerabilities within the enterprise including the prioritization and tracking of remediation efforts and plans of actions and milestones (POA&M)
• Liaise with SPOC, leadership and SME’s on vulnerabilities discovered to drive remediation efforts
• Evaluate and test controls in accordance with DISA, NIST STIGs
• Provide oversight and support for incident escalations where applicable
• Perform regular policy and procedure documentation reviews/updates

• Direct line manager - VP of Security and Risk (America’s)
• Responsible for security exception and change governance pertaining to:o DLP controls (in partnership with CISO)o Full disk encryption (in partnership with eDiscovery)o Data preservation (in partnership with.
• Facilitated the deactivation of unused or abandoned Networked applications and IBAC firewall rules closing likely security gaps
• Liaison with the central data-leakage policy team for the change management and implementation of DLP policy changes and exceptions
• Implemented a confidential data preservation lookup solution to meet existing and future regulatory needs

Charlotte, NC, US

Accountable for the daily monitoring, identifying and responding to infrastructure vulnerabilitiesProven ability to gauge threat and risk ratings based on adversary and partner intel and disseminating these findings to minimize the organizations threat surfaceResponsible for proving, documenting and indexing threat indicators to ensure reliable and.

Charlotte, NC, US

Role requiring advanced knowledge of information security regulations, best practices, attack vectors and security incident management including tracking and monitoring violations and breaches from detection to remediationAccountable for the daily monitoring, identifying and responding to infrastructure vulnerabilities and disseminating these findings and.

Charlotte, NC, US

• Responsible for owning multiple security events/incidents of various severity and following through until the threat is eradicated or contained
• Security event intake point responsible for the expeditious deprovisioning and mobile data remote wipe requests to aid aligned security teams during sensitive leaver and/or legal events
• Ensured security controls and data assets are supported and performing as expected by providing support in an on-call, follow the sun capacity
• Responsible for the intake, assignment, documentation, tracking and monitoring of various security events to ensure all resolutions meet or exceeds the organizations standards pertaining to indicators of compromise and.

Charlotte, NC, US

• Supported the integration of legacy operational teams into a single functional entity during a time of acquisition  This role was responsible for creating an encapsulated environment and testing tool compatibility /.
• Responsible for the daily implementation and monitoring of enterprise RBAC/DAC/MAC controls
• Responsible for the provisioning / deprovisioning and administration of various enterprise assets including non-interactive service accounts, security groups, testing (UAT), end user, secondary user accounts.
• Remote/Mobility user administration: RSA Token/FOB access request administration
• Performed ongoing access control assessments to identify process and/or control gaps and security concerns in addition to identifying opportunities for improvement
• Provided leadership and consultation regarding requests for access to legacy transaction management systems and frameworks (CICS app servers/TSO environment) which required working closely with various mainframe RACF.

New York, NY, US

Philadelphia, PA, US

Master Of Science - Ms, Information Assurance And Security

Bachelor Of Science, Information Technology/Information System Security

Associate Of Science, Electronic Engineering