A seasoned Information Security professional, I have been in the security industry since 2001 and have 5 years of prior web and client/server application development experience.
Currently, I work for a Top 5 bank as a Senior Manager, managing Security and Fraud for group-wide banking applications. Previously, I managed a global information security team that provided security design consulting and performed risk assessments on globally deployed applications.
I started and managed the application security/PCI compliance practices at three organizations previously and was a co-founder of a security services company, based in California. I have worked with a wide variety of industries including financial services, manufacturing, e-commerce, healthcare, energy/utilities, education and others.
My experience includes developing security policies, procedures and processes, performing penetration tests and vulnerability assessments, developing secure coding guidelines and delivering security training in addition to performing PCI-DSS and PA-DSS assessments. I have developed and delivered training courses on finding web application vulnerabilities and building secure web applications. These courses are also delivered online, using software that I designed and built.
I am a Certified Information Systems Auditor (CISA), ex-PCI Qualified Security Assessor (PCI-QSA), ex-Payment Application QSA (PA-QSA) and an IBM Certified Specialist (IBM Rational AppScan).