PCI QSA, GIAC Systems and Network Auditor (GSNA) and Web Application Pen Tester (GWAPT)
Perform assessments to identify information security risk and/or compliance gaps with HIPAA, FISMA, and Payment Card Industry (PCI) standards.
Perform walkthroughs and annual IT controls testing associated with Sarbanes Oxley (SOX) for clients in a variety of industries
Perform and manage penetration testing of physical, network infrastructure, and web application based security controls.
Perform Type 1 and 2 SAS70/SSAE16 attestations within the software development and data center management industries.
Write formal policies and procedures surrounding information technology and security.
Experience with a wide client base including retail, healthcare, software development, non-profit, and banking.
Audit Experience – Windows, Unix (AIX/Solaris), Linux (Red Hat/Suse), Z/OS, RACF, ACF2, AS/400, SQL Server, Oracle, ESX/I, Peoplesoft
Penetration Test Experience – Metasploit, Nessus, w3af, Skipfish, Nmap