Roswell LaPierre

PROFESSIONAL Experience

• Successfully developed and implemented a PCI DSS compliance program including training all technicians on handling credit card info pertaining to PCI DSS requirement 3, this successfully passes the annual audit, saving the company every year from thousands of dollars in penalties.

• Spearheaded the development and execution of a comprehensive business impact analysis (BIA) plan while managing all aspects of operations which has led to the business growing from $0 to $300k a year in revenue.

• Implemented the segmentation of an E-commerce website with a Web Application Firewall (WAF), to ensure restricted traffic from unauthorized public while establishing transactions of a secured iFrame, increasing company sales 25%-75% every year.

• Developed and implemented a GRC program that achieved PCI DSS compliance for the client, resulting in the protection of cardholder data from unauthorized access and a centralized system of policies and procedures.

• Developed an engaging and secure web presence including a mobile app that assisted in enhancing logical controls by 40% and complied with PCI DSS req 6, which requires organizations to develop and maintain secure systems and ensure that all system components and software are protected from known vulnerabilities by installing the applicable security patches provided.

• Managed a team of employees and trained them regularly to run a successful assessment according to security awareness training in order to develop a positive and supportive work environment, despite challenges of ensuring volunteers had the necessary skills and knowledge, maintaining motivation and engagement, and dealing with unexpected challenges.

• Created a Windows server configuration standard for a client so that he could satisfy PCI DSS requirement 2.2 and make sure that all known security vulnerabilities are addressed, and future servers implemented would be compliant and secure.

• Implemented the Windows server configuration standard for a client using PCI DSS and CIS Benchmarks to provide a hardened system to be implemented into the Card Data Environment (CDE) which keeps the network secure and increasing the network perimeter and the protection of sensitive data.

• Main point of contact client-facing for consultations in PCI DSS Req 11.2 for running internal and external scans and implementing plans, and remediation strategies that led to save the business’ money prior to their QSA audit.

• Implemented risks plans regarding remediation of systems and network issues to minimize the time spent on auditing and saving many billable hours for the organization, while enhancing the cybersecurity posture.

• Provided clients with a prioritized roadmap of controls to implement to achieve PCI DSS compliance reviewing processes, addressing compliance gaps, and resolving system failures.

Education & Certifications