| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
EMAIL AVAILABLE PHONE NUMBER AVAILABLE LINKEDIN LINK AVAILABLEDamion is an accomplished and performance-oriented professional with a comprehensive background in safeguarding sensitive data, and compliance. He leverages his years of healthcare experience to transition into a rewarding career as an Internal Security Assessor (ISA) for the Payment Card Industry Data Security Standard (PCI DSS). He is committed to helping organizations meet PCI requirements, enhance data security, and navigate the complex landscape of payment card data protection.AREA OF EXPERTISERMF/Compliance Frameworks Payment Card Industry Data Security Standard Compliance (PCI DSS) HIPAA NISTSecurity Tools Sophos Firewalls QualysGuard Cisco Firewalls SonicWall IPS/IDS Multi-Factor Authentication Duo Security VPN Configuration Fortinet Watchguard CryptographyVirtualization & Cloud VMware ESXI Windows Azure AWS Cloud Microsoft Hyper-VNetwork & Infrastructure DHCP Exchange TCP/IP DNS SIEM Active Directory SQLSecurity Strategy Vulnerability Management Information Security Policy Application Security Risk Management Cryptography Security Network Architecture Patching and Remediation Management Technical WritingPROFESSIONAL EXPERIENCECybersecurity Consultant Company Confidential 2022-Oct. 2023Direct a collaborative effort to develop customized PCI DSS compliance roadmaps for Level 1 Service Providers.Drastically reduce assessment timeline by developing a PCI DSS scoping methodology to thoroughly review network diagram of level 1 service provider to ensure it accurately reflects the cardholder data environment (CDE) and supports compliance with PCI DSS requirements allowing the company to meet financial projections.Successfully manage a SAQ (Self-Assessment Questionnaire) of Level 4 startup by implementing a comprehensive risk management and vulnerability program using industry-standard tools and methodology. Resulting in a $250,000 savings on 3rd party audit fees.Integrate database configuration, F5 load balancer, and domain controller reviews into a comprehensive PCI DSS compliance strategy, ensuring that all components of cardholder date environment (CDE) are adequately protected and continuously monitored, allowing the company to be PCI compliant.Implement internal employee training programs on data security and PCI DSS compliance, these training initiatives educate staff on the adherence to security best practices. Resulting in an increase in staff awareness.Cybersecurity Compliance Analyst Massage Therapist Kai Massage Therapy 2015-PresentOrchestrate and ensure security of financial transactions, consistently maintaining a 97% availability rating and processing credit card payments totaling $300,000 annually.Collaborate with internal stakeholders to establish and maintain a comprehensive data retention policy, ensuring full compliance with PCI DSS Requirements. Eliminating the risk associated with storing sensitive payment card data.Manage regular compliance audits to ensure data privacy and security, resulting in an impeccable 100% compliance rating with industry regulations.Optimize the incident response process, enhancing our ability to detect, report, and mitigate security incidents 20% faster, reducing the organizations exposure to data breaches.Leverage exceptional interpersonal skills and meticulous attention to detail to maintain an outstanding client retention rate of 94%, building trust and fostering long-term relationships.Founder PCI Subject Matter Expert Compliance Analyst Nijah Amayo LLC 2019-PresentConduct risk assessments, Pre-Assessment Scoping, Compliance Validation for various entities, resulting in improved PCI readiness.Lead risk assessment for a global manufacturing company and identified critical vulnerabilities, resulting in the implementation of security controls that reduced the risk of a major data breach.Develop and implement a comprehensive GRC program for a large financial institution, resulting in a reduction in security incidents and a increase in regulatory compliance.Administered data protection policies and procedures for a global organization, resulting in a reduction in data loss incidents and improved compliance with data protection regulations.Conduct gap analysis for a financial services company and recommend improvements to the cybersecurity program, resulting in increased confidence from customers and stakeholders and improved regulatory compliance.Organize security awareness training for employees of a large healthcare organization, resulting in increased awareness of security threats and improved compliance with security policies and procedures.Youth Development Specialist PCI DSS Trainer Admin. For Children Services 2019-2021Supervised and ensured the safety of at-risk youth within a secure juvenile detention facility, accumulating 3,000 hours annually. Mentored and supported appropriately 1000 youth ranging from ages 9-17. Imparting essential life skills, problem-solving abilities and social skills while maintaining a strong focus on security, compliance, and audit requirements.Designed a comprehensive cybersecurity awareness program tailored for minors, emphasizing online safety, privacy, and responsible digital behavior, resulting in implementation facility wide.Spearheaded security protocols and compliance measures to safeguard sensitive information within the juvenile detention facility, contributing to a 100% audit compliance record.Collaborated with a multidisciplinary team to optimize the facilitys recordkeeping systems, reducing errors, and improving data security, resulting in an increase in operational efficiency.Demonstrated strong analytical and problem-solving skills by identifying and addressing technological gaps within the facilitys monitoring practices, leading to an increase in coverage area.EDUCATIONNew York College of Health Professions AOS 2010Baxter Clewis Cyber Academy 2022Cydeo Cybersecurity Training 2021CERTIFICATIONSQualys Guard Vulnerability Management Detection and Response (VMDR) 2024CompTia Security+ 2024Cisco Cyber Ops 2024 |
