Bryant McCullough, PCIP

CERTIFIED PCI COMPLIANCE PROFESSIONAL

Location: San Antonio, TX Email: ad2hk9@r.postjobfree.com Phone: 210-***-**** PROFILE SUMMARY

Strategic and goal-oriented US Air Force Veteran with 10+ years of experience as a Cybersecurity Assurance and Compliance Professional with expertise in quality assurance assessment, risk assessments, governance, and project management. Offers recently acquired certifications within PCI Compliance to pivot into Internal Security Assessor career for Payment Card Industry Data Security Standard (PCI DSS). Well positioned to help organizations prepare for assessments, collaborate cross-functionally and with third party partners and vendors to obtain and maintain PCI DSS Compliance, execute Information Security policy updates, and meet all payment processing standards. Core Competencies Include:

RMF/Compliance Frameworks Payment Card Industry Data Security Standard Compliance (PCI DSS) MARS-E 2.0 Fed Ramp NIST FISM FIPS Security Tools Tenable Nessus Qualys Guard Wireshark SonicWall Risk Management IPS/IDS Virtualization & Cloud VMware ESXI Microsoft Hyper-V AWS Cloud Security Strategy Technical Writing Vulnerability Management Information Security Policy Application Security Patching & Remediation Management Internal Security Assessment Cryptography Security Network Architecture Technical Writing Project Management Process Improvement Vendor Management Information Security Analysis Reporting Payment Processing Standards Software: Microsoft Office Suite Python C++ Adobe Java Script CERTIFICATIONS

Payment Card Industry Professional (PCIP) CompTIA Security+ EXPERIENCE

NETWORK ENGINEER

2019 - PRESENT: TYTO-ATHENE

Third-party Security Assessor advising clients across several different business on the design and implementation of systems and processes to meet security and compliance objectives such as NIST, PCI DSS, and FIPS.

Collaborate with stakeholders to implement processes that reduce the scope and cost of security assessments.

Perform risk and gap analysis assessments and provide customized plans of action and milestones (POA&M) to assist clients with NIST SP 800-53A initiatives, as well as implement governance processes to ensure information security policies are aligned with regulatory compliance frameworks and corporate initiatives.

Streamlined process for identifying system vulnerabilities on critical systems such as firewalls and Linux systems by performing internal and external vulnerability scans and developing remediation plans to address issues. INTERN

2018 - 2019: AUDIE MURPHY VA HOSPITAL

Internal Security Assessor focused on delivering expert advice for secure application, system, and network design for critical systems running in Amazon Cloud to ensure adherence to HIPAA, Fed Ramp, and MARS-E 2.0 security frameworks.

Utilized vulnerability scanning solutions such as Nessus to identify system vulnerabilities on critical infrastructure as well as developed remediation plans that fully addressed all identified risks.

Partnered with business executives to develop robust information security solutions to protect Amazon Cloud computing environments and implemented governance process to ensure cloud systems and processes were aligned with Fed Ramp compliance and corporate initiatives.

Implemented system hardening standards that included services such as endpoint protection, DDOS protection, IDS/IPS, logging, and firewalls to provide advanced system protection.

Performed detailed security inspections of Linux and Windows Server configurations to ensure PCI DSS compliance.

Developed processes and procedures to quickly identify non-compliant systems, reducing company’s remediation time.

Directed development of configuration standards that reduced security vulnerabilities and system deployment time. EDUCATION

Information Security Analyst Leader Quest 2020 Bachelor of Science in Cybersecurity Hallmark University 2019 Qualys Guard PCI Compliance Foundation 2022