Profile

Expertise

Technologies Implemented

• WAN
• LAN
• PPM Project Portfolio Management
• Sharepoint
• PCI-DSS
• PED
• IAM/IdAM
• Oracle Single Sign-on
• OIM
• FMC

Confidential

Project Consultant PCI-DSS Compliance Programme

• Reporting directly to the Global security Director, My initial role was to assess the project scope and deliverables and identify the quickest and most efficient route to compliance for the organisation. Initially the project had scoped to deliver compliancy across its entire estate by implementing a 500k DTMF-Suppression Semafone solution to de-scope the contact centre environments, implementation of an in-house 'payment portal' that utilizes iframe technology for contact centre and web apps, segmenting the CDE back end card processing servers from the core network via DMZ and then completing a SAQ-D by end of August 2012.
• On commencement I assessed the environment and identified that only 10 of the desktop estate should be classed as inscope and promoted the implementation of a segmented desktop infrastructure. We then commenced a security upgrade of this Card Data environment which ensured quick and simple compliance. To complete the solution we are to enable 'Automated Pause Resume' functionality on the already deplopyed call recording solution that means compliance will be realized in the timeframes required and without the 500k Semafone investment. A number of other workstreams to resolve VoIP encryption and Legacy Call Recording issues are also inscope and in process of being delivered.
• I also engaged the QSA, not previously done, and all solutions and strategies have been 'GAP analyzed' by him and approved.

Confidential

• Project Manager IAM Identity and Access Management Rolls Royce Account
• The Project is scoped to deliver an Access Management and Identity Management solution for up to 30,000 global users for initially 10 applications and all future applications.
• Using the traditional Waterfall/Agile Project methodology this is a short term engagement to assist in getting the project out of Red status, back into delivery and in the System Testing phase.
• Following significant slippage and delays I was tasked to assess the project position, deliverables and capabilities with the directive to progress the project technically into a system test position and also identify and resolve other failing areas to enable the customer to move the project out of red status.
• Inside the first 3 weeks I managed and focused a team of 4 technical resources to identify and deliver the essential requirements to enable the project to successfully enter System Testing with a working solution that could successfully complete ST and subsequently managed to deliver a number of other key project activities to enable the project to move from red to amber.

Confidential

PCI-DSS Compliance Programme Project Manager/Business Analyst

• Reporting direct to the Group Finance Director I was tasked to deliver the Shop Direct Group to a fully PCI-DSS compliance position. Shop Direct is Europe's largest online retailer with a turnover of 1billion and 19m transactions per annum.
• I undertook a full Gap Analysis to assess and review their entire estate including their ecommerce environment, back office systems, outsourced contact centers, third party suppliers and their own 1500 seat contact centers. Following completion of the Gap Analysis we produced an activity list for all identified service providers and departments responsible for non compliant areas and managed delivery of these to effect compliance.
• I also identified significant a number of risks and issues in the contact centers and sourced and implemented a DTMF suppression solution that de-scoped their entire infrastructure from compliance, saving over 2m and removed issues such as stored card data in call recording solutions, data cleansing of stored card data and mitigation of an estimated 11m per annum of risk.

Confidential

PCI-DSS Business Analyst/Project Manager

• PM/PCI Business Analyst/Project Manager for over 25 companies within the TUI Group. This involves me working directly with companies IT and security departments assessing their IT infrastructure, Business Processes, Suppliers and environments and providing guidance, assistance and delivery to ensure PCI-DSS compliance by April2011.
• This role involved extensive global travel dealing with diverse cultures and demanded working with companies and their acquiring banks. Whilst some companies operate very simplistic processes and infrastructures resulting in minor works to ensure SAQ-A and SAQ-B compliance, others have significant and complex environments resulting in SAQ-C and SAQ-D works taking place.
• My companies were based in Seattle, Beijing, Croatia, Romania, Italy, Dubai, India, Sri Lanka, Cyprus, South Africa, Mauritius, Peru and Manchester.
• My main client, Laterooms was predominantly an ecomm/website operation and this is where I was first exposed to Agile/Waterfall project delivery methodology and I also trained in Scrum.

Confidential

Project Manager

• BSF Building Schools for the Future
• Strong stakeholder management and have been involved in the requirements establishment and definition, Vision and solution establishment and Supplier engagement to deliver.
• In this role I have continually found myself managing political and commercial issues and requirements more than technical.
• Technical Solutions have included.
• SAN,WAN, LAN, Wi-Fi, Application Migration, Cashless Catering, Server Migration, Desktop, Laptop Migration implementation, AV Digital Signage, Stakeholder Management

Confidential

Senior Project Manager/Business Analyst

• Project include
• PPMC Project and Portfolio Management Centre Deployment 550k
• Requirements establishment for Enterprise wide deployment
• Business case production and sign-off from steering Group
• Re-scoping and Delivery of HP PPM Solution to Morrisons IT
• Successful Recovery and Delivery of Failing, Red Status Project
• Full Scoping and Requirements Gathering
• Stakeholder identification and Ownership alignment
• Solution now deployed Enterprise wide.
• In-store PED Refresh 650k
• Business case production identifying corporate PCI-DSS risk to senior stakeholders
• Delivery of Replacement PCI-DSS In-store 'Chip and Pin' Solution
• Solution re-evaluation and ROI establishment
• Requirements establishment and Business case sign-off for store wide solution deployment
• Successfully Recovery and Delivery of Failing and un-scoped Business Critical Project
• 8 Year long Issue Identification and Resolution
• PCI-DSS compliant solution deployed
• Non-Impacting 400 Store Deployment
• 30 store per week Deployment
• Commercially re-aligned and tracked project delivery
• IAM also known as IdAM Identity and Access Management 750k
• Business case production leading to 750k sign-off by steering group
• Enterprise wide Scope establishment
• 3 year Return on Investment for Capex investment
• Scoping of 4 phase IAM Enterprise Solution
• Deployment to 2500 head office users with 95 first time success rate
• Deployment of SSPR Self Service Password Reset to Head Office Desktop environment
• 130k saving per annum for phase1 in Productivity and Resource Re-alignment
• Oracle based Full LDAP based automated ID and Access Provisioning and de-provisioning solution scoped for Joiners, movers and leavers process with workflow
• Implemented Authoratative AD solution