Delmar Wiggins
Alexandria,VA
Summary
I am a seasoned information security professional with a wealth of knowledge in risk assessment, creating cybersecurity policies, and PCI DSS compliance. My experience includes creating strong IT security policies and awareness campaigns that greatly lower risk and improve security posture, as well as carrying out thorough PCI DSS audits and gap analyses. My dedication to lifelong learning and flexibility has enabled many organizations to strengthen their defenses against ever-changing threats. I provide trustworthy advisory services and strategic insights by drawing on my extensive knowledge of IT governance, security architecture, threat and vulnerability management, and incident response. My role in developing and implementing successful cybersecurity strategies is highlighted by my capacity to clearly communicate intricate technical analyses to a variety of stakeholder groups. I have led teams to overcome compliance and policy development challenges by taking a collaborative and excellence-driven approach, aligning with frameworks such as NIST CSF, SOX, and GDPR. I am driven to progress cybersecurity efforts and eager to apply my technical expertise, analytical skills, and leadership abilities in a fast-paced company that upholds the strictest compliance and information security regulations.
Overview
12
12
years of professional experience
1
1
Certification
Work History
Information Security Auditor
Sirius Dignitary Security Service
03.2021 - Current
- Spearheaded a comprehensive 3-year PCI DSS audit initiative, identifying non-compliance issues and security gaps through detailed assessments, automated tools, and manual checks
- Developed bespoke remediation strategies, ensuring adherence to stringent PCI DSS requirements, mitigating potential fines, and reinforcing cybersecurity defenses
- Executed an extensive security awareness training program for over 1,000 employees, utilizing engaging content and real-life scenarios to improve understanding of cybersecurity practices and compliance obligations
- Achieved a notable 40% reduction in phishing incidents, enhancing the organization's cybersecurity resilience
- Acted as a pivotal member of the compliance team, ensuring the design and effectiveness of PCI DSS and SOX controls across all technology platforms
- Orchestrated cross-functional efforts to maintain up-to-date compliance documentation and successfully passed external audits with no significant findings
- This diligence maintained the organization's compliance status, avoiding potential penalties and enhancing its market reputation
- Demonstrated expertise in firewall implementation, GRC processes, cybersecurity risk assessment, network assessments, IT audits, and vulnerability management using tools like Qualys
- Profound knowledge of compliance frameworks and regulations including HIPAA, PCI DSS, SOX, GIBA, FISMA, NIST, FedRAMP, and GDPR.
Governance, Risk, and Compliance Analyst (GRC)
Sirius Dignitary Security Service
01.2012 - 01.2021
- Conducted comprehensive PCI DSS compliance audits for over 20 merchant and service provider clients, identifying non-compliance issues and security gaps through meticulous examination of their information systems and security protocols
- Utilized a systematic approach incorporating automated tools and manual checks, which led to the development of tailored remediation strategies
- This effort ensured clients met stringent PCI DSS standards, mitigating potential fines and enhancing their cybersecurity posture
- Designed and executed a comprehensive security awareness training program, reaching over 1,000 employees across multiple departments
- Employed engaging content and real-world scenarios to enhance understanding of cybersecurity best practices and compliance responsibilities
- The program significantly reduced phishing incidents by 40% and fostered a culture of security mindfulness, contributing to the overall resilience of the organization's information systems
- Acted as a pivotal member of the compliance team, ensuring the design and effectiveness of PCI DSS and SOX controls across all technology platforms
- Orchestrated cross-functional efforts to maintain up-to-date compliance documentation and successfully passed external audits with no significant findings
- This diligence maintained the organization's compliance status, avoiding potential penalties and enhancing its market reputation.
Education
Cybrary – Ceritified Information Systems Security Professional (CISSP) Training -
01.2024
PCI LIVE Consulting – Internal Security Auditor (ISA) Training - undefined
01.2024
Skillsoft – Security Program Regulatory Integration (HIPPA, PCI DSS, GDPR, SOX, NIST, ISO, GIBA, FISMA) - undefined
01.2024
Skillsoft – Governance, Risk Management, and Compliance - undefined
01.2024
Skillsoft – Federal Risk and Authorization Management Program (FedRAMP) - undefined
01.2024
Vanderbilt University - Prompt Engineering - undefined
01.2023
PCI DSS SSC Requirements - PCI DSS Compliance Baxter Clewis - undefined
01.2023
Woodrow Wilson – Diploma - undefined
01.2000
Skills
- Good Telephone Etiquette
- Calm Under Pressure
- Decision-Making
- Organization and Time Management
- Supervision and leadership
- Quality Assurance
- Analytical and Critical Thinking
- Problem-Solving
- Conflict Resolution
- Relationship Building
- Analytical Thinking
Certification
- Prompt Engineer (Chat GPT), Vanderbilt University, 2023
- PCI Compliance – Foundation, Qualys, 2024
- Vulnerability Management Detection Response, Qualys, 2024
- Internal Security Auditor (ISA) Preparation Course, PCI Live Consulting, 2024
Timeline
Information Security Auditor
Sirius Dignitary Security Service
03.2021 - Current
Governance, Risk, and Compliance Analyst (GRC)
Sirius Dignitary Security Service
01.2012 - 01.2021