Charles Hunt

I’m an Information Security Officer with end-to-end GRC ownership across a 30+ location, multi-state retail enterprise. I combine framework discipline (PCI DSS, NIST CSF 2.0) with hands-on technical depth, translating audit findings into controls you can deploy—without slowing delivery.

In my current role, I own the annual PCI DSS Self-Assessment Questionnaire (SAQ) for evidence collection, audit timelines, remediation tracking, and continuous compliance readiness. I also authored the organization’s IT security policy library (acceptable use, access control, data handling, incident response, escalation), establishing the governance baseline across all sites.

I design and execute internal control testing across endpoint, identity, and network domains, driving gaps to closure through structured ticketing and engineering follow-through. I run third-party vendor risk reviews and ongoing posture assessments across the security toolchain (SentinelOne, Tenable, Blumira, ScreenConnect, Fortinet), validating control alignment and onboarding documentation.

I’ve built compliance automation and operational visibility: a PowerShell + GPO provisioning pipeline auto-installs and verifies EDR (SentinelOne), SIEM agent (Blumira), and vulnerability scanning (Tenable) across ~300 workstations, with chassis-aware logic for laptops vs. desktops. I activate Windows Security event log auditing (Event IDs 4800/4801) into Blumira via a Logmira template, monitor enterprise-wide SIEM telemetry, and frame incidents to executives with scope, impact, response, and residual-risk context.