Giovann Doreste

Led the PCI DSS v4.0.1 assessment, streamlining compliance processes and reducing potential non-compliance penalties. Acted as a liaison between control owners and IT directors, enhancing audit preparedness and risk management practices.

Conducted scoping assessments and configuration reviews to ensure compliance with PCI DSS. Collaborated with security consultants and financial institutions to optimize assessment procedures and implement a whistleblower system.

Led risk assessments for sensitive data handling and developed annual security training programs, significantly enhancing data confidentiality and reducing security breaches across the organization.

Implemented a data security system ensuring compliance with security standards, which led to significant reductions in security incidents and audit costs.

Conducted gap analyses for PCI DSS compliance, implemented access controls, and developed tampering survey processes, significantly enhancing payment security and client trust.

Led the organization’s PCI DSS v4.0.1 assessment by structuring the GRC tool to align with applicable requirements, meticulously mapping evidence requests to corresponding control owners.

Conducted scoping assessment for whirlpool, uncovering previously unknown payment channels, potentially impacting the assessment scope and company liability in case of breach through out-of-scope networks/payment channels.

Led the integration of comprehensive risk assessments for sensitive data handling, significantly enhancing data confidentiality and integrity. This initiative ensured compliance with industry standards, reduced the risk of data breaches, and bolstered client trust, leading to an increase in project funding by 40%.

Implemented a comprehensive data security system and logging, ensuring strict adherence to security compliance standards. This initiative enhanced real-time monitoring capabilities, reduced security incidents by 75%, and improved overall system reliability.

Communicated with Key Stakeholders to obtain Data Flow Narrative, Diagrams, Reports of any new 3rd Party Service Providers and all required documents needed to perform a GAP Analysis to identify gaps between the company's current practices and PCI DSS compliance.