Carl specializes in security frameworks including PCI DSS, FFIEC Handbook and the NIST Cybersecurity Framework. He leads security program and controls assessments and develops actionable roadmaps for improvement.
Carl has extensive experience with PCI scope validation and reduction, and he advises clients on emerging PCI topics such as mobile payment security.
Prior to joining Security Risk Advisors, Carl led Comcast’s PCI DSS program. This included acting as liaison with the acquiring bank.
- PCI governance review for a Fortune 50 company
- OCC readiness audit for a major US bank
- PCI payment channel validation, assessment and strategy for a global insurance company
- PCI scope validation, payment channels and gap assessment for a major healthcare chain
- Advised a retail organization on mobile payment security
- Advised a large retailer on their PCI DSS strategy and point-of-sale network