Profiles search

Spencer Bain

IT Security Professional
Nashville, TN, United States

Details

Education: Brigham Young University - Idaho

2019

Riverside Community College

2002 : 2004

GMM
Experience: 2021 : Present

Kirkland's

Information Security Manager

2019 : 2021

Surgery Partners, Inc

Information Security Engineer

2018 : 2019

Delek US Holdings, Inc.

Information Technology Security Engineer

 Using Security Standards ISO 27002 to answer PCI DSS 3.x

 Drive C-Level meetings and presentations with a custom slide deck

 Decoded PCI DSS standards and presented each team with responsibility for artifacts and evidence.

 Created timetables and due dates for review process with QSA and 3rd party

 Took leading role in 3rd party roles and responsibilities defining meetings

 Tracked all documentation created by TSC as well as 3rd party to meet PCI needs

 Uploaded and maintained doc repository for 3rd party and QSA for PCI

 Correlated all PCI efforts for TSC and its affiliates.

 Templated and vetted all documentation for QSA readiness

2015 : 2018

Tractor Supply Company

Risk Analyst

Identity Management and remediation. Remediated major audit finds to comply with SOX standards. Assisted with set up of support function to ensure consistency in user access and provisioning process. Performed data analysis to ensure unique identities for Identity & Access Management roles based access integration.

2014 : 2015

CHS Health Services

Infrastructure Security Specialist IDM
Company: Kirkland's
Years of Experience: 15
Spoken Language: English

Skills

Access, Active Directory, Audio Engineering, Call Centers, Cisco Technologies, Computer Security, Customer Service, Cyber Defense, Cybersecurity, Data Classification, Disaster Recovery, Information Security, Information Security Management, Infrastructure, Integration, Internal Controls, IT Audit, Management, Microsoft Excel, Microsoft Office, Network Administration, Network Engineering, Networking, Network Security, Payment Card Industry Data Security Standard (PCI DSS), PCI DSS, Process Improvement, Project Management, Public Speaking, Risk Assessment, Risk Management, Routers, SailPoint, Secure SDLC, Security, Security Testing, Servers, Software Documentation, Strategic Planning, Switches, System Administration, Troubleshooting, Vendor Management, Visio, VPN, Vulnerability Assessment, Vulnerability Management, Windows, Windows Server, Wireless, VoIP, Sound, Lighting, Live Events, Team Leadership, Software Installation, Team Building, Training

About

Over 12 years in the technical field with the last 8 surrounding Risk and compliance and Information Security - and the last 10 in Identity and Access Management - I have experience security related activites such as PCI DSS assessments - SOX 2 audits and remediation. I have successfully completed projects for large firms and corporations. Using a heavy leaning on my ISO understanding and some project management skills as well, I have left each project completed and in good health for future progress. In a past life as a Live event Tech and project manager I refined my troubleshooting skills under pressure and let my talent in resolution shine through.



Specialty skill sets:

Security administration skills to include but not be limited to:

• System Monitoring & Control

• Vulnerability Assessments

• Incident Response & Disaster Recovery process

• Network & System Security

• Authentication & Access Control

• PCI, SOX, & TARP Regulatory Compliance

• System Design & Integration Planning

• Multi tier Network Architectures

• Patch management& Build hardening