toptal.com
Contact us: +1.888.867.7001
Don Kuecker, Security and Risk Management Developer in Windermere, FL, United States
Don Kuecker

Security and Risk Management Developer in Windermere, FL, United States

Member since August 30, 2021
Don identifies company security risks and creates mitigation strategies using the tools and applications most appropriate for their environment. He implements technologies to address security requirements for existing legacy technologies, merging business concerns and migrations to new strategies such as cloud offerings and their subsequent iterations. Don establishes consensus between departments and business entities based upon solid communication skills and current security risk knowledge.
Don is now available for hire
Hire Don

Portfolio

Experience

  • Security and Risk Management 10 years
  • Security Assessments 10 years
  • Policies & Procedures Compliance 10 years
  • Identity & Access Management (IAM) 7 years
  • Security Engineering 7 years
  • Single Sign-on (SSO) 7 years
  • Information Security Architect 5 years
  • Cloud Security Architecture 2 years

Location

Windermere, FL, United States

Availability

Full-time

Preferred Environment

Distributed Systems, Compliance, Networks, PCI, Application Security, Security Strategy, File Confidentiality, Network Architecture Security

The most amazing...

...project I've helped develop is the Walt Disney Magic Band and its supportive technologies, leading numerous security-related solutions and assessments.

Employment

  • Information Security Architect

    2019 - 2021
    Wells Fargo
    • Provided security assessment functions while identifying new and emerging security risks for high dollar payment applications (any transaction over $10 million per day and per user).
    • Defined and assisted with security risk mitigation solutions for discovered security risks.
    • Assisted with various security-related initiatives such as single sign-on (SSO), privileged access management (PAM), virtual desktop infrastructure (VDI), and multifactor authentication (MFA).
    Technologies: Web Security, Database Security, Identity & Access Management (IAM), Security Assessments, Policies & Procedures Compliance, Application Security, File Integrity, File Confidentiality, Single Sign-on (SSO), Multifactor Authentication

  • Application Security Architect

    2014 - 2019
    Wyndham Worldwide (now Travel + Leisure Co.)
    • Built security development guidelines, including security-related checklists. Provided guidance regarding implementation and usage of static code analysis (SCA) tools.
    • Provided security consulting input and interpretations of the PCI DSS requirements related to compliance and verification of processes.
    • Assisted with various security initiatives that include RESTful API services, SOA, single sign-on (SSO) using Oracle SSO and Okta SSO solutions, and RFP for API security gateway selection.
    • Provided leadership with identity management (IdM) requirements for access recertification solutions across multiple technologies to ensure regulatory compliance requirements were addressed adequately.
    • Led efforts to define API security requirements that include federated authentication solutions (SAML assertions) and OAuth 2.0 authorization processes.
    • Participated in vendor selection for privileged access management (PAM) solution CyberArk, the initial integration into our single sign-on (SSO) solution.
    • Assisted with the selection of a cloud access security broker (CASB) product and implementation.
    Technologies: Application Security, Network Architecture Security, ISA, Information Security Architect, Third-party Security Assessments, Cloud Security Architecture, Security Architecture, Web Security, Database Security, API Gateways, Asset Security, Encryption, Session Handling, REST, PCI DSS, APIs, JSON, Architecture, Identity & Access Management (IAM), Virtual Desktop Infrastructure (VDI), Security Assessments, Session Management, Cloud Access Security Broker (CASB), Single Sign-on (SSO), Password Account Management, JSON Web Tokens (JWT)

  • Senior Security and Compliance Specialist

    2011 - 2014
    The Walt Disney Company
    • Provided senior-level security services and guidance to the numerous business units, technology support groups, and leadership committees within the Walt Disney companies globally.
    • Consulted regarding compliance issues and security needs, including PCI DSS, HIPAA, SOX, GLBA, ISO 17799, Safe Harbor, and other regulatory requirements.
    • Provided senior security support and guidance for industry-setting technology (MagicBand) deployment of wireless RFID solutions and other wireless (ZigBee) and mobile device (iOS and Android) solutions.
    • Defined and developed security processes and guidelines for mobile devices and mobile applications for internal and internet-facing scenarios.
    • Provided expertise of PCI DSS to various Disney business units as they built relationships with external vendors that process credit card transactions as part of the delivery solution.
    Technologies: Application Security, Communication and Network Security, Database Security, Data Encryption, Asset Security, PCI DSS, RFID, WiFi Integration, SOA, Certified Information Systems Security Professional, Security Assessment

  • Senior Security Consultant (QSA)

    2007 - 2011
    Trustwave
    • Conducted Security assessment for PCI DSS, including clients like issuers, acquirers, payment gateways, service providers, merchants.
    • Obtained and retained a Qualified Security Assessor (QSA) certification during the entire tenure with Trustwave.
    • Provided ad-hoc consulting services for the various clients in assisting them with compliance issues and security needs, including HIPAA, SOX, GLBA, ISO 17799, FISMA, NIST, HITRUST, and other regulatory requirements.
    • Developed and advised on new security measures or findings that contribute to the overall security requirements of the financial industry and other industries as a whole.
    • Provided assistance to non-level one merchants in regards to self-assessment questionnaire (SAQ) interpretations, PCI DSS assessment requirements, compliance gap reporting, security controls, and various other security-related activities.
    Technologies: PCI DSS, Compliance Specialist, Information Security, Database Security, Mainframe Security, Distributed Systems, Credit Cards, Security Assessments

Experience

  • Walt Disney MagicBand
    https://disneyworld.disney.go.com/faq/my-disney-experience/frequency-technology/

    Assisted with the design, development, and security testing of the Walt Disney MagicBand to replace numerous paper-based theme park entitlements. This consisted of utilizing RFID technology for both theme park entitlements as well as Walt Disney-based on-premise lodging utilizing Zigbee technologies and associated encrypted storage for both application requirements.

  • Privileged Account Management

    I assisted with the initial security risk finding regarding the possible misuse of privileged accounts such as system administrators. Assisted with the initial deployment of CyberArk to store and manage all privileged account passwords. Additionally assisted with the deployment of a jump server within a high-security segment to add additional security controls for admin-type access to servers and similar appliance-type devices.

  • Security Risk Management

    Led and assisted with numerous initiatives to define security risks in the form of risk management. Performed numerous security risk assessments on internal applications, third party applications, proposed applications, technology upgrades to determine any possible security risks. Assisted with building mitigation projects for security risk findings that include and are not limited to single sign-on, multi-factor authentication, and virtual desktop infrastructure.

Skills

  • Other

    Identity & Access Management (IAM), Security Assessments, Policies & Procedures Compliance, Security Assessment and Testing, Network Architecture Security, ISA, Information Security Architect, Third-party Security Assessments, WiFi Integration, Certified Information Systems Security Professional, Security Assessment, PCI DSS, Compliance, Networks, PCI, Security Architecture, Enterprise Architecture, Encryption, QSA, MFA (Multi Factor Authentication), NIST, Distributed Systems, Application Security, File Integrity, File Confidentiality, Single Sign-on (SSO), Multifactor Authentication, Security and Risk Management, Security Engineering, Communication and Network Security, Security Operations, RFID, Compliance Specialist, Mainframe Security, Application Security Guidelines, Security Strategy, Architecture, API Gateways, Session Handling, Session Management, Password Account Management, AWS, CyberArk, Proxies, ZigBee, RACF, TDE (Transparent Data Encryption), ISO 27001, STIG (Security Technical Implementation Guide), CIS (Center for Internet Security), PCI Compliance, Web Security, Asset Security, Data Encryption, Web & Mobile Applications, Security Testing, Cloud Security Architecture, Information Security, Credit Cards, APIs, Virtual Desktop Infrastructure (VDI), Cloud Access Security Broker (CASB), SOX Compliance, Networking, Password Integrity, Threat Modeling, OWASP, Risk Models, PCI SSF

  • Languages

    SAML, CICS, COBOL

  • Frameworks

    OAuth 2, JSON Web Tokens (JWT)

  • Paradigms

    Security Software Development, SOA, REST

  • Platforms

    Amazon Web Services (AWS), Kubernetes, Docker

  • Storage

    Database Security, JSON

  • Libraries/APIs

    Apigee

  • Tools

    AWS ECS

Certifications

  • Certified Information Systems Security Professional (CISSP)
    JULY 2002 - JULY 2023
    ISC2

To view more profiles

Join Toptal
Share it with others
Hire the top 3% of freelance developers TM