Carl Carpenter

Senior Security Consultant - Arrakis Consulting, LLC

Honor. Integrity. Respect. Excellence. Honesty. These are the words I live by. I love collaboration and success!!

Advisor Biography

While I primarily am involved in information security and privacy related matter, I am also a highly focused, mission-oriented person capable of handling any size project and viewing the "big picture" as well as developing others to excel better.  One area I am constantly considering is cost and how to improve margin or stretch the dollar.  I am far from being just a number in a sea of other numbers.  In my ideal world, I just need to know “what hill to take” and then given the green light to accomplish the mission.

Fully capable of holding simultaneous positions of equal importance such as CISO, CPO, DPO, or CCO.   Additionally, a fully certified and experienced Senior Network Engineer and Chief Information Security Officer (CISO) working for Fortune 100 companies, NASA, and various Federal or State Government Agencies.  Certifications include ISACA, ISO(PECB), PCI, Cisco, Microsoft, Novell, CompTIA, Sniffer, ITIL, and Citrix.  Client space include medical, financial, state government, federal government, energy, and aerospace.

Bachelors of Information Security - Western Governors University

Current and past certifications include:  PCI QSA, CISA, CISM, CDPSE, ISO27001 Senior Lead Auditor, ISO 27032 Senior Lead Cybersecurity Manager, CCNP, CCNA R&S, CCNA Security, MCSE, MCP+I, CNA, CCDA, Net+, Sec+, Linux+, A+, Project+, Cloud Essentials, CIOS, CLNP, CSIS, CSSS, SCP, ITILv3, CCA, iNet+, LPIC-1, SUSE CLA

CISSP, CEH Candidate

Commercial Pilot with instrument, complex, and high performance.

Hobbies include gardening, flying, and photography.

Experience

2016 - Present

Arrakis Consulting, LLC - Senior Security Consultant

  • Policy writer and reviewer for regulated or highly sensitive environments.
  • Active penetration tester involving compromising security for regulated environments including physical testing.
  • Evaluate all aspects of security for regulated environments.
  • Key leader in critical projects involving critical infrastructure and national security clients.
  • Assessments and audits for PCI, HIPAA, ISO127001, GDPR, NIST, and CCPA.
  • Teach CCNA/CCNP bootcamps
  • Teach ISACA CISA, CISM bootcamps

September 2015 - July 2018

OpenSky Corporation (a TÜV Rheinland company) - Regional Practice Manager (Security)

  • Policy writer and reviewer for regulated or highly sensitive environments.
  • Assessments and audits for FFIEC, HIPAA, ISO127001, GDPR, and NIST.
  • Evaluate all aspects of security for regulated environments.
  • Active penetration tester involving compromising security for regulated environments including physical testing.

December 2012 - August 2015

State of Arizona - Department of Economic Security - CISO

  • Responsible for all aspects of security for a $6B entity, 15K employees, 1.4M end users
  • Transformed a young and mismanaged team of eager individuals into a multi-tiered Information Security team.
  • Stopped largest case of data theft in history of the State of Arizona.
  • Reduced vulnerability count by 4000%
  • Increased vulnerability remediation by 1500%
  • Instrumental in passing numerous Federal and State audits.
  • Involved in numerous investigations of all types...including leading the team that investigated the Arizona "Not-Investigated" CPS scandal that resulted in the Arizona Governor creating an entirely separate CPS department.

Advisor Skills

Commercial Banking

Credit Unions

Energy & Utilities

Entrepreneurship

Regulatory Compliance

Cyber-Security

Network Security

Compliance

Advisor Industries

Corporate Security

Computer & Network Security

Technology