Director, National Leader PCI Services, Regional Lead for Security and Privacy Services @
RSM US LLP
Corbin is an Information and Data Security professional with over 15 years of experience designing, implementing, and evaluating network and security solutions. In addition to his work with clients, Corbin functions as an information security educator/speaker. He has spoken on information security topics such as: Information Technology Risk Assessments, Network Security, Penetration Testing, Personal and Corporate Data
Corbin is an Information and Data Security professional with over 15 years of experience designing, implementing, and evaluating network and security solutions. In addition to his work with clients, Corbin functions as an information security educator/speaker. He has spoken on information security topics such as: Information Technology Risk Assessments, Network Security, Penetration Testing, Personal and Corporate Data Privacy, Social Media Risks, Payment Card Industry Compliance, Mobile Device Security, and Third Party Vendor Security (including Cloud Security).
Recent speaking Engagements conducted:
ICBA CCBTO Certification Instructor - Network Security 101, Risk Assessments, Emerging Tech
IIA Chicago Conference - Mobile Devices and Their Risks
ISACA NW Chapter - PCI Compliance Vs. Security
McGladrey MWD Summit - Information Security Risks and Trends
CACUBO Winter Workshop - IT Security and Mobile Devices
FMS INC National Meeting - IT Regulatory Issues
AAPM SE Chapter - Cloud Computing – Risks and Considerations for a Successful Implementation
WBA - Pentesting Basics, Risks of Social Media, and Top 10 Data Security Exposures
Industries: Financial Institutions, Retail, Service Providers, Healthcare, Not for Profit (higher education), and Manufacturing
Certifcations: MCSE (NT 4.0), CCNA, GSEC, GCFW, CISA, CGEIT, CRISC, CISSP-ISSAP, QSA, PA-QSA
Director, National Leader PCI Services, Regional Lead for Security and Privacy Services @ Corbin Del Carlo is a director with the risk advisory services group, regional leader for the Security and Privacy functional group with over 15 years experience in the information security industry. Additionally, Corbin is the firm’s national leader for our PCI service line responsible for all PCI DSS, PA DSS, ASV, and PCI related services provided by the firm. Corbin specializes in Payment Card Industry (PCI) Data Security Standard assessments, internal and external penetration testing, detailed technology controls reviews,and technology risk assessments/impact analysis.
• National Leader of the PCI Team tasked with establishing our best practices for performing PCI engagements, QA of output, training team members, Marketing services via public speaking and thought leadership, maintaining existing and building new client relationships and business development.
• Regional Leader for the Great Lakes Security and Privacy Services Group that provides PCI compliance, penetration testing, HIPAA compliance, data privacy and computer forensics services.
• Performs global PCI readiness, remediation, and assessment engagements for merchants and service providers from the Fortune 500 to independent small businesses, Level 1 merchant/service providers to Level 4 merchants
• Performs PA-DSS (Payment Application Data Security Standard) application assessments and certifications for shrink wrapped payment applications.
• Participates as a member of the Network Security Methodology Team for McGladrey, LLP tasked with establishing best practices for performing vulnerability assessments, penetration testing and system security assessments
• Performs penetration tests and utilized exploit tools to compromise internal systems and obtain sensitive information on networks from 50 systems to over 500,000 systems.
• Works with clients to determine viable and strategic solutions to achieve compliance with the PCI Data Security Standard From February 2003 to Present (12 years 11 months) Greater Chicago AreaNetwork Admin @ • Managed the integration and standardization of technology platforms to achieve efficiency, reliability and security
• Implemented Internet services and perimeter security, providing a segregated demilitarized zone (DMZ) for hosted Web applications, VPN secure remote access, intrusion detection monitoring and reaction, and automated failover of firewalls to assure service and security continuity
• Installed and operated the automated management services for a large network, providing configuration management, device fault notifications, device inventory, software distribution, network diagramming and central log repository
• Managed Netware 4.11 through 5.1 implementations from as many as 90 servers; managed and maintained Novell Directory Services through Version 8.5 (e-Directory)
• Designed, migrated and managed a network domain structure with Microsoft Active Directory
• Supported a 90+ node WAN using IP/IPX/SNA protocols over frame relay and ATM/IMA circuits From May 2001 to February 2003 (1 year 10 months) Greater Chicago AreaInformation Security and Internet Connectvity Manager @ Implemented and managed network infrastructure and network security for the campus.
Implemented first firewall at the university
Managed internet connection routers and firewalls
Designed wiring requirements for campus buildings and intracampus connections including Cat5, Cat5e, Singlemode and multimode fiber to match wire installation with network requirements.
Managed the Windows NT/Windows 2000 AD Server systems for the
Installed Network cards and supported computers of 2500 member student body.
Managed workstation computers for faculty including DOS, Windows, Apple Macintosh, SGI Irix, Sun Solaris, and VMS systems implemented. From May 1998 to April 2001 (3 years) Decatur, Illinois Area
Computer and Information Systems Security/Information Assurance @ SANS Institute From 2003 to 2004 BS, Computer Science & Chemistry @ Millikin University From 1994 to 1998 High School Diploma @ Naperville Central High School From 1991 to 1994 Corbin Carlo is skilled in: Penetration Testing, Network Security, Risk Assessment, Risk Management, PCI DSS, Information Security Management, CISSP, CISA, GSEC, GCFW, QSA, CGEIT, CRISC, Higher Education, Firewalls