Highlights:I have implemented numerous PCI programs for my employers ensuring that all systems, services and software are initially and/or continuously certified. In the 10 years I now work in PCI, 110 ROCs and ROVs have been submitted under my management with a P-ROV being in progress currently. I have specialised in acquisitions and the recovery of non-compliant systems, services and software. I am a problem solver not a BAU operations person. When not working on a PCI project I have implemented IT Risk Management, IT control assurance or IT governance programs.

Skills:PCI DSS, PA DSS, P2PE, IT Security, IT Governance, IT Security Compliance, IT Risk Management

Goal:Continuing to work as a subject matter expert helping my employers to maintain their regulatory and industry security compliance obligations, recover non-compliant systems and integrate acquisitions into a group program.

Membership:ISACA, ISF, Executive Board, ITSMF, OpenGroup, PCI SSC

Certification:PCI ISA CMMI for Services GRC Practitioner Data Protection Professional CISM CRISC Cobit,4.1, Foundation VAL IT 2.0 Foundation ITIL Version 2 Foundation ITIL Version 3 Foundation ISO20000 lead auditor ISO20000 lead implementer ISO27001 lead auditor ISO27001 lead implementer TOGAF9 Practitioner Prince2 RUP (rational unified process) V-Model Requirement Engineering and Management Mind Mapping Project Controlling Leadership Team Conflict Management MoR (Management of Risk)

Head of Security Compliance 11/2011 - current
WorldPay, London, United Kingdom
Industry: Payment Processing, Software Development
Responsible for WorldPay's PCI Program.
WorldPay has divested from Royal Bank of Scotland in 2010 separating their new card processing systems from the banks infrastructure whilst the service portfolio is extended through acquisitions and in-house innovation projects. Challenge: Implement a PCI Certification Management Program across the group that ensures the new platform is PCI DSS compliant at the time of going live. While the new platform is developed ensure all services, systems and software not part of the new platform yet are continuously PCI DSS and PA DSS compliant. For new service propositions and newly acquired systems ensure initial certifications are maintained or initially achieved.--
Security and Compliance Management 01/2005 - 09/2005
First Data Mobile Solutions, Stuttgart, Germany
Industry: Mobile Payments
Responsible for ISO 17799 Certification Project
First Data Mobile Solution had developed a new mobile payment system. Challenge: Achieve ISO 17799 compliance for main and disaster recovery mobile payment system.--
Director Enterprise Security Risk and Compliance 10/2005 - 10/2011
First Data International, Dublin, Riga, Paris, Mumbai, Sydney, Bratislava, Ireland
Industry: Payment Processing
Responsible for the European PCI Program as well as the Security Risk Management program.
First Data expanded significantly starting a series of acquisitions across Europe in 2001. Challenges: - Implement a sustainable PCI Certification Management Program in Europe that enables all business units to continuously maintain their compliance. - Implement the ISO27001 certification governance program. - Develop and implement a data across boarder management process. - Implement a Security Services Delivery Program--
Operations Management 10/2002 - 12/2004
Encorus Technoloy, Stuttgart, Germany
Industry: Payment Processing, Software Development
Responsible for payment system deployment, integration and operations
Encorus Technology was developing a new payment system in Europe. Challenges: - Project Escalation Management during the new payment system development - Deployment and Integration Management of the new payment system. - Provide 7x24 services for the new built payment system.--
Senior Program Manager 03/1999 - 09/2002
Brokat Technologies, Stuttgart, Germany
Industry: Payment Software
Responsible for professional services
Brokat, an early dot com company was developing secure payment processing software mainly used by banks for their online banking solutions. Challenges: - Special Task Force Management - Professional Services Program Management - Project Management--

University of Applied Science 02/1990 - 08/1994
Furtwangen, , Germany
Degree: Bachelor's Degree
Major:Electronic Engineering
Specializing in project management and ISO compliance aspects of medical devices

Sabine Lainer Resume Jan 2015 PCI DSS, PA DSS, P2PE, IT Security, Compliance, Risk Management