CCSFP, CISA, CISM, CGEIT, CRISC, CDPSE, QSA, QPA
Hugh has over 30 years of experience in the auditing profession for companies ranging from start-ups to market leaders, with extensive experience in the payments industry. He leads projects for Payment Card Industry (PCI) assessment and remediation, ISO/IEC 27001, ISO/IEC 27701, ISO 22301 certifications, SOC reporting, internal IT and operations audits, and internal audit consulting.
Hugh has a strong track record of managing global operational and IT audit groups, contributing to the successful start-up of internal audit functions, and implementing new methodologies to improve audit effectiveness and efficiencies.
Prior to forming Pointe Solutions, Hugh was Vice President of Risk, Control, & Audit for First Data Corporation, the nation’s leading credit and debit processor. Other payment industry positions included Vice President, Internal Audit for Star Systems, Inc., the nation’s largest debit network; and Director, Internal Audit for Electronic Payment Services, Inc., the largest ATM processor in the U.S.
Hugh’s previous experience included Regional Audit Director of IT & Operations for Invesco Ltd. and IT audit positions with The Vanguard Group, Inc. Hugh began his career within the IT Audit Services division of Coopers & Lybrand, where he supported the casino, financial services and health care industries.
Hugh received a BBA in Management Information Systems from Pace University and an MBA from Villanova University.
- Certified HITRUST Practitioner (CCSFP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified in Governance of Enterprise (CGEIT)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Data Privacy Solutions Engineer (CDPSE)
- PCI Qualified Security Assessor (QSA)
- PCI Qualified PIN Assessor (QPA)
- Certified TG-3 Auditor (CTGA)
- Information Security Audit and Control Association (ISACA)
- X9 Standards Committee (former)
- PCI assessments for cloud service providers, processors, major retailers, telecommunications, and cable companies
- ISO/IEC 27001, ISO/IEC 27701, and ISO 22301 certifications
- Security Policy assessments to consolidate multiple business units and map to industry standards (ISO 27001, NIST-53, PCI V3.2.1)
- SOC 2 Type 2 Reports for multiple industries
Vice President and CISO
CISSP, GPEN, MCSE, Security+
Mike has 30+ years of experience in multi-platform installations, data architecture design, security/compliance areas, and telecommunications. He leads security assessments for PCI DSS certifications, focusing on all areas of security/technical requirements and compliance. He also serves as Chief Information Security Officer for numerous clients, leading efforts to develop their information security policies and procedures.
Prior to working with Pointe Solutions, Mike was Chief Information / Chief Security Officer for Cohen, Shapiro, Polisher, Shiekman and Cohen, a large regional law firm, where he was responsible for strategic planning and day-to-day operations for their multi-platform computer and telecommunications systems. Under his leadership, the firm’s technology capabilities and performance grew to exceed that of many of the top firms in the region. Previously, Mike worked with various major law firms to develop computerized systems for tracking complex litigation cases.
Mike holds a BA in Political Science from Lebanon Valley College.
- Certified Information Systems Security Professional (CISSP)
- SANS-Certified Penetration Tester (GPEN)
- Microsoft Certified Systems Engineer (MCSE)
- Certified in Security+
- Performing CSO functions for prepaid card processor and PCI Level 1 service provider
- Managing major IT conversion project and PCI remediation efforts for a large marketing firm