[email protected]    (800) 499-5834
[email protected]    (800) 499-5834

Carla Brinker

Manager of Cybersecurity Compliance Services

Carla Brinker is a manager on Intersec’s Payment Card Industry Compliance team and the head of Quality Assurance. Carla’s role is to manage QA activities and provide support and consulting services to Intersec’s clients. Consulting services include PCI readiness reviews, remediation of existing findings, assessing and testing of current controls, oversight of new controls implementation, risk assessments, and training as needed.

Carla Brinker has over 20 years of experience in information security. Her experience ranges from small businesses to Fortune 25 corporations in a multitude of industries. Her areas of expertise include IT governance, risk assessments, and audit methodologies.

Carla has participated and led many IT audits (PCI, FFIEC, HIPAA, SOX, and SOC).

Notable accomplishments include:

Some notable accomplishments include:

  • Led PCI compliance program for a large financial institution. Drove project and people to realize results.
  • Created, collected, tracked, and assessed evidence.
  • Led and conducted PCI gap analyses and assessments
  • Conducted general controls reviews, risk assessments, and social engineering engagements for financial institutions
  • Led a department-wide policy re-development project that included developing new IT security and privacy standards
  • Conducted security awareness and IT-based training
  • Supported service provider/vendor management programs

Certifications include:

  • PCI QSA – Payment Card Industry Qualified Security Assessor
  • CISA – Certified Information Systems Auditor (ISACA)
  • CISM – Certified Information Security Manager (ISACA)
  • CCSP – Certified Cloud Security Professional (ISC2) – exam passed 4-20-18, pending endorsement confirmation before certification is official
  • CRISC – Certified in Risk and Information Systems Control (ISACA)
  • PCIP – Payment Card Industry Professional
  • GSNA – GIAC Systems and Network Auditor (SANS)