Curriculum Vitae
ROLAND ARTHUR-KINGSLEY
CISA | CC | MSc | BBA
INFORMATION SECURITY & COMPLIANCE LEADER
Visionary Information Security & Compliance Executive with 10+ years of experience driving enterprise-wide PCI DSS compliance, risk management, and cybersecurity initiatives to strengthen regulatory alignment and safeguard organisational assets within financial services, cloud, and nonprofit sectors. Known for delivering precision-driven security audits, third-party risk frameworks, and GRC strategies to mitigate exposure and enhance operational resilience. Proven record of leading multi-stakeholder compliance projects, streamlining risk management processes, and developing actionable security roadmaps. Solid history of advancing cybersecurity maturity and audit readiness through collaborative leadership, expert advisory, and meticulous control assessments.
I seek to FOCUS on these areas throughout my professional career exploration in attaining expertise and skills to become an SME:
GRC SPECIALIST
PCI DSS EXPERT
STRATEGIC IT AUDITOR
THIRD-PARTY RISK MANAGEMENT
INCIDENT RESPONSE & DISASTER RECOVERY
Governance, Risk & Compliance (GRC)
- Risk Management Frameworks (ISO, NIST)
- Regulatory Compliance (ISO 27001, CIS)
- Security Policies & Awareness
- Third-Party Risk Management (TPRM)
- Incident Response Planning
- Due Diligence & Vendor Evaluation
- Audit Remediation Oversight
- Business Continuity & Risk Treatment
PCI DSS Compliance & Audit
- PCI DSS v4.0 Scope Definition & SAQs
- Report on Compliance (ROC) Documentation
- Audit Lifecycle Management
- Gap Analysis & Remediation Tracking
- PCI DSS Program Development
- Payment Brand Compliance (BRAM, VIRP)
- Network Segmentation & Scope Reduction
- Continuous Compliance Monitoring
Cybersecurity & IT Audit
- Information Security Assessments
- Risk-Based Audit Planning
- Internal Controls Evaluation
- Vulnerability Management & Risk Analysis
- Network Segmentation Strategy
- Security Architecture Review
- Security & Compliance Tooling
- SIEM, DLP, GRC Platforms (e.g., Archer)
Eretmis Incorporated, New York - Remote
Information Security Auditor/Consultant
Conduct PCI DSS assessments and provide design of security documentation, enabling clients to meet regulatory requirements. Collaborate with QSA teams to define compliance scope and streamline segmentation efforts. Assist clients through compliance validation processes while overseeing remediation planning. Facilitate policy development in line with data protection standards and assist in maintaining ongoing adherence.
- Led PCI DSS assessment projects, managing compliance readiness, gap analysis, and remediation planning.
- Developed detailed PCI project plans, enhancing cross-functional alignment by mapping responsibilities, milestones, and deliverables to improve project visibility and on-time audit completions.
- Collaborated with IT, security, and engineering teams to mitigate security risks and ensure compliance.
- Delivered tailored guidance on SAQs and ROC documentation, resulting in smoother audit readiness.
- Built client-specific PCI DSS compliance roadmaps for risk management and sustained security maturity.
- Improved assessment boundary definitions through strategic segmentation advisory, reducing scope creep and audit complexities while enhancing overall network security.
Tia Cloud Ltd., London, UK
Third-Party Risk & Compliance Manager
Developed third-party risk governance frameworks to implement consistent vendor evaluation practices. Oversaw execution of due diligence procedures for suppliers, aligning practices with regulatory standards. Maintained continuous risk monitoring protocols to track compliance across vendor lifecycles. Assessed risk exposure based on criticality and data sensitivity to streamline decision-making processes.
- Prioritised supplier reviews using a tiered risk model, resulting in a 30% increase in assessment efficiency.
- Instituted TPRM programme to strengthen supplier risk identification and mitigation strategies.
- Conducted assessments of vendor controls, improving data protection alignment with industry regulations.
- Established KRIs and KPIs to boost visibility into third-party security performance and compliance trends.
- Led vendor audits and compliance checks for timely assessment of control gaps and corrective actions.
African Diaspora Development Institute (ADDI), Washington, DC - Remote
Governance Risk & Compliance Analyst
Defined information security policies and standards in alignment with ISO, NIST, and CIS frameworks. Performed IT risk assessments to locate vulnerabilities across systems and applications. Supported vendor evaluations by contributing to third-party control reviews. Collaborated with internal teams to implement risk mitigation strategies.
- Built organisation's risk management framework by developing structured compliance protocols.
- Participated in designing security awareness initiatives to improve employee understanding of policies and compliance responsibilities, fostering a culture of accountability.
- Formulated incident response plans, maximising readiness to address cybersecurity events.
- Coordinated with stakeholders to devise risk treatment plans, reducing exposure to key threats.
- Regulated third-party assessment workflows, resulting in faster detection of control deficiencies.
- Maintained reporting on compliance progress and remediation efforts, boosting audit preparedness.
Master of Science (MSc) in International Health Management
Imperial College Business School
Bachelor of Business Administration (BBA) in Accounting & Finance
Valley View University