Curriculum Vitae

Tomorrow's Security, Today - Championing Audit & Compliance Excellence

Roland Elyon Arthur-Kingsley

London UK • 07384606638

roland.arthurkingsley@gmail.com

LinkedIn

arthurkingsley.tech

CISA | CISM | CC | MSc | BBA

INFORMATION SECURITY CONSULTANT | PCI DSS | IT AUDIT | GOVERNANCE, RISK & COMPLIANCE EXPERT

Information Security Consultant with 10+ years of experience delivering PCI DSS, IT Audit, and GRC programs across fintech, cloud, and regulated sectors. Adept at protecting customers' businesses by improving cybersecurity posture and reducing the likelihood of breaches. Experienced in guiding organisations through PCI DSS certification and v4.0 transitions, ISO 27001 frameworks, NIST CSF, GDPR, and COBIT adoption.

Proven record of bridging technical security and executive leadership, managing third-party vendor compliance, and executing cybersecurity risk assessments. Recognised for strong interpersonal skills, client engagement, and the ability to simplify complex cybersecurity concepts for senior management.

CAREER FOCUS

I seek to FOCUS on these areas throughout my professional career exploration in attaining expertise and skills to become an SME:

GRC SPECIALIST

PCI DSS EXPERT

STRATEGIC IT AUDITOR

THIRD-PARTY RISK MANAGEMENT

INCIDENT RESPONSE & DISASTER RECOVERY

CORE & CRITICAL COMPETENCIES

Governance, Risk & Compliance (GRC)

  • Risk Management Frameworks (ISO, NIST)
  • Regulatory Compliance (ISO 27001, CIS)
  • Security Policies & Awareness
  • Third-Party Risk Management (TPRM)
  • Incident Response Planning
  • Due Diligence & Vendor Evaluation
  • Audit Remediation Oversight
  • Business Continuity & Risk Treatment

PCI DSS Compliance & Audit

  • PCI DSS v4.0.1 Scope Definition & SAQs
  • Report on Compliance (ROC) Documentation
  • Audit Lifecycle Management
  • Gap Analysis & Remediation Tracking
  • PCI DSS Program Development
  • Payment Brand Compliance (BRAM, VIRP)
  • Network Segmentation & Scope Reduction
  • Continuous Compliance Monitoring

Cybersecurity & IT Audit

  • Information Security Assessments
  • Risk-Based Audit Planning
  • Internal Controls Evaluation
  • Vulnerability Management & Risk Analysis
  • Network Segmentation Strategy
  • Security Architecture Review
  • Security & Compliance Tooling
  • SIEM, DLP, GRC Platforms (e.g., Archer)
CAREER EXPERIENCE

Tia Cloud UK Limited, Saunderton, High Wycombe, UK - Hybrid

Aug 2024 – Present

Third Party Risk & Compliance Manager

Job Purpose: Protecting clients' businesses by embedding vendor compliance into risk frameworks, improving overall security posture, and reducing exposure to breaches.

  • Developed third-party risk governance frameworks to implement consistent vendor evaluation practices.
  • Collaborated with IT and security teams to integrate compliance monitoring into supplier frameworks.
  • Managed audit-ready evidence collection across supplier environments, reducing QSA delays by 20%.
  • Led PCI DSS v4.0 vendor gap assessments, prioritising remediation by transaction volume and data sensitivity.
  • Embedded PCI DSS and ISO 27001-aligned controls into supplier contracts, enhancing continuous assurance.

Applied Key Competencies: Vendor Risk Management, COBIT/ISO 27001 frameworks, PCI DSS v4.0 expertise, risk-based prioritisation.

Eretmis Inc. New York - Remote

Mar 2021 – Jul 2024

IT Auditor/Compliance Program Manager

Job Purpose: Strengthening clients' cybersecurity programs by advising on compliance, conducting gap analysis, executing PCI DSS assessments, and delivering remediation strategies to reduce audit risks and enhance resilience.

  • Directed PCI DSS compliance programs, delivering multiple v4.0 transition projects for fintech clients.
  • Produced ROC/SAQ documentation, shortening audit cycles by 25%.
  • Performed full PCI DSS gap assessments, reducing findings by 30% via remediation roadmaps.
  • Implemented segmentation and scope-reduction strategies, lowering compliance costs and exposure surface.
  • Collaborated with QSA teams to streamline compliance validation and audit readiness.

Applied Key Competencies: PCI DSS (SAQ, ROC), ISO 27001, NIST CSF, secure audit lifecycle, executive engagement.

KASANT CONSULT LIMITED, London, UK - Hybrid

May 2016 – Feb 2021

Projects Manager- IT Security, Risks & Compliance

Job Purpose: Enabling organizations to protect their business by defining security policies, reducing vulnerabilities, and implementing global compliance frameworks aligned with ISO 27001, PCI DSS, and NIST CSF.

  • Delivered end-to-end PCI DSS certification projects, from scoping to QSA sign-off.
  • Conducted enterprise-wide risk and BIA assessments, improving audit readiness scores by 40%.
  • Built remediation-tracking dashboards, increasing accountability and boosting audit efficiency.
  • Designed and rolled out ISO 27001 & NIST-aligned frameworks, strengthening compliance posture.
  • Delivered targeted PCI DSS awareness training for IT, DevOps, and business teams.

Applied Key Competencies: Risk Assessments, Governance Frameworks, Stakeholder Training, Policy Development, and Compliance Monitoring.

EDUCATION

Master of Science (MSc) in International Health Management

Imperial College Business School

Bachelor of Business Administration (BBA) in Accounting & Finance

Valley View University

CERTIFICATIONS & TRAINING
  • CompletedCertified in Cybersecurity (CC) – ISC²
  • CompletedCertified Information Systems Auditor (CISA)
  • CompletedCertified Information Security Manager (CISM)
  • In ProgressCertified in Risk and Information Systems Control (CRISC)
  • In ProgressPMP | DORA | PCIP | QSA | ISO 27001 Auditor
PROFESSIONAL AFFILIATIONS

ISACA (Information Systems Audit and Control Association)

ISC² (International Information System Security Certification Consortium)

PMI (Project Management Institute)