Gareth joined PCI SSC in April 2012, bringing 15 years of experience from the Information Security field. He initially started as a software developer and soon specialised in secure web application development processes. This led to him joining a PCI ASV company in 2005 where he worked as a penetration tester and consultant, becoming a QSA in 2006, followed by a PA-QSA in 2008. Gareth has worked with many large financial institutions and merchants on projects around PCI DSS, risk management, data loss prevention as well as conducting forensic and breach investigations. Gareth is a CISSP and holds a B.Sc. degree.
Marc has been with the PCI Security Standards Council since 2015 and brings with him 25 years of IT and IT security experience. Prior to joining, he held a number of PCI certifications, including QSA, PA-QSA, P2PE QSA, and P2PE PA-QSA. His professional background includes roles as system administrator, penetration tester, security consultant, helpdesk resource, and forensic investigator. Marc has performed hundreds of assessments worldwide for clients as small as “mom-and-pop” shops to large international financial corporations. Marc also has created and presented webinars, internal training, and spoken at conferences.
Travis joined the PCI Security Standards Council in April 2016 and brings with him 15+ years of IT and IT Security experience. In addition, he also brings nine years of Point of Interaction (POI) and Host Security Module (HSM) support to the training team. Most recently, Travis worked with a company that specializes in payment terminal encryption where he provided consulting services to merchants and acquirers on their HSM encryption domains to process secure transactions. Travis has also been a PCI QSA since 2011. In addition to performing audits, he has worked with clients to perform gap assessments, assist with their prioritized approach, and provide remediation consulting to assist them in achieving PCI DSS compliance.
Tom joined the PCI Security Standards Council in July 2015. He brings over 15 years of IT training and payment industry experience. He started his career as a qualified teacher then moved into the eLearning sector, developing training and resources for virtual learning environments. Most recently, Tom spent five years with a company specialising in electronic card payments. He built and managed their training and eLearning programme and qualified as an Internal Security Assessor (ISA). He has worked on-site with well over a hundred diverse merchants delivering training on PCI DSS, card payment security, and a range of payment systems.