Protiviti Contact

Protiviti Contact

Willy Alvarado

Director

PROFESSIONAL EXPERIENCE

Willy has over nineteen years of IT consulting, security, and audit experience. He currently focuses on Identity & Access Management, PCI, and Payment Processing solutions but also has extensive IT Audit, Information Security, & Compliance experience.

MAJOR PROJECTS

  • Identity & Access Management

‒ TimeShare Companies: Led an Identity Management solution design and implementation for a global TimeShare resort company, including the implementation of authentication and account management using IBM Tivoli products and Active Directory design, configuration, and migration. Led role engineering for two other TimeShare organizations.

Insurance Providers: Led Identify Management projects for two insurance providers, including authentication and access management / SSO, enterprise role-based access redesign, role governance, etc.

- Consumer Products: Led an Identity Management project, including Active Directory governance, provisioning / access management, and SharePoint security and governance for a global products company. Led an Identity Management assessment and 5-year roadmap for another global products company.

  • Payment Processing & PCI Compliance

Theme Parks: Led the design and implementation for the replacement of the payment gateway and enablement of EMV, P2PE, tokenization, mobile wallet, PIN debit, eCommerce, and mobile payment solutions for a leading theme park. Led the design and selection for the replacement of the payment gateway, acquirer, and payment solutions for another.

Insurance & Financial Services: Led PCI assessment and remediation assistance projects for two large insurance providers and a federal credit union.

Hospitality & TimeShare Companies: Led the PCI assessments and remediation efforts for various hospitality, theme park, and timeshare clients.

- Retailers: Performed PCI assessments for a leading bakery, two clothing manufacturer / retailers and a wholesale club.

  • IT Audit

Real Estate Investment Trusts (REITs): Currently leads the Internal Audit and SOX 404 compliance efforts for one REIT and led the IT Audit and IT SOX compliance efforts for seven other REITs.

- Private Healthcare Provider: Led the IT Audit function. Started with a COBIT-based risk assessment. Audits included change management, service desk, disaster recovery, and HIPAA security, among others.

Areas of Expertise

  • Identity & Access Management

  • Payment Processing & PCI

  • IT Audit, Security, & Compliance

Industry Expertise

  • Hospitality & TimeShare

  • Consumer Products & Retail

Education

  • BS Industrial Engineering - University of Florida

  • MBA - University of Florida

Professional Memberships and Certifications

  • Project Management Institute

  • Institute of Internal Auditors (IIA)

  • ISACA

  • PCI Qualified Security Assessor

  • Project Management Professional

  • Certified Information Systems Auditors

  • ITIL Foundations Certificate