Kevin Thomas, CISSP, PCI QSA, CRISC, HITRUST

Kevin Thomas, CISSP, PCI QSA, CRISC, HITRUST, has a diverse range of experience in the security and compliance industry. Kevin co-founded and served as the Lead Architect at Go Spark Solutions, LLC, where they developed illumino, a security and compliance management portal. Prior to that, Kevin co-founded Contextual Security Solutions, LLC.

From 2002 to 2012, Kevin worked at a Private Security Consulting Firm, starting as the Director of Risk & Compliance Services and later taking on the roles of Director of Risk & Compliance, Director of Security Assessments, and Principal Security Consultant. In these positions, they were responsible for delivering risk and compliance consulting services to commercial and government clients, as well as managing the organization's service delivery processes and implementing a customer portal.

Before joining the consulting firm, Kevin worked at UUNET as a Security Sales Engineer, providing pre-sales support and security consulting for VPNs, firewalls, strong authentication, and remote access technologies.

Throughout their career, Kevin has demonstrated expertise in various security assessments, including network vulnerability assessments, application assessments, penetration tests, telecommunication assessments, wireless assessments, and firewall audits. Kevin has also gained experience in designing and enhancing consulting service deliverables.

Kevin Thomas, CISSP, PCI QSA, CRISC, HITRUST, completed their Bachelor of Arts degree in Economics at the University of Tennessee, Knoxville from 1993 to 1996. Kevin also pursued Graduate Studies at the University of Memphis from 2001 to 2002.

In addition to their formal education, Kevin Thomas has obtained multiple certifications in various areas of information security. Kevin became a Certified Information Systems Security Professional (CISSP) and a Certified Information Systems Auditor (CISA) in October 2006. In November 2005, they earned the GIAC Certified Forensics Analyst (GCFA) certification. Following that, in February 2006, they obtained the GHSC HIPAA Security Certificate from GIAC. In October 2008, they became a Qualified Security Assessor (QSA) accredited by the PCI Security Standards Council. In November 2009, they earned the GWAPT certification as a GIAC Web Application Penetration Tester. Kevin Thomas further expanded their expertise by becoming a HITRUST Assessor through the HITRUST Alliance in September 2010. That same year, in December, they became a Certified in Risk and Information Systems Control (CRISC) by ISACA.