Mark has over 20 years of IT risk and security experience, specializing in PCI DSS compliance, risk assessment, and frameworks like ISO and NIST. As a former CISO in financial services, he revamped security programs and has served as interim or virtual CISO for multiple organizations.
Background
Mark Keppler brings over 20 years of expertise in cybersecurity, IT audit, and risk management. His career spans leadership roles, including Chief Information Security Officer at a financial institution, where he implemented an ISO 27001-based security framework, strengthened compliance with regulations such as GLBA and Sarbanes-Oxley, and developed policies to enhance security and business continuity.
Mark’s diverse background includes consulting for various industries, performing security risk assessments, roadmap development for frameworks like NIST and PCI DSS, and leading penetration testing and vulnerability assessments. As a Certified Information Systems Auditor (CISA) and Certified Risk and Information Systems Control (CRISC) professional, he also advises organizations as a virtual CISO, helping them navigate complex security challenges, manage third-party risks, and build resilient security programs. Mark’s practical guidance and strategic insights make him a trusted partner in achieving strong cybersecurity.
Present Day
As the Director of Advisory Services, Mark concentrates on managing and enhancing the cybersecurity strategies for SEVN-X's clients, ensuring they align with the broader business objectives. He oversees the entire cybersecurity program lifecycle, from assessment and development to compliance and project management. Mark evaluates regulatory frameworks, develops strategic roadmaps, and provides guidance to the offensive security team. His technical expertise and strategic vision make him indispensable to the organization.
Certifications:
- CISSP (Security Professional)
- CISA
- CRISC
- QSA