About Tony Keith

I'm a CISSP-certified security consultant with over 20 years of experience helping organizations achieve and maintain PCI DSS compliance while building robust security programs.

My journey from developer to technical manager to security expert has given me a unique perspective on how to balance security requirements with business objectives and operational realities.

Tony Keith

Tony Keith

CISSP | Security Consultant

CISSP PCI DSS Expert 20+ Years
// Background

My Story

My career in technology began over 20 years ago as a developer, building high-volume, production-based systems using open source technologies like Linux, Apache, MySQL, and early web frameworks. I loved the challenge of creating scalable, highly available systems that could handle real-world demands.

As I gained experience, I naturally progressed into technical management, leading development teams and overseeing complex projects. This role taught me the importance of balancing technical excellence with business objectives, managing resources effectively, and communicating complex concepts to diverse stakeholders.

The evolution into security consulting happened organically. As payment processing became increasingly central to the systems I was building and managing, PCI DSS compliance became a critical requirement. What started as a necessity quickly became a passion. I pursued my CISSP certification and dedicated myself to mastering the intricacies of payment security and compliance frameworks.

Over the past two decades, I've specialized in PCI DSS across all major versions (V2.0 through V4.0), as well as PA-DSS and PCI PIN standards. I've coordinated countless audits, conducted comprehensive security assessments, and helped organizations of all sizes build and maintain effective compliance programs.

Today, I bring this unique combination of development expertise, management experience, and security specialization to every engagement. I understand that security isn't just about technologyโ€”it's about people, processes, and creating sustainable solutions that work in the real world.

// Principles

What Drives Me

๐ŸŽฏ

Practical Security

Security measures must be effective and sustainable in real-world operations. I focus on practical solutions that your team can actually implement and maintain, not theoretical perfection that looks good on paper but fails in practice.

๐Ÿค

Partnership Approach

I work alongside your team as a partner, not just a consultant. Success means transferring knowledge, building internal capabilities, and ensuring your organization can sustain security initiatives long after our engagement ends.

๐Ÿ“š

Continuous Learning

The security landscape never stops evolving. I stay current with emerging threats, evolving standards, and new technologies to ensure the guidance I provide reflects today's realities, not yesterday's solutions.

๐Ÿ’ก

Clear Communication

Security concepts can be complex, but explanations don't need to be. I translate technical requirements into business terms and help stakeholders at all levels understand what needs to be done and why it matters.

โš–๏ธ

Balanced Perspective

My background in development and management helps me understand competing priorities. I help you find the right balance between security requirements, operational efficiency, and business objectives.

๐Ÿ”’

Integrity First

I provide honest assessments and realistic timelines, even when the truth is uncomfortable. Your trust is earned through transparency, reliability, and consistently delivering on commitments.

// Journey

Professional Milestones

View Full Resume

Early Developer Years

Building scalable web applications with Linux, Apache, MySQL, PHP, and Java. Learned the fundamentals of system architecture and high-availability design.

2000s
2010

Technical Management

Transitioned to leading development teams and managing complex projects. Gained experience in resource allocation, stakeholder management, and strategic planning.

CISSP Certification

Achieved CISSP certification, marking formal recognition of security expertise. Began specializing in payment security and PCI DSS compliance.

2012
2015

PCI DSS Mastery

Became Subject Matter Expert across all PCI DSS versions. Coordinated first of many successful QSA audits and compliance certifications.

Full-Time Consulting

Launched independent practice focusing on PCI DSS compliance, security assessments, and strategic consulting for organizations of all sizes.

2018
2024

PCI DSS 4.0 Adoption

Guided multiple organizations through the transition to PCI DSS 4.0, helping them understand and implement the new requirements effectively.

View Full Resume
// Credentials

Certifications & Expertise

๐ŸŽ“

CISSP

Certified Information Systems Security Professional

๐Ÿ’ณ

PCI DSS

V2.0 through V4.0.1 Expert - +40 Assessments

๐Ÿ“ฑ

PA-DSS

Payment Application Data Security Standard

๐Ÿ”ข

PCI PIN

PIN Security Standards Specialist

Let's Work Together

Ready to discuss how my experience and expertise can help your organization achieve its security goals?

Get in Touch