Aron Stewart

LEAD INTERNAL IT AUDITOR

Talent

Dallas, DallasMember since November 6, 2025

Hire this person

Send a job offer directly to this candidate

About

Seasoned IT Audit and Cybersecurity Compliance Professional with 6 years of experience leading risk assessments, internal audits,

external audits across healthcare, financial services, cities, airlines, and technology industries. Skilled at PCI DSS 4.0 assessments,

SOX, COSO, ISO, ITGC reviews, HIPAA/HITRUST compliance, and NIST-based audits, with a track record of strengthening IT governance and ensuring regulatory alignment. Adept at scoping and testing IT controls, identifying vulnerabilities, and advising leadership on remediation strategies. Recognized for building collaborative partnerships with executives, IT management, and cross-functional teams to deliver audit results that enhance operational efficiency and regulatory assurance.

Holder of CISA, CISM,

and ISA certifications with a proven ability to translate audit findings into actionable improvements that safeguard critical information assets.

Experience

Direct end-to-end PCI DSS 4.0 assessments as an Internal Security Assessor (ISA), validating controls and ensuring compliance across all Cardholder Data Environments (CDEs).

Lead CDE scoping validation to ensure inclusion/exclusion accuracy for system components, cardholder data flows, and network segmentation boundaries.
Perform detailed testing of PCI DSS requirements 1–12, covering firewall configurations, encryption, access control,

vulnerability management, and incident response.

Conduct evidence collection and sampling using PCI-approved methodologies to support ROC and AOC deliverables.
Advise cross-functional teams on remediation strategies for failed or compensating controls, strengthening PCI posture and audit readiness.
Collaborate with Security, Infrastructure, and Compliance teams to align technical security controls with corporate PCI compliance strategy.
Deliver findings and risk reports to senior executives, emphasizing business impact, compliance gaps, and remediation timelines.

Key Achievements

Successfully led a PCI DSS 4.0 audit under tight deadlines—achieved full compliance with no significant findings.
Enhanced CDE segmentation accuracy, reducing redundant systems in scope and decreasing audit time by 25%.
Built new PCI evidence management repository, improving documentation accuracy and response efficiency for QSA requests