Rocco A. Del Carmine is a Principal Technology Security Specialist for AT&T reporting to the (CSO) Chief Security Office and has recently completed his twelfth year of service with AT&T Services, Inc.
Rocco’s technical and managerial responsibilities has spanned across all industry security domains in his thirty-two year IT Technology and Information Security career. He has designed and implemented a number of security programs. products, tools and solutions to minimize risk and exposure to a diverse number of corporations and business partners such as; PepsiCo, USCO Logistics, Bayer Pharmaceuticals, Sun Micro Systems, AstraZeneca and Nortel, including providing security-consulting services for U.S. Financial organizations. While at PepsiCo as the Senior Security Technical Manager, he managed staff concentration and career path expansion in the Information Security, Operations and Business Continuity domains. He assisted the Pepsi-Cola CSO directly in establishing Pepsi-Cola’s Information Security and Business Continuity programs, including the design, planning and implementation of logical security mainframe, midrange and handheld access control systems. As the Director of Information Security for USCO Logistics (3PL Logistics Solutions Provider), he managed staff concentration and career path expansion in several security domains and developed their Corporate Information Security and Business Continuity programs, including responsibility for facility physical security controls consisting of the design and implementation of security access control systems, alarms, metal detectors, surveillance and biometric security systems for Corporate headquarters, datacenters, offices and business partner subsidiary facilities domestically and internationally. As a Financial organization lead security consultant, he participated and directed teams in the IT audit domain for PCI-DSS audits including Third Party Suppliers.
Rocco joined Prodigy Corporation in 2000 as the Directory of Information Security and developed an ISP security strategy, to minimize risk and exposure to Prodigy and customer information assets. He led a Third Party extensive security assessment engagement of Prodigy’s ISP Internet accessibility that included penetration testing to critical supporting infrastructure components, to evaluate and improve Prodigy’s Internet security posture where applicable and required. He shortly thereafter joined AT&T in early 2001 after AT&T acquired Prodigy. Rocco immediately stepped into the Senior Technical Security Manager role and assumed responsibility for AT&T Internet Services, with further expansion that included Prodigy, Internet Data Centers, AT&T Labs, Sterling Commerce and Yahoo! affiliates and business partners. In the seven year period in the Affiliate and Business Partner manager space, he managed 350+ projects both in an out of his immediate realm of responsibility, including subject matter expertise on several AT&T Chief Security Office Task Force teams.
In 2009, Rocco’s responsibility expanded to the Corporate Security Compliance domain and managed both technical and administrative staff concentration with regards to public facing Web Application layer testing, for AT&T’s portfolio of applications. His team successfully developed a new application compliance testing and review process and is currently being applied to AT&T public facing websites, portals, associated back-end applications and databases using a three-tier application layer approach. Rocco currently reports into the Chief Security Office “Supplier Review Team” organization with concentration on Third Party Supplier security compliance audits and provides extensive team security expertise and assistance where requested.
Rocco has held the Computer Systems Security Certification since 1990 and holds additional domestic and international certifications. Rocco has assisted local and Federal law enforcement agencies on a number of security investigative and forensic cases and for his efforts, has received several commendations from the F.B.I., Secret Service and Home Land Security agencies. He has developed a number of corporate security patents and in 2010 was appointed to the Executive Advisory Board of Directors of the American Board of Information Security and Computer Forensics (ABISCF). He is also a member of the American Board for Certification in Homeland Security, CHS®.
In February 2012, he acquired the Chief Information Security Officer Certification (C|CISO). This IT/Information Security certification acknowledges professional executive and technical career achievements in leading, designing, developing and enhancing Information Security Programs for small, mid-size and large diverse corporations. The C|CISO certification also recognizes an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organizational goals.
In March 2012, he received the AT&T Business Unit Recognition Award for - Extraordinary Leadership Model "Focus on Results" in the area of Third Party Supplier audits and compliance. In August, he achieved the C|CISO “Roll of Honor” recognition credential that recognizes outstanding information security career achievements of industry security related colleagues around the world.
Rocco continues to spread the Information Security message to Public Schools, Universities and local Community organizations as part of his community service volunteering efforts.