Kara Gunderson

PCIP, Director Payment Card Operations, Citgo Petroleum Corporation

Kara has 22 years experience in petroleum payments. She currently directs CITGO Petroleum’s Payment Card Operations team. Oversight includes, PCI DSS, Data Security, Contracts, POS Product Management, Front-End Processing, Back-End Settlement, CITGO Private Label Cards, EMV, Chargebacks and Fraud. Prior to CITGO, Kara managed payment card operations and major oil brand agreements at Giant Industries in Scottsdale, AZ and supported multiple petroleum customer payment portfolios at WorldPay.

Kara Gunderson's Events

Make Your Voice Heard - A Panel Discussion

Date: Tuesday, September 13

Moderated by: Mark Meissner, SVP, Education & Engagement Officer, PCI Security Standards Council

Panelists: Kara Gunderson, PCIP, Director Payment Card Operations, Citgo Petroleum Corporation; Tony James, Director, Target; Michael Johnson, CISSP, PCI ISA, Executive Director, Global PCI Programs, JPMorgan Chase; Josh Knopp, Chief Information Security Officer, Enterprise Holdings Inc. and Guilherme Scheibe, Regional Director – Brazil, PCI Security Standards Council

There are so many ways to engage with the PCI Security Standards Council (PCI SSC). In this panel discussion, you will hear from PCI SSC Board of Advisors (BoA) members and active community members about the various ways they have engaged with the PCI SSC and how payment stakeholders can have a profound impact on the payment security industry. You will also learn how you can make your voice heard. If you are in the payments industry, you will want to hear this panel and then make your plan to get more involved!

Managing Third-Party Vendor Security From the Business Perspective

Date: Wednesday, September 14

Presented by: Kara Gunderson, PCIP, Director Payment Card Operations, Citgo Petroleum Corporation; Greg Luna, Sr. Legal Corporate Counsel, CITGO Petroleum Corporation and Todd McClelland, Partner, Attorney at Law, McDermott Will & Emery LLP

As recent security incidents demonstrate, third party service providers can cause significant cyber risks. Knowing this, what should a company do to mitigate and manage this risk? Our panel will address this issue by focusing on business aspects of security through the contracting process with service providers. We will discuss best practices to explore the security posture of a prospective vendor, including suggestions for additional cyber-related contract provisions.