Profiles search
John Woods
Chief Information Security Officer, technical and business focused leader with a passion for problem solving, reducing risk, and improving IT.
Chicago, IL, United States
Details
Experience:
First security hire in the company’s 100-year history
Successfully built the cybersecurity practice and changed the companies culture
Implemented the global vulnerability management program, security awareness training
program, incident response team, centralized logging, hardening standards, endpoint security,
SDLC training, network segmentation, two-factor authentication, PAM, firewall change
monitoring, and cloud security standards
Created a top-down cybersecurity culture
Established cybersecurity vision, roadmap, and policies
Created the Information Security Board, presented relevant risk and security information
directly to the CEO and senior leaders of the company
Established a risk-based approach to measure and score cybersecurity which is used to
ensure we focus limited resources on the most impactful areas
Improved business outcomes by ensuring senior leadership understood the information,
security risks, options, and alternatives regarding major decisions such as acquisitions and
new strategic partnerships
Influenced IT leaders to continuously improve controls and resolve security issues by taking a
pragmatic approach, demonstrating the risk of critical issues, and helping them tie security
improvements into other needed operational improvements or existing planned work
2014 : Present
RJ O'Brien & Associates LLC
Global CISO - Sr. Director of Information Security
Performed internal and external penetration testing and security assessments
Led client calls, meetings, and formal presentations
2012 : 2014
Accuvant
Penetration Tester
Performed internal and external penetration tests and security assessments
Provided technical expertise on sales calls and wrote statements of works and proposals
2012 : 2012
Novacoast
Penetration Tester
Led a team of eight security engineers and architects and had direct responsibility for the
security budget
Established the information security roadmap
Directly responsible for the security budget, product selection, and purchasing
Led the selection an implementation of SIEM, WAF, Vulnerability Scanner, WIPS, Forensics
Software, HSM, DAM, and PIM products
2005 : 2012
US Cellular
Information Security Manager
Performed internal and external penetration tests and security assessments
Audited security, operations, and application IT controls including SOX 404 audits
2004 : 2005
Jefferson Wells
Security Consultant, Penetration Tester
Successfully built the cybersecurity practice and changed the companies culture
Implemented the global vulnerability management program, security awareness training
program, incident response team, centralized logging, hardening standards, endpoint security,
SDLC training, network segmentation, two-factor authentication, PAM, firewall change
monitoring, and cloud security standards
Created a top-down cybersecurity culture
Established cybersecurity vision, roadmap, and policies
Created the Information Security Board, presented relevant risk and security information
directly to the CEO and senior leaders of the company
Established a risk-based approach to measure and score cybersecurity which is used to
ensure we focus limited resources on the most impactful areas
Improved business outcomes by ensuring senior leadership understood the information,
security risks, options, and alternatives regarding major decisions such as acquisitions and
new strategic partnerships
Influenced IT leaders to continuously improve controls and resolve security issues by taking a
pragmatic approach, demonstrating the risk of critical issues, and helping them tie security
improvements into other needed operational improvements or existing planned work
2014 : Present
RJ O'Brien & Associates LLC
Global CISO - Sr. Director of Information Security
Performed internal and external penetration testing and security assessments
Led client calls, meetings, and formal presentations
2012 : 2014
Accuvant
Penetration Tester
Performed internal and external penetration tests and security assessments
Provided technical expertise on sales calls and wrote statements of works and proposals
2012 : 2012
Novacoast
Penetration Tester
Led a team of eight security engineers and architects and had direct responsibility for the
security budget
Established the information security roadmap
Directly responsible for the security budget, product selection, and purchasing
Led the selection an implementation of SIEM, WAF, Vulnerability Scanner, WIPS, Forensics
Software, HSM, DAM, and PIM products
2005 : 2012
US Cellular
Information Security Manager
Performed internal and external penetration tests and security assessments
Audited security, operations, and application IT controls including SOX 404 audits
2004 : 2005
Jefferson Wells
Security Consultant, Penetration Tester
Company:
RJ O'Brien & Associates LLC
About
I love making IT better. Cybersecurity and Information Technology are my passions. I enjoy making cybersecurity part of the solution and driving operational benefits beyond security.
Profile Photo
