John Powell Email and Phone Number
San Diego, CA, US
John Powell's Location
San Diego, California, United States, United States
John Powell's Contact Details
John Powell personal email
- Valid
About John Powell
A seasoned cybersecurity professional with a rich 19-year background, including 12 years of team and technical leadership in diverse sectors such as Healthcare, FinTech, Financial Services, large enterprises, consulting firms, MSSPs, and agile startups. Proficient in scaling up small start-ups and thriving in large, global enterprises. Demonstrates extensive expertise in Security Operations leadership, vCISO services, risk management, compliance, and incident response. Exceptional at articulating risk and earning trust at the executive and board levels. Possesses robust leadership and management capabilities, evidenced by a track record of building and inspiring high-performing teams.Cybersecurity Expertise: Security Operations | Securing CI/CD Pipelines | Governance Risk and Compliance (GRC) | Security Architecture | Incident Response | Project Management | Zero TrustTechnologies: On prem, hybrid, cloud native, multi-cloud | SaaS, PaaS, IaaS | AWS, Azure, GCP | Mac OSX, Windows, Linux | EDR, SIEM, SOAR, CASB, DLP, IAM, Vulnerability Management | Jira, Confluence, Asana, Microsoft Project, SmartsheetCompliance: ISO 27001 | SOC 2 (Type 1 and 2) | NIST CSF | HIPAA | HITRUST | CMMC 2.0 | GDPRTools: Rapid7 suite | Crowdstrike |Splunk, Nessus | OneTrust |Drata |Confluence and Jira |Azure security suite |AWS security suite| Wireshark |Palo Alto Firewalls |most tools within Kali Linux |Proofpoint |Okta |Duo| JumpCloud |Cloudflare |Zscaler |Carbon Black |Forescout, | most project management tools.Certifications: ISC(2) CISSP | AWS Cloud Practitioner | PMI Project Management Professional (PMP) | ISO 27001 Lead Implementer (in progress) | EC-Council Certified Ethical Hacker (CEH) [has since lapsed] | CompTIA Security +, Network+, and A+
John Powell's Current Company Details
Ice Cybersecurity
View
Virtual Chief Information Security Officer (vCISO)
San Diego, CA, US
- Website:
- icecybersecurity.com
- Employees:
- 12
John Powell Work Experience Details
-
Virtual Chief Information Security Officer (Vciso)Ice CybersecuritySan Diego, Ca, Us
-
Virtual Chief Information Security Officer (Vciso)Independent Consultant Feb 2024 - PresentLondon, Gb -
Vice President Of Services And VcisoCyber Defense Group Jan 2022 - Feb 2024Pasadena, California, UsServed as vCISO, over the course of two years, for over 20 clients ranging in size from $10-$500m in size across many industry verticals. Served as manager to a team of Technical Program Managers, Security Engineers, and Project Managers. Oversaw all delivery services focusing on efficiency, streamlining processes, and delivering quality results tied to business goals of our clients.• Conducted a myriad of audits against ISO 27001, CMMC 2.0, SOC 2, HIPAA, HITRUST, NIST CSF and more.• Completed risk assessments across many industry verticals and various sized organizations.• Developed and grew internal resources from lower-level positions into vCISOs. • Streamlined processes and workflows allowing CDG to bring on more clients without additional headcount.• Delivered findings to multiple C-suites and boards in a concise, risk focused approach threading the needle of internal politics to deliver the desired results across the enterprise.• Built a culture of success, teamwork, and satisfaction across CDG.• Developed and executed on cybersecurity roadmaps reducing risk to acceptable levels for our clients. -
Security Engineering Team LeadAllvue Systems Mar 2020 - Jan 2022Coral Gables, Fl, UsLed a global team of four security engineers responsible for the Information Security Engineering program of a 600-person, 1500 endpoint, $120m annual revenue FinTech. These areas included Security Operations Engineering, Cloud Security, Product/Application Security, Security Risk Management, Governance, Compliance, and Security Education. Reported directly into the CISO and managed an annual budget of $20m. Prepared quarterly board reports. Was also responsible for high level security architecture and functioned as the technical lead on complex projects.• Revamped the vulnerability management program processes by implementing the Rapid7 suite of tools (Incident Detection and Response, AppScan, and Insight Vulnerability Management) and building associated workflows to tackle a previously ad hoc program.• Matured the Governance, Risk, and Compliance (GRC) of Allvue’s cybersecurity program by developing cybersecurity policy and processes, building/maintaining/sharing the risk register with the executive leadership teams and board, developed Allvue’s executive reporting functions, and ensured successful SOC 2 Type II audits.• Primary resource in charge of interviewing and hiring new security team members.• Built out the company’s “zero trust” security architecture significantly reducing risk across the organization while maintaining an agile SDLC and CI/CD pipeline for our financial clients. -
Vice President Of Security Operations And Chief Information Security Officer (Ciso)Five Iron (5Iron) Mar 2016 - Mar 2020Franklin, Tennessee, UsStarted 5Iron LLC with two others and created a Managed Services Security Provider (MSSP) company delivering outsourced Security Operations (managed SOC), managed Security Information and Event Management (SIEM), managed firewalls, incident response, and various other managed security toolsets for clients as needed. Scaled the company to over $10m in revenue.• Directly managed 16 employees and hired 26 employees.• Created and managed a 24/7/365, in-person, Security Operations Center (SOC) supporting clients globally.• Built out the client onboarding/offboarding process from scratch. • Performed roles spanning security analyst, security engineer, security architect, project manager, incident response lead, SOC manager, delivery lead, and COO until I recruited replacements for these positions as the company expanded.• Captured and reported on company metrics to ensure 5iron was running as efficient as possible and to gain insight into the profit margins of various offerings.• Was heavily involved in strategic and tactical decisions to scale the company upward. -
Senior Manager, Information SecurityLifepoint Health Dec 2014 - Mar 2016Brentwood, Tn, UsCYBERSECURITY - Development and implementation of LifePoint Heath's cybersecurity program. This involved threat intelligence, vulnerability management, security information and event management, incident response, endpoint security, security architecture, email and phishing protections, and security tool implementations like two-factor authentication. INFORMATION SECURITY TRAINING AND AWARENESS - Development and implementation of LifePoint Health's information security training and awareness program.INCIDENT RESPONSE - Development, implementation, and lead on responding to security incidents.SECURITY ARCHITECTURE - Served as an internal security consulting on enterprise projects. -
Director, Information SecuritySpecialists On Call, Inc. Mar 2014 - Dec 2014Dallas, Texas, UsSECURITY ARCHITECTURE: Architected a security program in an extremely fast paced environment. Implemented the HITRUST framework. Built a gap analysis and corrective actions plan based on risk to appropriately apply the most cost effective controls to reduce the greatest amount of risk. CUSTOMER RELATIONS MANAGEMENT (CRM): Served as the face of the information security program in procuring new business. Routinely worked with sales teams to answer any security questions of potential clients, filled out assessments, and developed security white-papers. INCIDENT RESPONSE: Built out an incident response program and ran table top exercises. Documented all potential incidents and the appropriate and reasonable response to said incidents.HIPAA AND PRIVACY OFFICER: Served as the HIPAA security and privacy officer in regards to being the business associate to many large healthcare corporations involving patient data. VULNERABILITY AND THREAT MANAGEMENT: Created the vulnerability and threat management program. This involved scanning all assets and incorporating IT to effectively remediate all vulnerabilities found. DISASTER RECOVERY: As the disaster recovery program manager, developed the business continuity plan as well as the disaster recovery plan. Ran table top exercises to ensure the program ran according to plan and everyone was on the same page. -
Senior Information Technology Security Team Lead, Information And Risk Management (Irm) TeamUnitedhealth Group Jul 2012 - Mar 2014UsVULNERABILITY MANAGEMENT: Led vulnerability management teams over new acquisitions and a health information exchange. This involved assets across the U.S. and internationally. PERSONNEL MANAGEMENT: Effectively managed teams remotely including international teams. Assigned appropriate metrics and tasks via projects to ensure work was completed in a timely manner.CYBERSECURITY: Researched and stayed on top of the latest threats to make sure our systems were scanned for and provided proper remediation recommendations. -
Sr. Information Security ConsultantIngenuity Associates Nov 2011 - Jul 2012PROJECT MANAGEMENT: Provided project management within the information security field for large healthcare clients. Included from conception (charter) to building the project plan, execution, deliverables, and successful transition to operations. INFORMATION SECURITY CONSULTATION: Provided expert opinions and guidance on information security architecture, engineering, project planning, threats, intelligence, vulnerabilities, risk management, vendor management, vendor selection, etc.SECURITY OPERATIONS: Resource to organizations who needed expert security operations personnel to help maintain or develop their security operations programs.
-
Division Information Security OfficerHca Aug 2010 - Nov 2011Nashville, Tn, UsINFORMATION SECURITY ENGINEERING: Researched, developed, and implemented information security controls appropriate to the organization.DISASTER RECOVERY: Implemented disaster recovery programs for over 100 physician practices. Developed a process that was standardized, repeatable, and effective.SECURITY OPERATIONS: Maintained day to day security operations around vulnerability management, encryption, and enforcing security policy and standards.CONTRACTING: Worked with potential vendors on completing HCA's risk assessment document, business associate agreements, and also worked to remediate any potential red flags prior to doing business with the organization. -
Information Security AdministratorUhs Nov 2009 - Aug 2010King Of Prussia, Pa, UsSYSTEM OPERATIONS: Ensured all systems were compliant to company security policies and standards.CUSTOMER SUPPORT: For any security related issues, was top level support for all security related tickets and incidents.ENCRYPTION: Led an encryption project with several contractors to encrypt all endpoints enterprise wide. -
System EngineerCommunity Health Systems Jun 2009 - Nov 2009Franklin, Tn, UsPERSONNEL MANAGEMENT: Managed a team of contractors per site to unpack, install, configure, and troubleshoot a roll out of all new equipment and applications.CUSTOMER SUPPORT: Was front line support for all new acquisition project and technical related work. Had to win over local IT support to ensure efficient transition to new applications, standards, and policies. PROJECT MANAGEMENT: Tracked all tasks per facility to keep deadlines on track to migrate and go-live on all new systems and hardware. -
Information Technology ConsultantConcept Technology Jun 2008 - Jun 2009Nashville, Tn, UsIT CONSULTATION: Served as a general consultant for any IT related matters. This was anything from removing malware to architecting entire networks.CUSTOMER SUPPORT: First contact for all current and new customers to resolve issues in a timely manner.BUSINESS DEVELOPMENT: Served on the board to provide direction and growth for new business opportunities and help steer all new technology. -
Systems AdministratorNational Renal Alliance Dec 2006 - Jul 2008UsSYSTEMS ADMINISTRATION: Served as systems administrator in a Windows and Linux environment providing installation, maintenance, and troubleshooting of all hardware, operating systems, and applications. EXCHANGE ADMIN: Administered the Exchange environment for the enterprise. That included high availability, backups, and mail support. SUPPORT: Level 3 support for complex issues not resolved at lower levels of support. -
Gold Support TechnicianDell Inc. Nov 2005 - Dec 2006Round Rock, Texas, UsTECHNICAL SUPPORT: Served as a premium tier of support for small medium business (SMB) at Dell. Provided support via phone, email, and chat for clients who paid a premium for top level/certified support. METRICS: #1 gold level support technician for an entire quarter scoring highest in all metrics across gold level support.
John Powell Skills
Information Security
Security
Disaster Recovery
Information Technology
Cissp
Vulnerability Management
Microsoft Exchange
Computer Forensics
Penetration Testing
It Management
Active Directory
Security+
Data Center
Project Management
Networking
Pmp
Hipaa
Windows Server
Microsoft Certified Professional
Ceh
Network+
Itil
Vulnerability Assessment
Dns
Computer Security
Ips
Program Management
U.s. Health Insurance Portability And Accountability Act
Threat Intelligence
Risk Management
Security Frameworks
Ethical Hacker
A+
Six Sigma
Mba
Pci Dss
Multi Factor Authentication
Regulatory Compliance
Hitrust
Ediscovery
Siem
John Powell Education Details
-
Western Governors UniversityIt Management -
Middle Tennessee State UniversityPsychology
Frequently Asked Questions about John Powell
What company does John Powell work for?
John Powell works for Ice Cybersecurity
What is John Powell's role at the current company?
John Powell's current role is Virtual Chief Information Security Officer (vCISO).
What is John Powell's email address?
John Powell's email address is jo****@****ail.com
What schools did John Powell attend?
John Powell attended Western Governors University, Middle Tennessee State University.
What skills is John Powell known for?
John Powell has skills like Information Security, Security, Disaster Recovery, Information Technology, Cissp, Vulnerability Management, Microsoft Exchange, Computer Forensics, Penetration Testing, It Management, Active Directory, Security+.
Who are John Powell's colleagues?
John Powell's colleagues are Eric Nichter.
Free Chrome Extension
Find emails, phones & company data instantly
Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Aero Online
Your AI prospecting assistant
Select data to include:
Total price:
$0.00
0 records × $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial