John Powell Email & Phone Number

San Diego, CA, US

London, GB

Pasadena, California, US

• Served as vCISO, over the course of two years, for over 20 clients ranging in size from $10-$500m in size across many industry verticals. Served as manager to a team of Technical Program Managers, Security Engineers.
• Conducted a myriad of audits against ISO 27001, CMMC 2.0, SOC 2, HIPAA, HITRUST, NIST CSF and more.
• Completed risk assessments across many industry verticals and various sized organizations.
• Developed and grew internal resources from lower-level positions into vCISOs.
• Streamlined processes and workflows allowing CDG to bring on more clients without additional headcount.
• Delivered findings to multiple C-suites and boards in a concise, risk focused approach threading the needle of internal politics to deliver the desired results across the enterprise.

Coral Gables, FL, US

• Led a global team of four security engineers responsible for the Information Security Engineering program of a 600-person, 1500 endpoint, $120m annual revenue FinTech. These areas included Security Operations.
• Revamped the vulnerability management program processes by implementing the Rapid7 suite of tools (Incident Detection and Response, AppScan, and Insight Vulnerability Management) and building associated workflows to.
• Matured the Governance, Risk, and Compliance (GRC) of Allvue’s cybersecurity program by developing cybersecurity policy and processes, building/maintaining/sharing the risk register with the executive leadership teams.
• Primary resource in charge of interviewing and hiring new security team members.
• Built out the company’s “zero trust” security architecture significantly reducing risk across the organization while maintaining an agile SDLC and CI/CD pipeline for our financial clients.

Franklin, Tennessee, US

• Started 5Iron LLC with two others and created a Managed Services Security Provider (MSSP) company delivering outsourced Security Operations (managed SOC), managed Security Information and Event Management (SIEM).
• Directly managed 16 employees and hired 26 employees.
• Created and managed a 24/7/365, in-person, Security Operations Center (SOC) supporting clients globally.
• Built out the client onboarding/offboarding process from scratch.
• Performed roles spanning security analyst, security engineer, security architect, project manager, incident response lead, SOC manager, delivery lead, and COO until I recruited replacements for these positions as the.
• Captured and reported on company metrics to ensure 5iron was running as efficient as possible and to gain insight into the profit margins of various offerings.

Brentwood, TN, US

CYBERSECURITY - Development and implementation of LifePoint Heath's cybersecurity program. This involved threat intelligence, vulnerability management, security information and event management, incident response, endpoint security, security architecture, email and phishing protections, and security tool implementations like two-factor authentication..

Dallas, Texas, US

SECURITY ARCHITECTURE: Architected a security program in an extremely fast paced environment. Implemented the HITRUST framework. Built a gap analysis and corrective actions plan based on risk to appropriately apply the most cost effective controls to reduce the greatest amount of risk. CUSTOMER RELATIONS MANAGEMENT (CRM): Served as the face of the.

US

VULNERABILITY MANAGEMENT: Led vulnerability management teams over new acquisitions and a health information exchange. This involved assets across the U.S. and internationally. PERSONNEL MANAGEMENT: Effectively managed teams remotely including international teams. Assigned appropriate metrics and tasks via projects to ensure work was completed in a timely.

PROJECT MANAGEMENT: Provided project management within the information security field for large healthcare clients. Included from conception (charter) to building the project plan, execution, deliverables, and successful transition to operations. INFORMATION SECURITY CONSULTATION: Provided expert opinions and guidance on information security architecture.

Nashville, TN, US

INFORMATION SECURITY ENGINEERING: Researched, developed, and implemented information security controls appropriate to the organization.DISASTER RECOVERY: Implemented disaster recovery programs for over 100 physician practices. Developed a process that was standardized, repeatable, and effective.SECURITY OPERATIONS: Maintained day to day security operations.

King Of Prussia, PA, US

SYSTEM OPERATIONS: Ensured all systems were compliant to company security policies and standards.CUSTOMER SUPPORT: For any security related issues, was top level support for all security related tickets and incidents.ENCRYPTION: Led an encryption project with several contractors to encrypt all endpoints enterprise wide.

Franklin, TN, US

PERSONNEL MANAGEMENT: Managed a team of contractors per site to unpack, install, configure, and troubleshoot a roll out of all new equipment and applications.CUSTOMER SUPPORT: Was front line support for all new acquisition project and technical related work. Had to win over local IT support to ensure efficient transition to new applications, standards, and.

Nashville, TN, US

IT CONSULTATION: Served as a general consultant for any IT related matters. This was anything from removing malware to architecting entire networks.CUSTOMER SUPPORT: First contact for all current and new customers to resolve issues in a timely manner.BUSINESS DEVELOPMENT: Served on the board to provide direction and growth for new business opportunities.

US

SYSTEMS ADMINISTRATION: Served as systems administrator in a Windows and Linux environment providing installation, maintenance, and troubleshooting of all hardware, operating systems, and applications. EXCHANGE ADMIN: Administered the Exchange environment for the enterprise. That included high availability, backups, and mail support. SUPPORT: Level 3.

Round Rock, Texas, US

TECHNICAL SUPPORT: Served as a premium tier of support for small medium business (SMB) at Dell. Provided support via phone, email, and chat for clients who paid a premium for top level/certified support. METRICS: #1 gold level support technician for an entire quarter scoring highest in all metrics across gold level support.

Master Of Business Administration (Mba), It Management

B.S., Political Science, Economics, Psychology