AeroLeads people directory · profile

Joe P. Email & Phone Number

Cybersecurity Compliance Leader & Deputy CISO @ Choreograph | CISSP, CRISC, CISA, CGEIT, CBCP, ASSOC C|CISO, PMP, HITRUST, ISO27001. at Choreograph
Location: Dallas-Fort Worth Metroplex, United States 10 work roles 3 schools
1 work email found @jpmchase.com 4 phones found area 214 LinkedIn matched
✓ Verified Jul 2026 4 data sources Profile completeness 100%

Contact Signals · 1 work email · 4 phones

Work email c****@jpmchase.com
Direct phone (214) ***-****
LinkedIn Profile matched
3 free lookups remaining · No credit card
Current company
Role
Cybersecurity Compliance Leader & Deputy CISO @ Choreograph | CISSP, CRISC, CISA, CGEIT, CBCP, ASSOC C|CISO, PMP, HITRUST, ISO27001.
Location
Dallas-Fort Worth Metroplex, United States

Who is Joe P.? Overview

A concise factual answer block for searchers comparing this professional profile.

Quick answer

Joe P. is listed as Cybersecurity Compliance Leader & Deputy CISO @ Choreograph | CISSP, CRISC, CISA, CGEIT, CBCP, ASSOC C|CISO, PMP, HITRUST, ISO27001. at Choreograph, based in Dallas-Fort Worth Metroplex, United States. AeroLeads shows a work email signal at jpmchase.com, phone signal with area code 214, and a matched LinkedIn profile for Joe P..

Joe P. previously worked as Director of Cybersecurity Compliance / Deputy CISO at Choreograph and Vice President, Supplier Assurance Governance Lead at Jpmorgan Chase & Co.. Joe P. holds Mba, Business Management, Marketing & Finance from Nova Southeastern University.

Company email context

Email format at Choreograph

This section adds company-level context without repeating Joe P.'s masked contact details.

*@jpmchase.com
68% confidence

AeroLeads found 1 current-domain work email signal for Joe P.. Compare company email patterns before reaching out.

Profile bio

About Joe P.

I am a Director of Cybersecurity Compliance and Deputy CISO at Choreograph, a WPP/GroupM company that provides data and technology solutions for the media and marketing industry. I have over 20 years of experience in cybersecurity and hold multiple certifications and credentials, such as CISSP, CRISC, CISA, CGEIT, CBCP, PMP, HITRUST, and ISO 27001. My core competencies include data privacy, IT security, audit, business continuity, disaster recovery, IT governance, cyber risk management, and compliance. I lead and work with a team of compliance analysts, oversee the implementation and reporting of security governance frameworks and regulatory requirements, and coordinate internal and external audits. I also successfully led the entire HITRUST r2 re-certification process and ensured risk-based decision making across the organization. My mission is to protect the data and assets of our clients and stakeholders, while enhancing the efficiency and effectiveness of our cybersecurity processes.

Listed skills include Disaster Recovery, Security, Itil, It Service Management, and 46 others.

Current workplace

Joe P.'s current company

Company context helps verify the profile and gives searchers a useful next step.

Choreograph
Choreograph
Cybersecurity Compliance Leader & Deputy CISO @ Choreograph | CISSP, CRISC, CISA, CGEIT, CBCP, ASSOC C|CISO, PMP, HITRUST, ISO27001.
AeroLeads page
10 roles

Joe P. work experience

A career timeline built from the work history available for this profile.

Director Of Cybersecurity Compliance / Deputy Ciso

Current

New York, Ny, Us

• Manage and work with Compliance Analyst, including assigning tasks to assist in the completion of compliance activities.• Manage implementation, compliance tracking, and reporting processes for the security governance frameworks, regulatory, and client compliance requirements.• Manage SaaS applications and processes used to track various compliance initiatives.• Define and monitor security metrics and KPIs.• Manage the Thrid-Party Risk Management (TPRM) function, along with preparing and reviewing third-party risk assessments.• Ownership of all internal and external audit coordination between auditors and internal stakeholders, performing initial reviews of evidence submissions and subsequent project management tasks.• Successfully led entire HITRUST r2 re-certification process.• Ensure risk-based compliance to governmental and industry standards such as SOX, HIPAA / HITECH, HITRUST, and SSAE 18 SOC1 / SOC2.• Provide input for corporate security projects with regards to identifying requirements for ongoing compliance.• Ensure oversight of compliance of IT Security obligations for training / awareness, risk assessments, BCDR & Incident Response exercises, and security reviews.• Manage vendor security vetting.• Work proactively with all areas of the business to ensure security compliance objectives are met.• Chair the Committee on Risk and Control, and provide reporting to various senior leaders.

Jan 2022 - Present

Vice President, Supplier Assurance Governance Lead

New York, Ny, Us

• Drove Supplier Assurance Services (SAS) Standards and Procedures and ensured enhancements in response to internal and external drivers; ensured awareness and communication of relevant updates.• Lead SAS Governance forums ensuring appropriate coverage and tracking.• Designed, developed and maintained assessment processes, procedures, checklists and guidance.• Provided governance and requirements into development and maintenance of toolkits.• Identified impact of changes across Corporate Third-Party Operations (CTPO), ensuring appropriate handling of impacting changes.• Ensured SAS community understood assessment requirements and processes as well as impacts resulting from changes.• Ensured assessment documentation libraries were kept current.• Provided governance input into SAS training program and SAS input into CTPO and broader training programs• Functioned as the primary interface with CTPO Exam Management Team, Compliance, Operational Risk Oversight, Control Management, and JPMC Client Teams for SAS-aligned exam, audit and other review matters including responding to and tracking of RFIs.• Partnered with regional CTPO governance functions on SAS-aligned exam, audit and other review RFIs and key issues as required.• Managed bi-annual SAS Audit activities and responses.• Facilitated reporting and communications related to SAS-aligned exam, audit, reviews and issues• Managed Risk & Control Self-Assessment (RCSA) and execute RCSA activities for SAS.• Managed issue identification and oversaw action plan remediation for risks and control deficiencies aligned to SAS.• Prepared materials and supporting documentation to assist Manager and/or acted as a delegate for management meetings, awareness sessions, global and regional activities and ad hoc forums as required.

Jun 2021 - Dec 2021

Vice President, Supplier Assurance

New York, Ny, Us

• Planned and executed third-party risk assessments of multiple suppliers to evaluate their overall operational and information security posture and specific application security posture, ensuring that the appropriate controls were in place to meet JPMC’s standards and requirements. • Tracked all assessments, remediations, and exceptions in JPMC’s implementation Archer GRC system branded as 4Site.

Sep 2019 - May 2021

Vice President, Information Security Risk Management

New York, New York, Us

• Oversaw the Manager's Control Assessment (MCA) and ensured that the appropriate risks, controls, tests and Key Risk Indicators (KRI) are in place and reported on.• Identified issues through proactive interactions with customers to ensure timely identification and reporting of control deficiencies via documented issue management practices• Ensured on-time remediation and appropriate management reporting of issue status and corrective actions.• Managed all audit-related activities including ensuring factual issue accuracy and documentation of corrective actions. • Partnered with other team members to provide MCA Governance for several CTI Global Functions.

Jan 2019 - Sep 2019

Na & Emea Information Security Compliance Manager

Plano, Texas, Us

• Served as North American and EMEA Information Security Compliance Lead, ensuring all internal, external and client audits and assessments were successfully completed in a timely fashion• Managed a global team of security and compliance professionals.• Responsible for successfully achieving and maintaining ISO/IEC 27001:2013 certification at several key NTT DATA Services Data Centers in the United States and the United Kingdom.• Conducted ISO/IEC 27001:2013 Internal Audits to ensure compliance with the ISO/IEC 27001:2013 standard.• Responded to customer Security Compliance questionnaires, assessment and audits for a variety of control standards including ISO/IEC 27001, HIPAA, HiTech, Sox, PCI DSS, among others.• Performed asset-based Risk Assessments to identify potential risks to NTT DATA Services’ operations and developed appropriate Risk Treatment Plans to mitigate any identified risks. • Managed NTT DATA Services’ Information Security Management System (ISMS), including coordination of the Vulnerability Assessment program, Asset Management, Risk Assessment, Continual Improvement, Security Monitoring, and Incident Response.• Ensured the alignment, accuracy, and compliance of all company policies, procedures, standards and methodologies with the company’s Information Security Management System (ISMS).• Conducted information security meetings to keep management updated on current identified risks and mitigation• Facilitated and drove Root Cause Analyses (RCA), identification of corrective and preventive actions, and closure follow-up for various information security problems and issues.

Mar 2018 - Dec 2018

Director, Data Security And Privacy

Shelton, Connecticut, Us

• Responded to all external third part risk assessment requests, and reduced turnaround time from several weeks to just a few days• Developed and performed third-party risk assessments on all vendors and clients who handled or may handle personal data• Conducted regular Privacy Impact Assessments on personal data processing systems, identified weaknesses and instituted corrective action plans• Effectively advised and trained Leaders and employees, and collaborated with the rest of the Data Privacy team on regulatory, industry and internal standards regarding personal data collection and transmission• Consistently delivered the highest quality customer service while responding to client inquiries and questions related to Data Privacy and Data Security matters from clients, panelists and data subjects• Managed a team of Data Privacy Professionals • Maintained a complete understanding of Data Privacy and Data Security issues and regulations, particularly relating to the Data Protection Act, EU-US Privacy Shield, and the EU’s GDPR• Reviewed system architecture, data flows, and process flows to ensure data is accessible to those needing such access at the same time ensuring that the date was fully protected• Reviewed and revised legal documents, as well as vendor and customer contracts • Worked with Network Security team to ensure proper data and information security controls were put in place to protect company data and intellectual property assets• Reviewed and revised as necessary all Data and Information Security policies and procedures to ensure alignment with business strategic, tactical and operational objectives• Collaborated with Product, Sales, Marketing and Client Services teams to guarantee service offerings were effectively and efficiently delivered to clients while simultaneously ensuring the confidentiality, integrity, and availability of the Company’s, its Member’s and its Client’s data.

Oct 2016 - Mar 2018

Manager, Third Party Security Risk Management

Purchase, New York, Us

• Accountable for the Information Security Group’s Risk and Compliance Objectives related to Information Security governance of contracts for third parties for the global organization. • Created overall strategy for defining and governing third parties in general, and information security requirements for contracts for security concerns, ensuring new contracts have the appropriate security verbiage in them.• Ensured compliance with various control standards including SOx, PCI DSS, and NIST 800-53, among others. • Drove a staffing model to execute contract reviews, monitoring, and auditing, along with remediation on a periodic basis.• Ensured Information Security requirements were consistently challenged to ensure that they remained relevant to the current threat environment.• Defined key governance indicators for third parties to ensure that they are in compliance with all governance indicators and/or metrics; provided reporting and trends to key organizations.• Planned and executed end-to-end Information Security assessments of multiple third-party organizations to evaluate their overall security posture, to validate that they had the appropriate controls in place to meet PepsiCo’s Information Security standards.

Mar 2015 - Oct 2016

Manager Of Compliance And Privacy

Irving, Texas, Us

• As a member of the Legal Affairs team, responsible for risk management, privacy and security compliance, and the audit engagement program which is focused on Healthcare IT, HIPAA and FISMA compliance. • Responsibilities include management, auditing, training, and development of enhancements to VHA's existing compliance program. • Consult with multiple departments to review security and compliance for their products and infrastructure in order to ensure regulatory and/or industry compliance is maintained. • Work with the security team and other business teams to document current and potential risk to ensure the appropriate controls are applied and documented as a part of the risk assessment/risk management process. • Manage any potential or actual breach of Protected Health Information (PHI). • Act as a trusted advisor for business units and interact when needed with member hospitals regarding privacy matters. • Monitor all state and federal regulatory requirements to ensure the VHA compliance program is up to date. • Work directly with the Legal team to ensure all contracts are compliant with state and federal requirements.

Sep 2014 - Mar 2015

Manager Of It Governance, Risk And Compliance

Milan, Italy, It

• Collaborated with business stakeholders to ensure a clear understanding of business strategies and priorities.• Fully accountable for the delivery of IT-enabled business solutions that addressed business requirements, in line with IT enterprise architecture and standards.• Established clear portfolio and project management processes to document, prioritize, select and track IT investments and their associated business value.•Managed both the IT capital and operational budgets in support of the yearly business cycle. • Owned the end-to-end process and worked with both business and IT stakeholders to gather all relevant information and document the business reasons for the investments. • Consolidated and reported on all active projects and operational expenses, forecasting future trend and possible variations.• Took ownership for the development, documentation, training, implementation and compliance audits of IT policies and processes including:••• Lead the effort with the business at large on understanding and adoption of End User policies including, but not limited to, the use of computing services and information security.••• Lead the IT team globally on IT policies related to access control, network security, information security, operations security, application development, and change management.• Lead cross-functional teams focused on the identification and management of risks, and the implementation of process improvement initiatives conducive to compliance requirements.• Documented, tested and maintained Business Continuity and IT Disaster Recovery plans, minimizing risk and potential downtime. • Facilitated both internal and external audits. • Lead the Sarbanes-Oxley (Sox) initiatives within the IT community globally to ensure proper control, documentation, proficiency, and segregations of duties were exhibited and that proper compensating controls were in place when required.

May 2013 - Feb 2014

Manager, Network Security & Disaster Recovery Planning

Chicago, Illinois, Us

• Managed a globally distributed team of Network Security & Disaster Recovery Focal Points.• Developed and managed the Project Plan for all global annual Disaster Recovery Testing.• Implemented processes and procedures to deal with network vulnerability identification and remediation.• Analyzed and responded to a variety of threats that could potentially impact the corporate network and enterprise.• Coordinated the scheduling and development of comprehensive Disaster Recovery Plans (DRP) and Business Continuity Plans (BCP) for over 600 global IT applications and countless Business functions.• Researched, recommended, and helped implement various technology, facility, and personnel solutions to ensure Business Resiliency, and to provide Business Continuity in the event of a disaster. • Worked with Business Units and other IT Staff to conduct Risk Profiles, Risk Assessments (RA) and Business Impact Analyses (BIA).• Prepared numerous Business Continuity and Disaster Recovery Plans.• Maintained BIAs, RAs, BCPs, and DRPs in Strohl/Sungard’s Living Disaster Recovery Planning System (LDRPS)• Performed Table-top, Simulation, and Failover Disaster Recovery tests to exercise the functionality of DR Plans. • Served as departmental Sarbanes-Oxley (SOx) lead and Subject Matter Expert, analyzing and fulfilling SOx audit requests from both internal and external auditors, and legal and other entities.• Performed Quality Control Analyses on audited items and auditor’s findings. Made recommendations related to the viability of audit requests and determined whether audit requests were inappropriate.• Served as a team member, and assisted with the design, development, implementation, and training for the global roll-out of policies, processes and procedures related to the implementation of various ITIL functions.

Jun 2006 - Mar 2013
3 education records

Joe P. education

Mba, Business Management, Marketing & Finance

Nova Southeastern University

Bsc, Computer Science, Minor In Photography

City University Of New York-College Of Staten Island

Regent’S Diploma, Math And Science

Stuyvesant High School
FAQ

Frequently asked questions about Joe P.

Quick answers generated from the profile data available on this page.

What company does Joe P. work for?

Joe P. works for Choreograph.

What is Joe P.'s role at Choreograph?

Joe P. is listed as Cybersecurity Compliance Leader & Deputy CISO @ Choreograph | CISSP, CRISC, CISA, CGEIT, CBCP, ASSOC C|CISO, PMP, HITRUST, ISO27001. at Choreograph.

What is Joe P.'s email address?

AeroLeads has found 1 work email signal at @jpmchase.com for Joe P. at Choreograph.

What is Joe P.'s phone number?

AeroLeads has found 4 phone signal(s) with area code 214 for Joe P. at Choreograph.

Where is Joe P. based?

Joe P. is based in Dallas-Fort Worth Metroplex, United States while working with Choreograph.

What companies has Joe P. worked for?

Joe P. has worked for Choreograph, Jpmorgan Chase & Co., Citi, Ntt Data Services, and Dynata.

How can I contact Joe P.?

You can use AeroLeads to view verified contact signals for Joe P. at Choreograph, including work email, phone, and LinkedIn data when available.

What schools did Joe P. attend?

Joe P. holds Mba, Business Management, Marketing & Finance from Nova Southeastern University.

What skills is Joe P. known for?

Joe P. is listed with skills including Disaster Recovery, Security, Itil, It Service Management, Business Continuity, Management, Program Management, and Project Management.

Find 750M verified contacts

Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.