Johann Van Duyn

Johann Van Duyn Email and Phone Number

Global Chief Information Security Officer | CISO | CIO | Cyber Security | Strategy | Architecture | Risk | Policy | Governance | Transformation | NIST CSF | ISO 27001 | PCI DSS | Helping You Do You... Securely. @ DO & CO AG
Johann Van Duyn's Location
Kings Langley, England, United Kingdom, United Kingdom
Johann Van Duyn's Contact Details

Johann Van Duyn work email

Johann Van Duyn personal email

Johann Van Duyn phone numbers

About Johann Van Duyn

MY EXPERTISE25+ years as an IT and cyber security professional and leader providing accessible expert service to companies across multiple industries ranging in scope from local to multinational, small to massive, highly regulated to unregulated, and extremely high to non-existent capability and process maturity.Roles ranging from highly technical to deeply human, narrowly focused to all-encompassing, and short-term imperative to long-term strategic.Multiple engagements to assist organisations that have suffered serious cyber security breaches, near-extinction-level regulatory scrutiny, or severe capability failure in transforming their cyber security narratives from ones of existential failure to ones of business-enabling success in the shortest timeframes possible - and excel at such challenges.I have worked closely with global, regional, and country CISOs, CROs, CIOs, BISOs, and Board members to plan and deliver cyber security transformation, and continue to do so with a high degree of efficacy, efficiency, and architectural elegance as a CISO.INDUSTRY EXPERTISEFast-Moving Consumer Goods | Financial Services | Education | Regulation | Catering | Legal Services | Consultancy | Professional Services | Managed Services | Stock Exchange | Gaming | Advertising TechnologyMY SPECIALITIESCyber Security Vision | Cyber Security Strategy | Cyber Security Communication | Security Transformation Strategy | Cyber Risk Management | Information Security Policy | Security Standards | Security Architecture | Security Operations | Security Engineering | Third Party / Vendor Risk Management | Cyber Incident Management & Response | Cloud Security Strategy | Cyber Security Execution | Building High-Achieving Teams | Growing Great Leaders | Mentoring and Coaching | Mergers & Acquisitions | Threat Intelligence | Advisory, Guidance, & ConsultancyMY KEYWORDSCISSP (2001 - 2007) | CIS 18 | NIST CSF | ASD Strategies | ISF SOGP | ISO 27001, 22301, 31000 | SOC2 | COBIT | PCI DSS | GDPR | SABSA | AWS | Azure | CSPM | CNAPP | SDLC | CSIRT | DFIR | BA Psychology & PhilosophyMY PHILOSOPHYI believe in asking the difficult questions and digging until truth is found, and then communicating the truth to stakeholders as pithily as possible without losing its essence. This is the only way that truth and sense stand a chance against rumour and falsehood.I embrace the pursuit of excellence, efficacy, efficiency, and elegance in all things.I gaze deeply into the abyss, whisper to elephants in rooms, stir pots, open cans, lift up rocks, and tip sacred cows.I love motorcycles.

Johann Van Duyn's Current Company Details
DO & CO AG

Do & Co Ag

View
Global Chief Information Security Officer | CISO | CIO | Cyber Security | Strategy | Architecture | Risk | Policy | Governance | Transformation | NIST CSF | ISO 27001 | PCI DSS | Helping You Do You... Securely.
Johann Van Duyn Work Experience Details
  • Do & Co Ag
    Chief Information Security Officer (And Then Some)
    Do & Co Ag Jul 2021 - Present
    Vienna, At
    [Interim CIO between December 2023 and September 2024]Owner of the information security, cyber security, and information risk strategy.Enabler, mentor, teacher, coach, and waterproof shoulder to my team and colleagues.Overseer of all information security, cyber security, and information risk initiatives.Final subject matter expert on all matters relating to information security, cyber security, and information risk.Agent of Doom.
    View
  • Writing A Novel
    Author-In-Hiding
    Writing A Novel Mar 2013 - Present
    A science fiction narrative exploring the psychology of impending first contact with an extra-terrestrial starfaring civilization. Sadly, the story keeps beating me up - but I will prevail.
  • Oracle
    Senior Principal Cyber Defence And Incident Response Lead
    Oracle Mar 2020 - Jul 2021
    Austin, Texas, Us
    Senior Principal Cyber Defence and Incident Response Lead
    View
  • Financial Conduct Authority
    Security Operations Technical Specialist
    Financial Conduct Authority Nov 2018 - Aug 2019
    Stratford, London, Gb
    View
  • Itc Secure
    Senior Consultant (Contract)
    Itc Secure May 2018 - Aug 2018
    London, London, Gb
    Multi-Discipline SMEActed as a senior consultant and multi-domain subject matter expert on a client engagement with a leading global health insurance provider.Engagement dimensions included policy and standards development aligned to NIST Cyber Security Framework and CIS Critical Security Controls, threat intelligence, digital forensics and the use of cryptography.
    View
  • Morae Global
    Associate Director - Information Security
    Morae Global Aug 2017 - Apr 2018
    Houston, Tx, Us
    Acted as global lead security architect and global lead on IT risk management, as well as deputy to the CISO of a legal services and eDiscovery company providing services to large financial, energy, manufacturing, life sciences and legal clients.Acted as senior domain expert in all areas of information security, co-developing vision, budget, and strategy with the CISO and providing advice, assistance and mentoring to colleagues as required.Developed, maintained and oversaw the security risk assessment and security risk management methodology, template set and capabilities across the organisation.Recommended and provided advanced input into risk treatment options for identified risks, ensuring that these tie into the corporate security architecture.Investigated security requirements across the organisation, then researched, recommended, architected, designed, refined and eventually oversaw implementation and integration of security measures including SOC as a Service (Managed Detection and Response Service), Security Metrics, Vulnerability Management, Endpoint Protection and Threat Intelligence.Developed and maintained supplier security questionnaires and conduct supplier security assessments.Reviewed and directed remediation of Microsoft Azure / Office365 security and data loss prevention posture and InTune mobile device management policies encompassing all Office365 services including Exchange, OneDrive, Skype, SharePoint.Provided leadership, development and integration into corporate practices of new security capabilities and technologies. Trained and mentored team members and management in technical details and methodology as well as practical application of new security capabilities.
    View
  • Acxiom
    Expert Security Architect | Eu It Security And Compliance
    Acxiom Oct 2016 - Aug 2017
    Conway, Arkansas, Us
    Provided operational support and subject matter leadership and expertise to all information and cyber security efforts within Acxiom. Developed and maintained supplier security questionnaires and conducted supplier security assessments.Provided leadership, development and integration into corporate practices of new security capabilities and technologies. Trained and mentored team members and management in technical details and methodology as well as practical application of new security capabilities.Architected, designed, documented and implemented new security technologies including DLP, Threat Intelligence Feed Aggregation, Log Aggregation, SIEM, Security Metrics, Enterprise Data Obfuscation and Vulnerability Management.
    View
  • Pearson Plc
    Senior Threat Manager
    Pearson Plc Nov 2014 - Sep 2016
    London, Gb
    Vulnerability Management SMERisk Assessment SMEThreat Intelligence SMEProvided operational support and subject matter leadership and expertise to vulnerability management efforts within Pearson. Provided advanced and custom data views, visualisations and integrations to global patching programmes to highlight concerns and track progress.Provided leadership, development and integration into corporate practices of the Global Threat Management Risk Assessment Process and Methodology and conduct and/or lead risk assessments using that process and methodology. Trained and mentored team members and management in technical details and methodology as well as practical application of threat and risk assessments. Expanded risk assessment activities and capabilities to include security architecture assessments and architectural / process risk assessments.Collaboratively led development and implementation of an updated Threat Intelligence Process, covering all aspects of the process from threat intelligence monitoring through research, threat / risk assessment, advisory generation and response. Led, collaborated, designed and provided expertise in the development of a Threat Intelligence Service and Threat Analyst Workbench comprised of a combination of free and vendor tools and services.
    View
  • Pearson Plc
    Contractor - Security Operations
    Pearson Plc May 2014 - Oct 2014
    London, Gb
    Vulnerability Management SMERisk Assessment SMEThreat Intelligence SMEProvided operational support and subject matter expertise to vulnerability management efforts within Pearson, owning and managing the interface between Global Threat Management and the global programme of application assessment, remediation and migration, and running Qualys vulnerability assessment scans related to the programme.Developed a Global Threat Management Risk Assessment Process and conducted risk assessments using that process and presented the results to the appropriate security and governance boards together with recommendations. Developed a draft Compliance Management Process for Global Threat Management in preparation for automated compliance assessment scanning using Qualys.
    View
  • Itc Global Security
    Information Security Architect
    Itc Global Security Mar 2014 - Apr 2014
    London, London, Gb
    Developed global reference architectures and implementation roadmaps for a large FTSE 100 multinational FMCG client covering:- Vulnerability Management- Dynamic Threat Awareness and Threat Intelligence- Privileged Access Management
    View
  • Betfair
    Operational Security Monitoring Specialist
    Betfair Sep 2013 - Feb 2014
    London, England, Gb
    Provided subject matter expertise to guide enhancements to Betfair’s internal vulnerability management service.Developed and implemented a contextual vulnerability criticality modifier and measurement system based on metrics and criteria relevant to the Betfair environment.Developed an internal vulnerability management contextualization tool (Django / Python web app on Nginx / MySQL / Linux) based on SCAP standards including CVE, CPE, CVSS and preparation for CCE and CCSS.Developed a Threat and Vulnerability Management Improvement Plan for implementation in Betfair, including:• Stakeholder Engagement and Requirements Definition• Stakeholder-Specific Reporting (e.g., business vs. technical stakeholders)• Trend Reporting and RAG Dashboard• Move from Technical Reports to Business Reports• Balance Between Security Imperative and Maintenance Impact• Infrastructure Vulnerability Mapping• CMDB Integration
    View
  • Agilisys
    Independent Contractor (Bid Support)
    Agilisys Jun 2013 - Aug 2013
    London, Gb
    Information Security Bid Support
    View
  • Agilisys
    Head Of Managed Services Security
    Agilisys Apr 2011 - Feb 2013
    London, Gb
    Led information security strategy, architecture and management across Agilisys’ own as well as customer environments.Acted as final authority and ultimate resource for all matters relating to information security and information assurance across Agilisys business units and customer base – a heady mix of strategic, business development, technical, architecture, audit and compliance responsibilities.Managed full spectrum of information security activities including Risk Management, Vulnerability Management, Intrusion Prevention, Network Security, System Security, Endpoint Security, Encryption, Event and Incident Logging and Management, Compliance Management, etc. at a senior level within Agilisys as well as on behalf of Agilisys’ customers.Provided extensive input into Business Development and Customer Relationship Management efforts as they related to information security, including bids and proposals, customer relationship meetings, work/project management and lead development.Provided information security consultation and risk assessment / management services to Agilisys business units and customers and provided oversight of consultation and services provided by direct reports.Managed certification to, compliance with, and audits against standards and regulatory frameworks on behalf of Agilisys and its customers, including ISO 27001, ISO 22301, PCI DSS, HMG SPF, GCSx / PSN CoCo, DWP MoU, NHS IGSoC.Led internal audit efforts against ISO standards and regulatory frameworks across Agilisys and its customers.Developed and managed Business Continuity, Disaster Recovery and Crisis Management plans for Agilisys and its customers.Managed, matrix managed, mentored and coached a small staff of information security personnel including direct and indirect reports.
    View
  • Agilisys
    Group Security Manager
    Agilisys Apr 2008 - Apr 2011
    London, Gb
    Information Security ManagementInformation Risk ManagementISO 27001 Management
    View
  • Information Security Wetworx
    Owner
    Information Security Wetworx Jan 2007 - Apr 2008
    Information and technology security and control consulting.Development of vulnerability management training materials for a large security software vendor.
  • British American Tobacco
    Global It Security Technology Architect
    British American Tobacco May 2001 - Dec 2006
    London, Gb
    Enterprise architect responsible for global IT security policy, strategy, architecture and planning for this multinational, spanning 45,000+ users in 180+ countries.Implemented global EnCase Enterprise, and performed numerous acquisitions and forensic investigations in support of Group Security investigations.
    View
  • The Appleton Group
    It Network Manager
    The Appleton Group 1998 - 2001
    Network and IT Security Management
  • Uncle Ben'S Cafe
    Client Selection Officer / Manager
    Uncle Ben'S Cafe Jan 1994 - Aug 1998
    Responsible for "selection" and "deselection" of clientele in order to provide a safe atmosphere for patrons of this busy nightclub in Stellenbosch.Nightclub General Manager from 1996 to 1998.

Johann Van Duyn Skills

Information Security Management Information Security Security Iso 27001 Security Policy Business Continuity Cissp Security Management Network Security Pci Dss Computer Security Incident Management Information Technology Data Security It Strategy It Management Risk Management Risk Assessment Security Audits It Audit Vulnerability Assessment Security Awareness Governance Vulnerability Management Penetration Testing Firewalls Cloud Computing Vmware Computer Forensics Disaster Recovery Managed Services Ceh Cloud Security Pki Bs25999 Technical Architecture Intrusion Detection Business Continuity Planning Information Security Policy It Governance Iso 22301 Compliance Management Intrusion Prevention Solution Design Management Consulting Strategy Encase Payment Card Industry Data Security Standard

Johann Van Duyn Education Details

  • Stellenbosch University
    Stellenbosch University
    Ancient Near Eastern Studies
  • Afrikaanse Hoërskool Durban-Noord
    Afrikaanse Hoërskool Durban-Noord
    Accounting

Frequently Asked Questions about Johann Van Duyn

What company does Johann Van Duyn work for?

Johann Van Duyn works for Do & Co Ag

What is Johann Van Duyn's role at the current company?

Johann Van Duyn's current role is Global Chief Information Security Officer | CISO | CIO | Cyber Security | Strategy | Architecture | Risk | Policy | Governance | Transformation | NIST CSF | ISO 27001 | PCI DSS | Helping You Do You... Securely..

What is Johann Van Duyn's email address?

Johann Van Duyn's email address is jo****@****ail.com

What is Johann Van Duyn's direct phone number?

Johann Van Duyn's direct phone number is +4479054*****

What schools did Johann Van Duyn attend?

Johann Van Duyn attended Stellenbosch University, Afrikaanse Hoërskool Durban-Noord.

What are some of Johann Van Duyn's interests?

Johann Van Duyn has interest in Children, Technology, Civil Rights And Social Action, Console Gaming, Education, Computer, Science And Technology, Sociology Of Knowledge, Martial Arts, Existential Philosophy.

What skills is Johann Van Duyn known for?

Johann Van Duyn has skills like Information Security Management, Information Security, Security, Iso 27001, Security Policy, Business Continuity, Cissp, Security Management, Network Security, Pci Dss, Computer Security, Incident Management.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.