AeroLeads people directory · profile

John Whiting Email & Phone Number

CISO, Security, Risk, and Privacy Business Executive at Omnicom
Location: Bronx, New York, United States 12 work roles 1 school
1 work email found @ddb.com 8 phones found area 718, 646, 212, 347, and 415 LinkedIn matched
✓ Verified Jul 2026 4 data sources Profile completeness 100%

Contact Signals · 1 work email · 8 phones

Work email j****@ddb.com
Direct phone (718) ***-****
LinkedIn Profile matched
3 free lookups remaining · No credit card
Current company
Role
CISO, Security, Risk, and Privacy Business Executive
Location
Bronx, New York, United States

Who is John Whiting? Overview

A concise factual answer block for searchers comparing this professional profile.

Quick answer

John Whiting is listed as CISO, Security, Risk, and Privacy Business Executive at Omnicom, based in Bronx, New York, United States. AeroLeads shows a work email signal at ddb.com, phone signal with area code 718, 646, 212, 347, 415, and a matched LinkedIn profile for John Whiting.

John Whiting previously worked as Global Director Cyber Risk at Omnicom and Global Chief Security Officer (CSO) at Ddb. John Whiting holds Bs, Legal Studies from John Jay College (Cuny).

Company email context

Email format at Omnicom

This section adds company-level context without repeating John Whiting's masked contact details.

{first}.{last}@ddb.com
86% confidence

AeroLeads found 1 current-domain work email signal for John Whiting. Compare company email patterns before reaching out.

Profile bio

About John Whiting

Highly skilled Information Security Executive and Technologist with over 20 years of experience. Proven track record in Information Security Executive roles, including two Information Security Officer positions at prestigious global multinational holding companies. Adept at risk management, cyber security, incident response, data protection, and compliance. always, seeking to leverage my expertise and experience to drive meaningful impact and secure enterprise systems, utilizing cutting-edge technology and innovative solutions.As a visionary leader, I have expertise in directing risk management initiatives and establishing, implementing, and enhancing information security objectives, including compliance with ISO 27001 and NIST frameworks, alone with regulatory requirements. I am a natural problem-solver who has a unique ability to translate technical security concepts into business-driven solutions. My exceptional communication skills enable me to effectively collaborate with cross-functional teams, from executives to technical personnel, to ensure seamless implementation of security and risk management strategies. I have a wealth of experience presenting to board of directors and executive management on organization risk and cyber programs, effectively communicating complex technical information in a manner that is easily understood.As a key member of the executive team, I bring a wealth of knowledge and experience in both security and risk management to the table. I have been a certified CISA and CISSP professional for over 15 years, demonstrating my commitment to professional development and expertise in the field.As a seasoned Cyber & Risk executive, I am deeply committed to professional development and have had the privilege of serving on numerous advisory boards, including Security Current, Evanta, C-Vision, and SINC. My involvement in these groups has provided me with invaluable opportunities to collaborate with other cyber professionals, share best practices, strategies, and experiences, and continuously enhance my skills and knowledge. I have been actively engaged in developing strategic content for CISOs and cyber professionals, aimed at addressing the challenges and trends that impact our industry, and have been recognized for my contributions to the field.In addition to my involvement in these advisory boards, I am always seeking new opportunities to expand my knowledge and stay up-to-date with the latest developments in cyber security and risk management.

Listed skills include Network Security, It Governance, Disaster Recovery, Risk Assessment, and 41 others.

Current workplace

John Whiting's current company

Company context helps verify the profile and gives searchers a useful next step.

Omnicom
Omnicom
CISO, Security, Risk, and Privacy Business Executive
AeroLeads page
12 roles

John Whiting work experience

A career timeline built from the work history available for this profile.

Global Director Cyber Risk

Current

New York, Ny, Us

I was recruited by the newly appointed Chief IT Risk Officer to spearhead the global cyber risk management initiative for the Omnicom enterprise. In this role, I was tasked with developing and maturing the risk program, which involved working closely with various stakeholders across the organization to identify, assess and prioritize cyber risk, and implement effective risk mitigation strategies. With my expertise in cyber security and risk management, I was able to build a robust program that helped the Omnicom enterprise stay ahead of emerging cyber threats and maintain its reputation as a trusted and secure organization. As a co-author of the Omnicom Risk Management Framework, I align the comprehensive risk lifecycle framework with ISO 31000 risk methodology to provide a systematic and flexible approach to managing risk. This framework helps Omnicom identify, assess, and prioritize risks, and develop and execute effective risk management strategies. It also provides guidelines and general principles for risk management processes, including risk identification, analysis, evaluation, treatment, and monitoring. I keep up-to-date with emerging cyber threats and regulatory requirements, seamlessly incorporating this knowledge into Omnicom's cyber risk program. I work closely with the incident response team to provide intelligence on increased emerging threats, which are added to the risk register and presented to the risk committee. As the owner of Omnicom's integrated risk management system, I design and integrate a holistic and automated approach to risk assessment and management across the enterprise, including numerous certification frameworks and risk acceptances. I manage risk and assessments for Omnicom's Corporate ISO 27001 and ISMS and effectively manage risk findings, corrective actions, and non-conformities. I also collaborate with internal stakeholders to manage ISO risk.

Dec 2021 - Present

Global Chief Security Officer (Cso)

Ddb

New York, Ny, Us

Responsible for overseeing Governance, Risk, and Compliance (GRC), Enterprise Security Services, Strategy, Reporting and Architecture, and Security Operations. I managed industry standards certification programs for ISO 27001 and TISAX.I successfully developed and implemented a comprehensive Global Cyber Program at DDB Worldwide, using a consistent methodology and processes for handling confidentiality, integrity, and availability that aligned with the corporate strategy. I collaborated with legal, the technology organization, agency operations, affiliates, partners, third parties, auditors, and CFOs to ensure corporate and contractual/regulatory Cyber and Privacy standards were represented and compliant. I was responsible for managing all incident response activities, leading investigations of events, and coordinating internal and external resources for containment and mitigation of attacks.I scheduled quarterly calls with regional executive management teams to address any cyber or privacy related questions and issues. I also consulted on new client and third-party contractual requirements, incidents in their region, and new cyber and risk trends to keep them informed.I advised DevOps teams on creating new pipelines and runbooks that were compliant with corporate security standards to support a cloud native environment. I refactored their processes, guidelines, and IAM to address Dev-SecOps challenges.As part of my continuous improvement strategy, I reduced risk significantly in business processes by requiring business operational runbooks that documented business processes and nomenclatures, and aligned them with security standards, contractual, policy, and regulatory requirements.Developed a global Business Continuity and Crisis Management Program in the first year, and matured the program by executing Business Impact Analyses, Security Impact Analyses, and annual tabletop exercises.Regenerate response

Jun 2015 - Dec 2021

Director Of Information Security, Business Information Security Officer Global Corporate

Aig

New York, Ny, Us

AIG is a Fortune 500 insurance company with more than 88 million customers in 130 countries.As a seasoned executive with a proven track record, I was handpicked to serve as the inaugural BISO for AIG Corporate, following the directive of the federal oversight monitor. As a dynamic and contributing member of the AIG BISO Council, I played a crucial role in governing the company's Policy & Standards. I brought my expertise in global information security and consultancy to the corporate management team, offering strategic leadership and direction. I effectively managed a diverse team, including direct reports, offshore consultants, and a shared services infrastructure, to support the implementation of AIG's Information Security program across multiple corporate business units. Additionally, I served as the security representative on AIG's Privacy Board, headed by the Chief Privacy Counsel, demonstrating my expertise in data protection and privacy. I managed over thirty thousand vendors in the corporate Third Party Risk Management program, implementing cutting-edge network, device, and unstructured DLP technologies for maximum data security. I also led the internal application security program, with a focus on lifecycle management and ensuring BISO approval for all implementations, purchases, and developments. I infused InfoSec governance, consulting, and approvals into all internal and third-party projects, mitigating risks and securing risk acceptance from the appropriate level of management

May 2011 - May 2015

Independant Consultant

Menlo Park, California, Us

As a seasoned and proficient consultant, I efficiently performed independent assessments and risk mitigation for renowned multinational financial and pharmaceutical organizations. I actively engaged with esteemed client executives and contract signatories to clearly define the scope of their contracts and interactions with third parties and relevant data. Through diligent assessments, I accurately determined the data classification levels and evaluated the controls in place to safeguard the data. I meticulously reviewed all relevant policies and processes to guarantee adherence to industry standards and thoroughly audited vendor compliance. I expertly presented comprehensive assessment and remediation reports, detailing findings and risk levels to executives, and provided actionable third-party risk management reports aligned with ISO controls. These reports enabled executives to make informed decisions on whether to utilize the vendor or necessitate remediation of controls or corrective actions in contracts.

Aug 2010 - May 2012

Security Assessment Consulting Coordinator

New York, New York, Us

New York Life Insurance Company (NYLIC) is the largest mutual life-insurance company in the United States, and one of the largest life insurers in the world.Recruited by New York Life's Group Administration Members Department to lead and oversee Third-Party Vendor Assessments for Third Party Administrators and Vendors. My role involved representing the group as an independent expert on all matters related to Information Security to the NYLIC's Security Review Board. I successfully implemented controls to protect PII and PHI data, ensuring compliance with HIPAA Business Associate agreements and verified URAC and PCI certifications where applicable.

Jan 2011 - May 2011

Vp It & Security

Inform Technologies

As a technology and security executive with a proven track record of success, I provided visionary executive guidance and strategic direction to a complex SAS web services environment with over 2,000 physical nodes. I expertly navigated multiple colocation and managed service facilities to ensure seamless operations, and my innovative risk management, IT governance, and resiliency planning programs were instrumental in achieving and exceeding our contractual 99.999% uptime commitment and ensuring secure resiliency. My exceptional leadership skills were demonstrated by my effective management of a talented internal team of 8 staff members and the successful management of an annual operations budget of $25 million, while also negotiating contracts and managing relationships with all data centers. I was responsible for ensuring IT and security resiliency and created an overarching security program to align with client requirements and audits. My innovative approach to cost management resulted in a 60% reduction in storage Opex costs annually by leveraging new-to-market virtual storage appliances over costly monolithic and extensive storage providers. This achievement highlights my exceptional ability to drive results, make a tangible impact on the bottom line, and demonstrate strong competencies in areas such as strategic planning, risk management, team leadership, vendor management, and IT resiliency.

Jun 2007 - Apr 2009

Director Of Networking And Security

Inform Technologies
Aug 2006 - Jun 2007

Director Networking / Security Pch.Com

Jericho, Ny, Us

As the Director of IT & Security at PCH.com, I made a significant impact in ensuring the company's web infrastructure was secure and modernized. My expertise in infrastructure design resulted in the creation of a highly redundant and resilient system, with a focus on continuous improvement through standard operating procedures. During peak times, PCH.com, a result of its highly successful TV campaigns, faced the challenge of maintaining 100% uptime, as mandated by a US Attorney General order, arising from a gaming lawsuit settlement.I displayed exceptional leadership skills while managing both internal employees and augmented staffing, resulting in a well-functioning IT department. My expertise in security was demonstrated by my successful implementation of secure web proxying and regional load balancing, ensuring the security of the largest Microsoft ASP web farm at the time, as well as streamlining content management processes.

Jul 2000 - Jul 2006

Manager, Windows Security Team Nyc

In

As a Senior Windows Security Consultant for NYC Board of Education's Project Connect, I played a crucial role in securing the largest Microsoft NT domain in the world at the time. My responsibilities included implementing web filtering and multilevel policies for internet access across all schools. I established and managed the organization's Windows Security practice, taking full responsibility for analyzing, designing and deploying security tools, including security monitoring and alerting, to minimize risks and vulnerabilities. I provided expert consultation on a wide range of security solutions, including web filtering, auditing, vulnerability assessments, and forensics to clients. My scope of work encompassed team building and leadership, staffing and training, project and engagement management, business development, product development and rollout, and building and maintaining strong relationships with clients and partners. I successfully led a team of five engineers, recruiting and training them to achieve our security objectives

Jun 1999 - Jul 2000

Associated Mis Director Of Hardware And Telecommunications

New York City, Us

Oct 1996 - Apr 1999

Campus Technology Represnitive

Ibm

Armonk, New York, Ny, Us

Aug 1990 - Dec 1992
1 education record

John Whiting education

  • John Jay College (Cuny)
    John Jay College (Cuny)
    Legal Studies
FAQ

Frequently asked questions about John Whiting

Quick answers generated from the profile data available on this page.

What company does John Whiting work for?

John Whiting works for Omnicom.

What is John Whiting's role at Omnicom?

John Whiting is listed as CISO, Security, Risk, and Privacy Business Executive at Omnicom.

What is John Whiting's email address?

AeroLeads has found 1 work email signal at @ddb.com for John Whiting at Omnicom.

What is John Whiting's phone number?

AeroLeads has found 8 phone signal(s) with area code 718, 646, 212, 347, 415 for John Whiting at Omnicom.

Where is John Whiting based?

John Whiting is based in Bronx, New York, United States while working with Omnicom.

What companies has John Whiting worked for?

John Whiting has worked for Omnicom, Ddb, Aig, Protiviti, and New York Life Insurance Company.

How can I contact John Whiting?

You can use AeroLeads to view verified contact signals for John Whiting at Omnicom, including work email, phone, and LinkedIn data when available.

What schools did John Whiting attend?

John Whiting holds Bs, Legal Studies from John Jay College (Cuny).

What skills is John Whiting known for?

John Whiting is listed with skills including Network Security, It Governance, Disaster Recovery, Risk Assessment, Management, Information Technology, Governance, and Business Continuity.

Find 750M verified contacts

Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.