John Waldron Email & Phone Number

Caerphilly, GB

• Information Security Lead, Jardine Motors Group (co Porsche Centre Colchester) – Lithia, Inc.Lithia, Inc., a nationwide car dealership headquartered in Medford, Oregon, operates 291 outlets and serves a workforce of.
• Leadership & Team Development: Spearheaded a collaborative team of cybersecurity experts, fostering a culture of innovation and continuous knowledge sharing.
• Security Enhancements: Managed security tools and implemented advanced email security protocols to safeguard organisational communication channels.
• Threat Intelligence & Proactive Defence: Kept the organisation ahead of emerging threats through active threat intelligence collection and analysis, ensuring comprehensive vulnerability management.
• Project Oversight: Led critical IT security projects, embedding security good practices at every project phase and championing security considerations throughout the organisation.
• Process Development: Contributed to the creation and refinement of security procedures, integrating technical insights to fortify defences against sophisticated threats.

GB

• Information Security Lead, Principality Building SocietyFounded in 1860, with £11 billion in assets, Principality Building Society is the sixth-largest in the UK and a key sponsor of Welsh rugby. In my hybrid role at.
• Solution Completion & Automation: Finalised the deployment and automation of an advanced penetration testing platform and APT simulator.
• Collaboration & Remediation: Worked with IT security and key stakeholders to drive remediation efforts for identified vulnerabilities.
• Threat Intelligence & Monitoring: Managed alerting, monitored threat intelligence for intellectual property risks, and handled infringements.
• ISMS Oversight: Maintained and enhanced the Information Security Management System (ISMS), updating policies and standards.
• Ethical Hacking Strategy: Led the third-party penetration testing strategy, focusing on industry engagements to assess and improve security controls.

London, GB

• Information Security Lead, DS Smith Group PlcDS Smith Group Plc, a FTSE 100 company and a leader in sustainability, operates in 37 countries with a workforce of nearly 32,000. As a key supplier of packaging solutions.
• Collaboration & Risk Mitigation: Partnered with the IT community and external vendors to ensure security measures met policy standards and identified critical risks, recommending improvements.
• Global Compliance: Worked with global IT, operations, and solutions teams to maintain secure, compliant services across all business areas.
• Security Change Management: Managed security changes, minimising business risk and ensuring seamless IT service performance.
• Penetration Testing & Vulnerability Management: Coordinated penetration tests on network devices, operating systems, and applications, developing processes for ongoing security assessments.
• Application Security: Led application security assessments of 20 externally visible web applications, focusing on OWASP Top 10 vulnerabilities and guiding remediation efforts.

London, GB

• Information Security Risk LeadWorking closely with the Group Head of Governance and Security, leadership, and key stakeholders, I was responsible for assessing risks related to the use, processing, storage, and.
• Policy Compliance & Risk Mitigation: Collaborated with IT partners and the wider community to ensure security measures aligned with policy requirements, identifying and addressing critical risks.
• Security Awareness & Training: Developed and delivered comprehensive security awareness and training programmes to cultivate a security-conscious culture.
• Global Security & Compliance: Worked with global IT, operations, and solutions teams to ensure services remained secure and compliant with regulatory standards.
• Change Management: Led security change initiatives, ensuring minimal risk and impact on business operations.
• Penetration Testing & Vulnerability Management: Coordinated with external vendors to conduct penetration tests and vulnerability assessments, analysing results and driving remediation.

London, GB

• Infrastructure LeadIn this role, I led escalations and root-cause analysis for production issues, ensuring timely resolutions. A key achievement was migrating the Citrix farm from XenApp 6.5 to a centralised data.
• Infrastructure Management: Led server and client builds, managed system administration tasks, including user accounts, group policy objects, DFS file shares, telecom's, VLAN configurations, DHCP, DNS, and backups.
• Network Administration: Managed Layer 2 and Layer 3 switch technology, ensuring smooth operations and optimal network performance.
• Incident Management: Prioritised escalated incidents, communicating impact to stakeholders, collaborating with support teams to resolve issues, and conducting postmortems for future prevention.
• Process Automation: Scripted asset discovery processes in preparation for an organisation-wide convergence project.
• Collaboration & Optimisation: Worked with vendor teams to enhance operational efficiency and user experience, refining procedures and providing feedback for continuous improvement.

Abercynon, GB

• Cwm-Taf Morgannwg University Health Board is a healthcare organisation based in South Wales, employing nearly 12,000 staff and providing services to approximately 450,000 residents across three county boroughs.
• Implemented AES256 FIPS 140-2 compliant encryption on over 500 devices.
• Migrated the existing anti-malware system to a new solution.
• Installed and configured removable media encryption, as well as port, storage, and hybrid network bridging controls.
• Manually disabled auto-run features to prevent threat actor propagation.IT Support Officer
• Provided desktop support across four sites, including executive support for Head Office and Welsh Health Specialised Services.