I’m Jon.
Since 2000, I have worked in the information technology field, spending the first 13 years of my career in a number of diverse roles across several industry sectors. I began in tech support, working at a call center and then later at a data center. I spent five years working my way up to systems and network administration for a technology startup, and during that time I event spent some time as a .NET developer. During those first 13 years, I was exposed to a great deal of what are now legacy technologies and platforms and they included Oracle Unix, DB2, z/OS, JCL, COBOL, .NET, Sun Systems, and a whole plethora of old and dated acronyms we hardly even use anymore. I developed multiple compiled and web applications for manufacturing firms and electric utility providers, and to my knowledge they continued to be used well beyond my tenure at those employers.
Starting in 2011, I began my transition to cybersecurity by serving as an information security analyst at a regional bank, where I performed technology risk assessments on third parties and upon internally used applications. I served in this role until 2017, when I decided to pursue my Qualified Security Assessor (QSA) with a small consulting firm which had recently been accepted as a QSA firm. Since that time, I moved to a Certified Public Accounting firm, where I performed cybersecurity risk, PCI DSS and PCI 3DS assessments. As a manager at that firm I served a high performing team of talented individuals who in turn helped me to serve my clients.
In December 2024, I was thrilled to return to industry where I am now able to leverage my experience as a practitioner and auditor to help my colleagues, customers, leadership, and stockholders to protect my organization’s assets and information.
In addition to PCI QSA and PCI 3DS, I hold multiple industry certifications including Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), ISO 27001 Lead Auditor, and Payment Card Industry Professional (PCIP). My current focus areas are cybersecurity assessments, artificial intelligence governance, and PCI DSS compliance. I also have experience leading and conducting independent assessments for financial services clients within the SWIFT Customer Security Programme (CSP), FFIEC Cybersecurity Maturity Assessment Framework/Tool, and the FedLine Solutions Security and Resiliency Assurance Program.
Finally, my passions are gardening, cooking meals on my smoker, and spending time with my family. I am a proud father and dedicated husband. I drink bourbon.
Leave a Reply