2016 Award Winners
CCISO of the Year
Luis Noguerol
CISO of the Year
Medha Balodkar
Most Improved Information Security Program of the Year
Juan Gomez-Sanchez
Innovative Project of the Year
Chen Heffer
Award Categories
CCISO of the Year
This award, available only to EC-Council Certified CISOs (C|CISOs), recognizes an individual’s outstanding work in information security. We will be honoring one C|CISO who has contributed to the information security industry, shown tremendous professional growth and achievement, and has promoted strong, innovative security practices. When submitting your nomination package for this award, please be sure to include a summary of your work and career advancement over the last year, how you have positively impacted the information security industry. Your entry will be evaluated by a panel of highly qualified information security executives, so make sure that what you present will impress your audience.
Nominate
CISO of the Year
This award, available only to Information Security Executives (VP, CISO, etc.), recognizes an individual’s outstanding work in information security. We will be honoring one executive who has contributed to the information security industry, shown tremendous professional growth and achievement, and has promoted strong, innovative security practices. When submitting your nomination package for this award, please be sure to include a summary of your work and career advancement over the last year and how you have positively impacted the information security industry. Your entry will be evaluated by a panel of highly qualified information security executives, so make sure that what you present will impress your audience.
Nominate
Innovative Security Project of the Year
This award is intended to recognize the most innovative security project of the year. The nomination must include the following details:
- Brief description of the project and its goals
- How the project supported the business/organization by being:
- Cost effective
- Impactful to the business or security operations
- Creative in its use or creation of new models
- Groundbreaking
- Measurable – please include statistics on how the project impacted budget, time, or other measurable indicators.
Nominate
Most Improved Information Security Program of the Year
This award is intended to recognize improvements in information security programs that have made use of innovative strategies to bring value quickly to a security program and the overall business/organization’s goals. The nomination must include the following:
- A baseline of the security program before improvements including measurable indicators
- The methods used to improve the program
- Challenges encountered and the solutions implemented to overcome them A thorough analysis of the program after improvements were implemented including measurable indicators
Nominate
2016 Finalists
Categories:
CISO of the Year
Recognized as a critical thinker, Syed is a trusted advisor to both government and organizations in the fields of cyber resilience, technology architecture, digital transformation, technology operations, controls and compliance. In this role Syed has helped organizations transform their technology risk management and cybersecurity capabilities by first engaging stakeholders to align their business and technology objectives, and then building the necessary foundation to achieve the desired outcomes.
Syed serves as a board member for the Bahrain Information Technology Society, leads Executive Advisory Board for Arvensys Technologies in Australia and DifferentX a New Zealand based technology start-up Company. He is also a community leader for P3 (Portfolio/Program/Project) for ISACA International, USA. He is a moderator for security roundtables and panel events, and is a sought after speaker on cyber-security and transforming individuals into high performing technology teams.
Syed is passionate about sharing his knowledge and experience in digital transformation, cyber-security, and mentoring/coaching all type of organizations including non-profit entities. His professional affiliations are: ISACA, PMI, ISC2, and his professional qualifications include: CISSP, CISM, CGEIT, CEH, ITIL Expert, PMP, PRINCE2, and ISO 27001 Lead Auditor. Syed holds a MBA from Chifley Business School at Torren University, Australia, a postgraduate in Business Administration and Information Technology from the University of Wales, United Kingdom, and he has also completed a number of cybersecurity programs from the Massachusetts Institute of Technology.
He is an ISACA member and professionally certified as CISA (Certified Information Systems Auditor) and CRISC (Certified in Risk and Information Systems Control) with broad knowledge in IT Governance and Controls Framework i.e. COBIT, RiskIT and ISO27001, as well as practical experience in IT risk assessment, IT policy management, data analytics, vulnerability assessment, penetration tests, security architecture and solutions, data protection, security incident monitoring, identity & access management, digital forensic and audit techniques. To note his achievement in information security profession and leadership, he has been awarded as 2015 Cyber Security Professional of the Year (by Cyber Security Malaysia) and currently nominated as Finalist of EGS Global CISO 2016. In addition, he also received other prestigious awards in 2010 for Information Security Project of the Year (by Cyber Security Malaysia) and Best Security Strategy Finalist (by MIS Asia). He has spoken in various public conferences including ComputerWorld Mobile Forum 2015, ComputerWorld Malaysia Security Summit 2016, Trend Micro Cybercrime Malaysia 2016 and ASEAN CISO Summit 2016.
At present, he is the Head of IT Risk & Security Management for the Sime Darby Group. Sime Darby is a key player in the Malaysian economy as well as a diversified multinational, with businesses in key growth sectors namely, plantations, industrial equipment, motors, property and energy & utilities with operations in more than 20 countries.
Vice President, Information Technology
BioReference Laboratories, Inc.
Mr. Molinaro holds a Bachelors of Science in Electronics Engineering Technology with a focus in robotics and software automation and a Master’s of Science in Information Technology and Cybersecurity from the Florida Institute of Technology, and is currently pursuing an MBA. Mr. Molinaro is also a veteran of the United States Army Signal Corp and was nominated runner-up for the CISO of the year by the EC-Council security group and CIO of the year by the Tampa Bay Technology Forum in 2014. He formerly held several “technical” certifications and currently maintains multiple IT, security and risk certifications; CISSP (Certified Information Systems Security Professional), CGEIT (Certified in the Governance of Enterprise IT), C|CISO (Certified Chief Information Security Officer), CRISC (Certified in Risk and Information Systems Controls), CISM (Certified Information Security Manager), ITIL (Version 3 Foundations Certification).
Mr. Molinaro was the leader and architect of the overall Cyber defense of the 2012 Republican National Convention in Tampa, Florida (National Public Event) as well as the head of the IT Dept. Mr. Molinaro’s team was the cyber eyes and ears of this National Public Event. His breadth of experience and use of standardized methodology in information systems, risk, security, project management, business process engineering, policy making, power & radio engineering and software development has provided solutions and strategies in design, operations, maintenance and repair that greatly contributed to increasing and improving the corporate bottom line, quality, customer service, security and compliance effectiveness of many businesses. His methods and practices are based on sound and proven scientific and discrete engineering techniques used by the most successful organizations worldwide and he has met and exceeded corporate and customer satisfaction challenges. These practices are those developed, successfully deployed and greatly promoted by Carnegie-Mellon and other prestigious and well known engineering, scientific Universities and businesses worldwide.
Lynx Technology Partners, Inc.
A 2014 graduate of the FBI Citizen’s Academy, Mr. Dominguez is the President of the Board of Directors for the FBI Infragard, Vice-President of ISSA Tampa Bay, and an active member of the US Secret Service Electronic Crimes Task Force. He is a recognized professional in the security field, having contributed to the publication of several ANSI security standards and holding certifications, including ASIS CPP, SANS GSLC, (ISC)2 CISSP, ISACA CRISC, ITIL, EC-Council C|CISO, PMI PMP, and Program & Portfolio Management (PPMC).
Mr. Dominguez enjoys sailing, SCUBA diving, reading, traveling, and attending the occasional hacker convention.
Chief Information Security Officer, Motilal Oswal Financial Services Ltd.
In last 10 years I also kept myself upgrading by learning & newer certifications in the industry such as ISO27001 LA, CEH,ECSA,LPT, CISA etc, I also encouraged my teams to have these certifications & learnings to combat next generation cyber threat. While doing these all I also written many articles for newspapers on Cyber Security & also was part of many TV channels programs on Cyber Security, the same can be views on Facebook page https://www.facebook.com/ghodekaramit, all my TV interviews can be watched on https://www.youtube.com/user/amitghodekar. I have also been awarded by CISO Platform as most influential CISO & community contributor.
I had worked on some of the most successful information security projects & I can say most successful one of the such project was Transaction Monitoring System which was in house developed Fraud detection Engine, this Engine was able to detect any kind of fraud or suspicious transaction happening to any of the online trading platform, the extend of this system was such a success that due to this system in last 5 years there was no online fraud was happened in the organization. Apart from this I also worked & implemented some of the world class info sec projects to name few those are in listed below.
- Data Loss Prevention (DLP)
- Mobile Device Management (MDM)
- Identity & Access Management
- Intrusion prevention system (IPS)
- Application Security
- Network Security
- IT Governance
Presently I am working with Motilal Oswal Financial Services as VP, CISO, Motilal Oswal Financial Services Ltd. (MOFSL) was founded in 1987 as a small sub-broking unit, with just two people running the show. Focus on customer-first-attitude, ethical and transparent business practices, respect for professionalism, research-based value investing and implementation of cutting-edge technology has enabled us to blossom into an almost 3000 member team. Today we are a well-diversified financial services firm offering a range of financial products and services such as Wealth Management, Broking & Distribution, Asset Management, Institutional Equities, Private Equity, Investment Banking Services, and Home Finance, We are headquartered in Mumbai and as of March 31st, 2015, had a network spread over 591 cities and towns comprising 1,504 Business Locations operated by our Business Associates and us.
Educational Profiling of Pavankumar Bolisetty
Pavankumar Bolisetty was born and brought up at Jaggayyapet, Andhra Pradesh, India.
He has done Bachelor of Engineering, in Computer Science from University of Madras and Master of Science in Advanced Networking and Telecommunications from International Institute of Information Technology, Pune, India.
His interest in information security has driven him to acquire almost 12 certifications in the field of information security. Some of the major popular certifications include Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI), Electronic Commerce Council Certified Security Analyst (ECSA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and Certified Internet Web Master Security Analyst (CIWSA). Some of his other certifications include, MCSE, CCNA, SCJP, SND, ITIL, and ISO 27001 L.A.
Professional Profiling of Pavankumar Bolisetty
Pavankumar Bolisetty currently works as the Global Head of Information Security for Wave Crest Holdings Limited, which has offices and data centers across three continents and six countries. He is also founder of E Com Security Solutions Pvt. Ltd., an online cyber security company that provides information security assessment and advisory services to the Organizations worldwide.
He has assisted more than 300 Organizations that include critical IT infrastructure, global financial institutions, and Fortune 500 companies. He has investigated more than 5000 data breaches and incidents and also been involved in the investigation of the data breaches in the country.
Accolades and Acclaims conferred upon Pavankumar Bolisetty
Pavankumar Bolisetty has been conferred with InfoSec Maestro and winner of TOP CISO’s of India in 2016 in the All India Infosec Conference summit. He was also the winner and has been felicitated with the Top CISO award by CISO Platform in 2015 and also as a Youngest Security Professional by trade publication, an International Magazine in 2006.
Background
Pavankumar Bolisetty is a speaker on various verticals of Information Security and conducted workshops on ethical hacking and cyber forensics across India where 500 + professionals were trained. He has also presented papers on Information Security at various Conferences.
Pavankumar Bolisetty is son of a famous author and surgeon, Dr. Yogi Ram Bolisetty and is always inspired with his determination. He follows his father’s strategy for success by principle of three “I”, in which “I” stands for Intelligence, Industry and Interest.
Columbia University
Medha has over 25 years of experience in various aspects of Information Technology, Security, Auditing and Risk Management, spending over 15 years in the Financial Industry and over 10 years in the Education and Healthcare industry. She is a recognized Risk Management and Information Security professional and serves on a number of governing bodies, steering committees of professional organizations and is a frequent panel speaker at major NY conferences. Medha has a number of security certifications (e.g., CISA, CGEIT, CRISC, CICA, ITIL, and Cloud Security Certifications) and a B.S. from Bombay University. Medha is proud of her role as a woman in IT and strives to mentor and guide young women in an often male dominated profession. Medha was named the 2015 North America Information Security Executive of the Year by (ISE) and her team was recognized with the 2015 North America Project of the Year for their IT Risk Management and Privacy Program.
NetCentrics
Beyond his regular duties, Marvin is a recognized thought leader and author on the subject of cybersecurity. Marvin has authored and co-authored seven articles in the past year ranging in topics from identifying cybersecurity risks in the supply chain to increasing security by recommending that security operations centers monitor the web application layer. Marvin’s blog on Have Developers Become Overly Dependent on Dependencies? was published by SIGNAL. Marvin was also the lead author on an article, Cybersecurity: Facing a labor shortage or skills shortage that discusses the need for certification bodies to adapt to the need for professionals to prove them beyond a knowledge exam and demonstrate practical skills. Marvin has opined on increasing automation into the Risk Management Framework to support systems certifications by leveraging a well-known benchmark, the Cyber Command Readiness Inspection (CCRI).
Marvin has served as a trusted advisor within the United States Marine Corps and United States Navy, earning the appointments of Marine Corps Validator and Fully Qualified Navy Validator. These appointments recognize Marvin’s ability to independently verify and validate that a system meets the technical and non-technical requirements set forth by the service component and that an appropriate synthesis of the analysis of paired-threat/vulnerability, countermeasure, and mission impact information is conducted. Marvin has also directly contributed to the annual accreditation of over 300 systems including responsibility over all Marine Corps aviation systems, platforms, and simulators as well as the Joint Strike Fighter.
Marvin has served as a board member and vice-chair for the Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH) certification. He was also the lead author and lecturer for an incident response and forensics course developed for the U.S. Secret Service Criminal Investigative Division, for which he was awarded a letter of commendation. Marvin has also presented on the topic of web application security at the Coast Guard Academy Cyber Symposium with An Aggressive Proactive Security Testing Program is Your Best Defense. Marvin presented at the first Annual Northern Virginia Community College Hackathon on DoDI 8570/8140.
Marvin is a member of the International Information System Security Certification Consortium (ISC2), Information Systems Audit and Control Association (ISACA), a full member of the Institute of Information Security Professionals (IISP), a Professional Member of the British Computer Society (BCS) and a volunteer with the Cloud Security Alliance (CSA). Marvin also holds the following certifications: Certified Chief Information Security Officer (C|CISO), Certified Information Systems Security Professional (CISSP) Information Systems Security Management Professional (ISSMP), Certified Information Security Manager (CISM), Certificate of Cloud Security Knowledge (CCSK), eLearnSecurity Junior Penetration Tester (eJPT) and Microsoft Certified Professional (MCPS). Marvin holds a graduate certificate from Cornell University and is currently attending Royal Holloway, University of London for graduate studies in Information Security.
Jared CarstensenChief Information Security Officer, CRH plc
Since joining CRH, Jared’s key interactions include the Board, Audit Committee, Regional Leadership teams through to the 90,000 employees. Jared is currently the youngest CISO across any of FTSE 100 companies. Prior to joining CRH, his 15 year career started as an IT manager, operating a global security consultancy firm, through to leading the Cyber Risk Services team at a ‘Big 4’ Consulting firm in Ireland.
Jared has delivered a number of ground-breaking and ‘world-first’ security programmes across various industries and sectors including Financial Services, Pharmaceutical, Government, Law Enforcement, Technology, Defense Bodies, Telecommunications, Retail, Products & Services. Jared combines years of international experience with a proven record of integrating and streamlining security practices and standards such as ISO 27001/22301/20000/38500, PCI DSS, NIST, HIPAA, and GLBA along with other requirements into daily business operations and practices.
Jared has led large, complex security programmes across the Americas, Europe, Africa and Asia Pacific (APAC) regions. He currently holds the C|CISO, CISSP, GCIH, CRISC, SSCP, CCSK credentials (among others). Jared is Associate Faculty member at the National College of Ireland, where he lectures and assisted in the developed the MSc in Cloud Computing. He is a keen contributor the global security industry and regularly volunteers his time to help those new to the security industry, whilst promoting fresh and innovative approaches to tackling security challenges. He is a member of the IT Governance Expert Panel, and has spoken at over 100+ of the leading security events globally.
Jared authored ‘Cloud Computing: Assessing the Risks’ in 2014, which listed as a Top 50 technology seller on Amazon.com, with endorsements from Kaspersky, Deloitte, McAfee & others. Jared is currently authoring his next book, focusing on cyber security for business leaders and is keen to help others solve current security challenges. In 2013, Jared formed the Irish (ISC)2 Chapter, of which he is currently President, with over 300+ members. He volunteers as part of the ‘Safe & Secure’ initiative which trained over 2,500 school children on internet safety in 2014-2015.
He is a firm advocate of making security simple and actionable for all – something he practices throughout his daily interactions and activities.
CCISO of the Year
External Consultant, EU Institutions
Chief Information Security Officer – Shekinah Information Security Consultancy Ltd. UK.
Niran has great expertise in dealing with Senior Board Level Management on Enterprise Security Strategy & Programs, identifying, developing, implementing and maintaining cyber security-related processes to reduce the organization’s operational and cyber risks.
He has over 27 years’ international, technical and management experience, planning and running global security projects, with specific passionate interests in Global Threat Intelligence Management, Vulnerability Management, Compliance and Risk Management.
He is quite passionate about Cyber Security and making Security work without jeopardizing Business progress and achievement in organizations.
Niran is a regular Conference Speaker at various European Cyber Security Conferences, including Data Risk Management in Financial Services Summit 2015 & 2016; Cyber Impact Gateway 2015; SC Congress Amsterdam 2016, Enterprise Security and Risk Management Conference, Amsterdam 2016 and several others as well as hosting webinars on BrightTalk.
In addition to a Bachelor’s Degree and a Master’s Degree in Information Security from Royal Holloway, University of London, Niran has several professional and industry certifications including C|CISO (Certified Chief Information Security Officer), CISM (Certified Information Security Manager), ITIL Version 3 and Prince 2 as well as the ISO27001 Lead Auditor and several industry trainings.
In Sept 2015, Niran won the Global C|CISO of the year 2015 Finalist Award by EC-Council in Atlanta, GA.
Currently, Niran consults for the European Union Institutions through a Consortium led by ATOS while concurrently serving as the Chief Information Security Officer (CISO) of Shekinah Information Security Consultancy based in the United Kingdom. He also consults for the private sector.
CISO,
HD Vest Financial Services
Information System Security Officer – Chief Technology Officer
He earned his PhD in Management and Information System and Technologies, a MS in Mathematics, a MS in Information Security, a BS in Electronics and Radar Systems, and a BS in Networks and Telecommunications. In addition, he holds 33 Information Technology certifications some being: Certified Chief Information Security Officer (C|CISO), Certified Information System Security Professional (CISSP), EC-Council Certified Ethical Hacker (CEH), EC-Council Computer Hacking Forensic Investigator (CHFI), ISO 27002 Lead Auditor, IASSCCertified Lean Six Sigma Black Belt (ICBB), Certified Business Architect (CBA), Check-Point Certified Security Master (CCSM), and Cisco Certified Network Professional (CCNP).
Dr. Noguerol has been a featured speaker at Information Technology/Information Security events, most recently at the National Institute of Standards and Technology (NIST), and in New York where he presented to the Bank of China’s upper management. He has also been a featured speaker internationally in multiple countries in Europe, Central America, and South America as well as in multiple TV / radio station shows with national and international coverage.
He is the President & CEO of Advanced Division of Informatics and Technology, Inc. (ADITusa, Inc.) ADITusa, Inc. focuses on minimizing the security risks associated with electronic data leakage while maximizing the economic efficiency of businesses through the application of innovative technological solutions in the information security, networking, and e-cloud environments. His transformational leadership style and passion for Information Security has earned him recognition and awards such as: The Biltmore Who’s Who Executive and Professional of the Year, 2011 Honors Edition; in 2012 ADITusa was recognized among 17 of the Small Businesses Top Performers by The Business Leader Institution; in 2012 Dr. Luis O. Noguerol and ADITusa, Inc. were recognized as Top Businesses and Business Leaders in the U.S. South Region by Business Leader Magazine; The Covington Who’s Who Executive and Professional of the Year 2013; New Horizons Computer Learning Centers “Top 10 New Horizons Technical Instructor in the World” 2015; and New Horizons Instructor of the year 2015. In addition, due to his community conscience mindset, he donates time to teach Information Security classes to low income minority members of the local community from 2010, and still.
Dr. Luis O. Noguerol’s passion for Information Security and technology, is not only as strong today as it was over 31 years ago but has driven him as a professional, an executive, and as a mentor.
Innovative Security Project of the Year
Currently, he is a principal software engineer for the SVSI division of Harman Professional Solutions developing web interfaces, back-end servers, and desktop control software for devices distributing HD video over networks. His responsibilities have touch all the major platforms: Web portals, Android, iOS, Windows, Mac, and Linux (servers and desktop, ARM and Intel).
In his spare time, he performs independent research. His research in HTML5 became a book published by CRC Press. His open source network utility, Packet Sender, gets downloaded 300 times / day the world over and ranks #1 with Google when searching for the problems it solves. He can also be found speaking at conferences and user groups to discuss his projects or software development in general.
External Consultant, EU Institutions
Chief Information Security Officer – Shekinah Information Security Consultancy Ltd. UK.
Niran has great expertise in dealing with Senior Board Level Management on Enterprise Security Strategy & Programs, identifying, developing, implementing and maintaining cyber security-related processes to reduce the organization’s operational and cyber risks.
He has over 27 years’ international, technical and management experience, planning and running global security projects, with specific passionate interests in Global Threat Intelligence Management, Vulnerability Management, Compliance and Risk Management.
He is quite passionate about Cyber Security and making Security work without jeopardizing Business progress and achievement in organizations.
Niran is a regular Conference Speaker at various European Cyber Security Conferences, including Data Risk Management in Financial Services Summit 2015 & 2016; Cyber Impact Gateway 2015; SC Congress Amsterdam 2016, Enterprise Security and Risk Management Conference, Amsterdam 2016 and several others as well as hosting webinars on BrightTalk.
In addition to a Bachelor’s Degree and a Master’s Degree in Information Security from Royal Holloway, University of London, Niran has several professional and industry certifications including C|CISO (Certified Chief Information Security Officer), CISM (Certified Information Security Manager), ITIL Version 3 and Prince 2 as well as the ISO27001 Lead Auditor and several industry trainings.
In Sept 2015, Niran won the Global C|CISO of the year 2015 Finalist Award by EC-Council in Atlanta, GA.
Currently, Niran consults for the European Union Institutions through a Consortium led by ATOS while concurrently serving as the Chief Information Security Officer (CISO) of Shekinah Information Security Consultancy based in the United Kingdom. He also consults for the private sector.
Cyber Security Officer, Douglas County Government, Colorado.
Chen has brought a unique innovative approach to the cyber efforts in the county and other local and state governments in Colorado. His approach is based on gathering intelligence and constantly learning the adversaries’ offensive approaches. He has implemented a variety of advanced cyber systems that constantly monitor the county’s assets. Chen’s motto is: “The more you invest in intelligence, the less you invest in cyber warfare” focusing on being one step ahead all the time.
Prior to his work in Douglas County, Chen worked for Kaiser Permanente as a PCI ISA, and served as the CISO of global enterprises such as SpaceNet, Gilat Satellite networks and Deloitte Israel. Chen is the Director of the CISA training program in ISACA Denver and leads the CISA efforts in Colorado. He is experienced in Cyber Warfare, Critical Infrastructure Protection, Technology Risk Management and Compliance and serves as a mentor in governmental cyber mentorship programs.
Most Improved Information Security Program of the Year
Director at Fidelity Investments
The past fifteen years Paul has been focused on the Information Security world. Leading a team, most recently he developed a Security Consulting Practice at Fidelity in which the team oversees the implementation of over 500+ projects a year to assure that all of those projects comply with Fidelity’s Policies and Procedures around Information Security.
Chief Information Security Officer
City of Lexington, KY
Chad Cottle is an award winning IT veteran with over 25 years experience in programming/database design, GIS, networking/systems administration, business resilience, big data, project management and information security.
Progressive and forward-thinking, Lexington, KY is a university city with a burgeoning technology and startup community. Chad serves as the Chief Information Security Officer and holds certifications in project management, ITIL, systems administration as well as C|CISO, CEH, CHFI and CASP.
Recognizing a deficiency in the city’s approach to security, Chad seized the opportunity to build an InfoSec program from the ground-up using proven frameworks and project management best practices. Keenly aware that security is not a destination, but rather a journey, he has buckled up and plans to enjoy the long ride.
In his spare time, Chad dabbles in zymurgy, producing delightful IPAs and most quaffable Cabernets. He is also the guitarist and lead mischief maker for the band “The Berenstain Conspiracy.”
CISSP-ISSAP, CISM, C|CISO, PCIP
Chief Security Officer, Lennar Corporation
With over 20 years of experience, Juan Gomez-Sanchez has focused his entire professional life to Information Security. As a security practitioner, Juan held leadership positions building and implementing enterprise security programs at Delta Airlines, CheckFree Corporation (now Fiserv) and Florida’s Turnpike Enterprise (PCI Level 1 Merchant). As a consultant, Juan worked for Cybertrust (now Verizon Business Security Solutions), Optima Consulting, and Worldwide Technology, providing trusted advisory services and managing the delivery of security consulting services to a wide range of clients by working with executives to address the demands of security on a global and enterprise scale.
He has supported a range of organizations in the development and planning of security programs to meet requirements for establishing, implementing, monitoring, and maintaining a security posture.
Juan is currently the Chief Security Officer at Lennar Corporation. Lennar (NYSE:LEN) is ranked as one of the fastest growing ($9.4B) Fortune 500 companies that has built the reputation as one of America’s smartest and most innovative real state, financial services, property development, and capital management companies.
As the Chief Security Officer, responsibilities encompass all physical and information security initiatives in support of 7 lines of business, close to 9,000 associates and 1,000 locations operating in 17 US states and 44 markets.
Lennar’s first Chief Security Officer reports to the Chief Financial Officer and is accountable to the Board of Directors. Responsible for creating the Enterprise Security Office from the ground-up and implementing a world-class security program that encompasses: Security Governance, Security Risk and Compliance Management, Security Architecture and developing a portfolio of shared enterprise services that includes: Physical Security, Security Awareness, Incident Response, Identity and Access Management, Application Security, Business Continuity, Disaster Recovery, Security Monitoring and Litigation Support.
Juan is also very active in the security industry; he contributed as subject matter expert and exam writer for the CISSP certification and ISSAP concentration. He is also a member of the board of advisors for C|CISO certification by the EC-Council