John is the Managing Director of CBIZ Pivot Point Security, a cybersecurity team within the national Risk & Advisory Services practice. Over the past 21 years, he has led hundreds of high-profile security engagements across diverse industries, including government, defense, legal, telecommunications, critical infrastructure, finance, and transportation. He shares the insights gained from that experience on the well-regarded “Virtual CISO” podcast.
John has served as the Chief Information Security Officer for Pivot Point Security for the last 15 years, ensuring that the client’s confidential data it processes is well secured by the ISO 27001 Information Security Management System he developed. He has also served as a virtual CISO to several high-profile early-stage companies, with several achieving $1B valuations.
John is responsible for establishing the strategic direction of CBIZ Pivot Point Security and governance of the consulting/ assessment services it delivers: vCISO engagements, threat modeling, risk and vulnerability assessments, application and network penetration testing, cloud security, third-party risk management, M&A Due Diligence Assessments, DevSecOps, compliance, privacy, and regulatory advisory services. He has knowledge and experience with ISO 27001/27002, ISO 27701, Shared Assessments, SOC 2, NIST 800-53, NIST 800-171/171a, TISAX, NYS DFS 500, CMMC, and HIPAA.