Summary
Overview
Work History
Education
Skills
Timeline
Generic

JOHN J. SEITZINGER

Tampa,FL

Summary

Dynamic Principal Consultant with extensive experience at GuidePoint Security, specializing in policy writing and risk assessment. Proven track record in enhancing compliance standards and implementing cybersecurity frameworks. Adept at strategic planning and team leadership, driving significant improvements in organizational security posture and risk management initiatives.

Overview

41
41
years of professional experience

Work History

Principal Consultant – Governance

GuidePoint Security, LLC.
Herndon, USA
02.2023 - Current
  • Principal Consultant responsible for governance, regulatory and compliance assessments and policy, standards and procedures writing for global Fortune 100 companies as well as SMB organizations of a wide range of vertical sectors.
  • Currently with a focus on multiple cybersecurity standards (e.g., NIST CSF, NIST SP 800-53r5, ISO 27001:2022/ISO 27002:2022) provide security policy, standards and procedure writing services as well as detailed maturity assessment reports with strategic program enhancement roadmaps.
  • This assists organizations in risk reduction/treatment prioritization and implementation of standards-based secure practices.
  • Assessments include strategic roadmaps derived from detailed program reviews assigning maturity levels aligned to the Capability Maturity Model Integration (CMMI) thus resulting in risk-based program improvements.

Technical Manager – Risk Transformation, Enterprise Risk & Compliance

OPTIV Security
Denver, USA
03.2011 - 02.2023
  • Technical leader and senior management consultant in Advisory Services / Risk Transformation consulting with executive management focusing on technology, security, and compliance initiatives, and successfully leading diverse teams to meet business goals in global/Fortune 500 companies, small and medium businesses, and diverse agencies.
  • Conducted extensive enterprise security and compliance initiatives performing risk and compliance gap/maturity assessments for NIST CSF, NIST SP 800-53r4/5, GDPR, CCPA, GLBA, HIPAA, FFIEC, ISO/IEC 27001/27002, TISAX, ISO/SAE DIS 21434, and ISO 22301 Business Continuity Management System (BCMS).
  • Create/oversee/own go-to-market solutions for BCMS, recommend remediation strategy and tactics, help develop/mature information security programs, perform Business Impact Analysis, develop Business Continuity Plans.
  • Managed security and compliance related projects from pre-scoping/requirements gathering through proposal development and project execution.
  • Worked with diverse teams of senior leadership, managers, consultants, contractors, and highly technical specialists in assessment, compliance, and remediation activities.
  • Consulted on global privacy regulations and transborder data flows.
  • Highly specialized in developing framework-based information security policies and standards for global organizations and in the performance of standards-based risk assessments.

Security Architect/Consultant – Security & Compliance

GERDAU AMERISTEEL CORPORATION
Tampa, USA
03.2010 - 12.2010
  • Security architectural specialist for North American MPLS Site Upgrades using Cisco solutions.
  • Principal liaison between Compliance & Security and the North American Infrastructure Upgrade Team.
  • Authoring ISO 27001:2005 compliant Physical Security and Security Architectural Standards for more than 100 locations across North America.
  • Developing security compliance and configuration Standards /checklists for AIX, Blackberry, Checkpoint FW, Cisco Solutions, Citrix, Dell EMC, Exchange, HPUX, Juniper / Netscreen, LanDesk, Linux, IIS, Server 2003, OCS Communications Server, SharePoint, Oracle App Server, Solaris, SSH, VMware, and Websphere.

Network Security Manager - US Information Security Services

PRICEWATERHOUSECOOPERS, LLP.
Tampa, USA
05.2007 - 02.2010
  • Lead, coordinate, manage and oversee IT risk management/compliance, and network security initiatives across multiple IT departments.
  • Integrated Cisco 4270-based IPS solution across 11,500 node data center.
  • Lead network security liaison with Network Systems Support and Design group using newly upgraded Cisco Nexus architecture for new data center design.
  • Participate in the establishment and oversee network security/compliance requirements for projects delivering solutions to the client practices many with a global footprint.
  • Principal security liaison with IT Risk Management (ITRM), network architecture, security operations and network services teams.
  • Key leader and stakeholder in the re-deployment/upgrade and implementation of global Solution Center monitor & response capability.
  • Perform, deliver, and report on large scale vulnerability/risk management assessment activities for US-based systems.

Systems Security Specialist, (PM, IT Compliance, Security Architectures, Team Lead)

TECH DATA CORPORATION
Clearwater, USA
10.2002 - 05.2007
  • Lead security professional for Tech Data specializing in solution integration, information security program development, and IT compliance for Sarbanes-Oxley (SOX) and PCI DSS security.
  • Led two-person team for IT Compliance requirements.
  • Best practice & security architectures, safeguard integration and management, policies, procedures, processes and practices, legal requirements, intrusion detection/prevention and incident response.
  • Key liaison with Internal Audit, Loss Prevention and Legal.
  • Created and managed execution of a set of security lifecycle processes leveraging existing safeguards to minimize cost, track progress, and ensure management oversight.
  • Drove the integration of a global intrusion detection system in seven countries in Europe for an on-time, under budget delivery.
  • Created and managed plan for coordinated worldwide Security Incident Response Team (SIRT).
  • Pioneered and drove Requirements and Design for a low-cost e-commerce two-factor authentication/self-service password system for over 40,000 partners/customers worldwide.
  • Using innovative methods driven by whitepapers, alternative designs reducing cost of implementation for security objectives by nearly 5 million over five years.

Principal Security Consultant

AIMNET SOLUTIONS, INC.
Tampa, USA
05.2000 - 10.2002
  • Lead field security consultant for managed services company covering the U.S.
  • Responsible for consulting, integrating, and managing the network security, policy creation, intrusion detection, log analysis & content analysis systems for more than 20 accounts generating more than a million dollars per year.
  • Provided both small and large-scale solution integration services, risk/vulnerability assessments (internal and perimeter) across multiple vertical sectors and agency customers in the US, Central America, and Puerto Rico.
  • Implemented VPN solutions and usage policies for large government contracts using Cisco IPSec firewall feature set.
  • Principal consultant for various agencies providing firewall training, architecture/configuration, audits, upgrades, and architectural hardening with recommendations/roadmaps.

Director of Security Operations

REESE WEB, INC.
Clearwater, USA
04.1998 - 05.2000
  • Instrumental to growth and corporate direction for one of the nation’s leading Axent Elite partners.
  • Managed team of SE’s and directed operations of Security Operation Center (“SOC”).
  • Responsible for sales closure and integration of security solutions for a large customer base.
  • Expert at education of the customers - frequently resulting in substantial increases in product and consulting services.
  • Managing and training new engineers in TCP/IP, firewall implementation, and IDS systems.
  • Integrated Microsoft Solutions to streamline corporate internal procedures.

Webmaster / Senior Network Security Engineer

POE & BROWN, INC.
Tampa, USA
03.1997 - 05.1998
  • Responsibilities included Check Point FireWall-1 administration and extranet design and maintenance.
  • Internal and external IP security audits.
  • Managed the IP infrastructure and addressing for all systems - including Novell, Windows NT, Solaris, and AIX.
  • DHCP, DNS and WINS server management.
  • LAN segmentation and management of Synoptics 5000.
  • Network Peripherals FDDI backbone administration.
  • Administered NT Server versions 3.51 and 4, Netware versions 3.11, 3.12 and 4.11.
  • Lotus Notes server administration.
  • HP OpenView management.
  • Netscape Enterprise Server 3.0 integration and administration.

Network Administrator / PC Hardware, Software Analyst

ANDERSEN CONSULTING, LLP
Tampa, USA
09.1995 - 03.1997
  • Responsibilities included Novell 3.12, 4.11, NT 3.51 and Internet & client security integration and administration (Black Hole firewall and AV).
  • Network and server failure analysis.
  • Compaq laptop configuration and failure analysis for more than 150 consultants.
  • Remote access support.
  • Lotus Notes Tier 3 support.
  • Managed Remedy ARS system for asset control.

Service Engineer

AUDIO VISUAL INNOVATIONS, INC.
Tampa, USA
01.1991 - 12.1995
  • Responsibilities included design, installation and support of computer, graphics projectors, computer systems, professional sound reinforcement, thermal lettering/graphics machines, as well as product phone support and customer training.
  • Provided system administration services on in-house UNIX system, maintenance and wiring of cluster controller and servers.

Senior Test Engineer

CIRCUIT TEST, INC.
Tampa, USA
01.1986 - 12.1991
  • Responsibilities included component level failure analysis of PCBs, DEC, IBM, Compaq, Memorex-Telex, and various laptop computers, built and installed entire network on Novell version 2.x.
  • Integrated the system wiring, cable drops, and built and installed servers and client workstations from ground up.

Class Instructor – PC Hardware Analysis Expert

TECHNICAL SERVICES NATIONAL, INC.
Tampa, USA
01.1985 - 12.1986
  • Responsibilities included field training/class instruction on the repair of IBM personal computer systems.

Education

BSI ISO 22301 Lead Auditor -

01.2014

Business Continuity Maturity Model (BCMM-A) -

01.2011

CISM – Certified Information Security Manager -

01.2004

CISA – Certified Information Systems Auditor -

01.2003

SCSE – Symantec Certified Security Engineer -

01.2003

STA – Symantec Technology Architect -

01.2002

Symantec / Axent NetRecon Security Analyzer Certification -

01.2002

CISSP Certification # 25620 – ISC2 -

01.2001

Symantec Enterprise Firewall (Raptor) Certification -

01.2001

Symantec / Axent Enterprise Security Manager Certification -

01.2001

Symantec / Axent Intruder Alert Intrusion Detection Certification -

01.2001

Skills

  • Policy writing
  • Risk assessment
  • Compliance standards
  • Cybersecurity frameworks
  • Regulatory knowledge
  • Strategic planning
  • Business impact analysis
  • Team leadership
  • Effective communication
  • Technology implementation

Timeline

Principal Consultant – Governance

GuidePoint Security, LLC.
02.2023 - Current

Technical Manager – Risk Transformation, Enterprise Risk & Compliance

OPTIV Security
03.2011 - 02.2023

Security Architect/Consultant – Security & Compliance

GERDAU AMERISTEEL CORPORATION
03.2010 - 12.2010

Network Security Manager - US Information Security Services

PRICEWATERHOUSECOOPERS, LLP.
05.2007 - 02.2010

Systems Security Specialist, (PM, IT Compliance, Security Architectures, Team Lead)

TECH DATA CORPORATION
10.2002 - 05.2007

Principal Security Consultant

AIMNET SOLUTIONS, INC.
05.2000 - 10.2002

Director of Security Operations

REESE WEB, INC.
04.1998 - 05.2000

Webmaster / Senior Network Security Engineer

POE & BROWN, INC.
03.1997 - 05.1998

Network Administrator / PC Hardware, Software Analyst

ANDERSEN CONSULTING, LLP
09.1995 - 03.1997

Service Engineer

AUDIO VISUAL INNOVATIONS, INC.
01.1991 - 12.1995

Senior Test Engineer

CIRCUIT TEST, INC.
01.1986 - 12.1991

Class Instructor – PC Hardware Analysis Expert

TECHNICAL SERVICES NATIONAL, INC.
01.1985 - 12.1986

BSI ISO 22301 Lead Auditor -

Business Continuity Maturity Model (BCMM-A) -

CISM – Certified Information Security Manager -

CISA – Certified Information Systems Auditor -

SCSE – Symantec Certified Security Engineer -

STA – Symantec Technology Architect -

Symantec / Axent NetRecon Security Analyzer Certification -

CISSP Certification # 25620 – ISC2 -

Symantec Enterprise Firewall (Raptor) Certification -

Symantec / Axent Enterprise Security Manager Certification -

Symantec / Axent Intruder Alert Intrusion Detection Certification -

JOHN J. SEITZINGER