JOHN ZAPATA
Frisco,TX
Summary
Experienced Cybersecurity leader, my strategic approach to risk assessment and commitment to team leadership has consistently produced high- performing teams. I possess a wealth of experience in managing projects, problem solving, leading day-to-day tasks, mentoring, and servant leadership. My ability to build relationships and foster collaboration has enabled me to drive innovation and ensure projects are completed on time and on budget. I have a strong understanding of the identity and protected health information (PHI) controls under HIPAA, PCI DSS, SOX, and GDPR. I am experienced in setting measurable benchmarks for long-term objectives, while utilizing KPI metrics as a means to quantitatively assess the performance of my teams. In addition to leading with empathy, and listening attentively, I seek to understand, and leverage the expertise and experience of others to the fullest extent possible. I strive to show respect and gratitude while encouraging everyone to do their best.
Overview
13
13
years of professional experience
1
1
Certification
Work History
Head of Security Engineering
Comerica Bank
10.2024 - Current
- Manage team of 30+ security personnel, resulting in a 15% reduction in security incidents
- Improved email security posture by implementing new security controls, resulting in a 30% reduction in Phishing and Malware incidents.
- Researched, reviewed and recommended Cybersecurity products, materials and supplies to prepare and maintain security expenses within approved budget.
- Oversaw budget allocation for security department expenditures, maximizing efficiency while maintaining high-quality service provisions.
- Coordinated with other departments within the organization to develop integrated approaches towards mitigating risks across multiple areas.
- Spearheaded cybersecurity initiatives to protect sensitive company data from breaches or unauthorized access attempts.
Director
MoneyGram Dallas
10.2021 - 08.2024
- Introduced Plan-Do-Check-Act (PDCA) cycle as a framework to set IAM security goals and regularly evaluate effectiveness and progress towards established KPIs
- Developed comprehensive threat assessment protocols which reduced security incidents due to identity compromise by 25% year over year
- Managed a budget of $2.5M, optimizing resource allocation across our enterprise resulting in a 10% cost reduction
- Improved identity protection and network security for over 2,000 remote employees by incorporating advanced multi-factor authentication measures alongside NextGen firewalls and VPN gateways
- Implemented advanced detections across web and mobile applications, reducing account takeover and fraud incidents by 30% year over year
- Established automated procedures to improve the password reset and account unlocking processes, resulting in a 35% reduction in help desk inquiries and a corresponding decrease in operational costs
- Strengthened the organization's cybersecurity framework through comprehensive penetration testing, maintaining a 100% remediation rate within SLA for all high and critical findings.
Security Architecture & Engineering Manager
MoneyGram Payment Systems
12.2018 - 10.2021
- Designed and oversaw identity authentication and authorization modernization projects for more than twenty internal applications
- Established Zero-Trust Identity & Access Management program combining SoD, Least Privilege Access, Multifactor, and Just-In-Time provisioning to over 25+ applications which lead to a 50% increase in network security
- Supported cloud transformation efforts for security by upgrading and migrating CyberArk Privileged Access Management system, protecting accounts
- Conducted monthly performance reviews using KPIs, which contributed to a 20% increase in team efficiency
- Evaluated new security technologies, enabling the adoption of cutting-edge protection measures.
IAM Security Consultant
Strategic Security Solutions
07.2018 - 12.2018
- Led team of developers and engineers on large scale Sailpoint IdentityIQ project to introduce a least-privilege access model for joiner, mover, and leaver workflows
- Developed 5 custom IdentityIQ REST API integrations to convert manual delimited file application connections to automate the aggregation, add, updates, and delete functions
- Designed and implemented IdentityIQ manager certifications and lifecycle management flows
- Implemented custom IdentityIQ workflows to handle approval flows for access requests and provisioning activities.
Senior Security Engineer
PrimeLending
07.2015 - 07.2018
- Orchestrated the successful upgrade of all rules, workflows, certifications, connectors, and access requests for SailPoint IdentityIQ version 6.4 to2 while reducing infrastructure server count by 40%
- Monitored and analyzed security systems to identify potential threats and vulnerabilities
- Strengthened system security by 60% by implementing advanced encryption techniques and two-factor authentication mechanisms
- Worked together with diverse teams to adhere to the most effective security protocols and ensure compliance with industry standards, leading to a 25% decrease in audit findings.
Information Security Engineer II
Parkland Health
03.2012 - 07.2015
- Responsible for the end-to-end business operations and execution of the Global Delivery strategy for Identity and Access Management services within the Cybersecurity domain
- Recommended and implemented information security best practices that aligned with the business
- Interfaced with local teams to implement technologies that align with the current security strategy
- One strategy included the need for comprehensive identity account creation via automation to ensure a consistence experience for new onboarding of employees.
Education
Bachelor’s Degree - Business Information Systems
University of Phoenix
Associate's Degree - Networking Technologies
Del Mar College
Skills
- Strong Leadership
- Coaching and Mentoring
- CapEx and OpEx Budget Management
- Role-Based Access Control (RBAC)
- Multi-Factor Authentication
- Single Sign-On (SAML\OpenID\OAuth)
- Privileged Access Management
- Privileged Identity Management
- Security, Public Key Infrastructure (PKI)
- Principle of Least Privilege (PoLP)
- Segregation of Duty (SOD)
- Zero Trust Access (ZTA\ZTNA)
- Identity Technologies (Okta Identity, CyberArk Privileged Access Management, PING Identity, SailPoint Identity IQ, Sailpoint Identity Now, Microsoft Entra ID)
Certification
- Certified Identity IQ Engineer SailPoint 2018
- CISSP - In Progress ISC2 (2025)
- CISM - In Progress ISACA (2025)
Timeline
Head of Security Engineering
Comerica Bank
10.2024 - Current
Director
MoneyGram Dallas
10.2021 - 08.2024
Security Architecture & Engineering Manager
MoneyGram Payment Systems
12.2018 - 10.2021
IAM Security Consultant
Strategic Security Solutions
07.2018 - 12.2018
Senior Security Engineer
PrimeLending
07.2015 - 07.2018
Information Security Engineer II
Parkland Health
03.2012 - 07.2015
Associate's Degree - Networking Technologies
Del Mar College
Bachelor’s Degree - Business Information Systems
University of Phoenix
Similar Profiles
Bruce J. JacobsBruce J. Jacobs
VP, Senior Bank Manager at Comerica BankVP, Senior Bank Manager at Comerica Bank
LISA GORIELLISA GORIEL
Bank Manager at Comerica BankBank Manager at Comerica Bank
Katie ErazoKatie Erazo
Relationship Banker at Comerica BankRelationship Banker at Comerica Bank