Jon Gellekanao
IT Audit | Security & Privacy | Program Management Professional
Bellevue,United States
Summary
Insightful compliance professional with over 13 years of IT experience and leadership including oversight of IT compliance program, information security, data analytics, IT Audit, and project management. Dedicated to customer satisfaction with focused delivery of technical solutions. Proven leader in directing operation, maintenance of support of complex projects. Developed creative business solutions, leveraging diverse methodologies and delivering solutions for the organization.
Overview
15
15
years of professional experience
3
3
years of post-secondary education
6
6
Certificates
Work History
Sr. Consultant
Coppei Partners
Mercer Island, WA
04.2022 - Current
- Developed privacy compliance program for the organization offer to potential clients
- Interfaced with clients on business opportunities and issues from program initiation through successful delivery of associated projects
- Led operations, planning and execution of strategic priorities
- Drove evaluation and estimation from technical sizing of potential initiatives
- Proactively mitigate risks and identified/managed issues
- Facilitated project meetings with client
- Ensured common and integrated vision for scope across projects within the program
- Worked with Program Managers to ensure alignment with program integration points into overall vision of the organization
- Worked closely with technical and business teams to refine, interpret and implement requirements
- Identified business issues through careful collaboration with key stakeholders.
- Prioritized projects and project tasks depending upon key milestones and deadline dates.
Sr. IT Risk & Compliance Consultant
StateServ Medical
Birmingham, AL
01.2022 - Current
- Responsible for sustaining and improving the enterprise information security risk management framework, policy, processes, and tools for reducing StateServ’s susceptibility to cybersecurity threats and vulnerabilities.
- Responsible for identifying, assessing, prioritizing, and monitoring internal and external risks to information systems including those of 3rd and 4th parties (vendors).
- Support efforts to gather prepare evidence in support of audits, assessments, and investigations and coordinates sometimes highly-visible cybersecurity risk/compliance assessments conducted by 3rd parties.
- Analyzes complex issues and distilling needed organizational responses into easy to comprehend actionable items.
- Manages SOC 2 Certification engagement
- Analyzed key aspects of business to evaluate factors driving results and summarized into presentations.
- Assessed impact of current business processes on users and stakeholders and evaluated potential areas for improvement.
- Executed analysis of risks and identified risk mitigation strategies.
- Interacted with internal customers to understand business needs and translate into requirements and project scope.
- Conducted interviews with key business users to collect information on business processes and user requirements.
- Led cross-functional teams to analyze and understand enterprise-wide operational impacts and opportunities of technology changes.
- Supported leadership team with reporting, analysis and business presentations to inform divisional strategies.
- Identified process inefficiencies through gap analysis and outlined sensible solutions.
Information Technology Security Consultant
ITAC Solutions
Vestavia, AL
11.2021 - Current
- Provided IT security and privacy consulting services to health care organizations to assist with overall IT security programs, monitoring, reporting privacy and security incidents, managing and closing compliance issues, ensuring that internal systems are compliant with security standards and regulatory compliance such as HIPAA.
- Responsible for identification, evaluation and interpretation of regulatory and statutory security requirements, control deficiencies and information security risks.
- Analyzed management and technical controls to ensure specific security and compliance requirements are met through verification of documented processes, procedures and standards in order to validate maintenance of secure configurations.
- Monitored enterprise compliance across multiple security frameworks including HIPAA, SOX, SOC, and PCI maintain up-to-date records of requirements and corresponding mitigating controls, and recommending remediation actions where needed.
- Monitored third-party risk assessments and assist in performing internal risk assessments.
- Collaborated on critical IT projects to ensure that security policy/risk issues are addressed throughout project life cycle.
- Developed key performance metrics to track and ensure compliance with established policies and standards.
- Supported development of security processes and procedures and support service-level agreements to ensure that security controls are managed and maintained.
- Participated in development of security user awareness training for cyber security and privacy awareness.
- Monitored and advising on information security issues related to internal systems to ensure that security controls for company are appropriate and operating as intended.
- Managed and executed IT security projects as directed. Assisted business units in identifying security requirements by using risk based and business impact assessments.
- Communicated with internal and external partners to enhance security awareness.
- Developed, published and reviewed Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
- Developed and maintained information security site and content management.
Information Security Consultant
DeliverHealth Solutions
Madison, WI
03.2021 - 09.2021
- Conducted IT audits for general and applications controls for client financial systems.
- Reviewed client IT policies and procedures to ensure compliance with leading practices.
- Drove development and implementation of compliance controls to help mitigate risk(s) identified.
- Organized and documented audit results, gaps logs and evidence in form of work papers.
- Managed information security risk analysis project from start to finish.
- Facilitated ongoing process improvement while monitoring compliance.
- Conducted technical information security and assurance concepts to non-information security individuals to improve overall security awareness.
- Established relationship with businesses and customers, interpreted and applied standards, policies, best practices and analyzed threats and vulnerabilities, and designed systems security strategy and architecture.
- Led team and promoted use of security requirements for System Development Life Cycle across multiple IT projects.
- Led Information Security Policy Management Process from start to finish.
- Performed risk analyses to identify appropriate security countermeasures.
- Reviewed violations of computer security procedures and developed mitigation plans.
- Conducted security audits to identify vulnerabilities.
- Recommend improvements in security systems and procedures.
Associate Director of Project Management Office
OptumInsight
Walnut Creek, CA
12.2019 - 06.2020
- Led 11-person team supporting IT programs and projects; distributed workload, assigned special projects and priorities, supervised daily performance, training and improvement plans and cultivated culture of excellence delivering outstanding customer service and delivery.
- Drove execution of project delivery plan for organization.
- Partnered with IT leadership and client to ensure alignment with organizational priorities.
- Responsible for management of project management functions/teams across organization.
- Maintained and communicated status reports and issues to leadership and project sponsors.
- Managed departmental budget and tracking.
- Developed and implemented methodologies to improve business processes including integrated project life cycle, reporting metrics, governance, and project manager competency program.
- Guided team on mitigating risks and identifying opportunities for efficiencies.
- Trained and mentored project and non-project managers on project management methodologies.
- Scheduled and facilitated meetings between project stakeholders to discuss deliverables, schedules and conflicts.
- Tracked project and team member performance closely to quickly intervene in mistakes or delays.
- Recruited and oversaw personnel to achieve performance and quality targets.
- Built successful project plans covering objectives, resources and staffing to meet schedules.
- Maintained open communication by presenting regular updates on project status to customers.
- Reported regularly to managers on project budget, progress and technical problems.
- Managed on-site evaluations, internal audits and customer surveys.
- Participated in team-building activities to enhance working relationships.
- Delivered exceptional level of service to each customer by listening to concerns and answering questions.
Senior Manager of Data Analytics
OptumInsight
Walnut Creek, CA
07.2016 - 12.2019
- Led 4-person team supporting Enterprise Data Warehouse, distributed daily assignments and priorities, provide weekly status updates to leadership, system update notifications and empowering staff members to perform outstanding services to our customers.
- Lead data management team in designing, execution of clinical and financial data marts to support analytics dashboards and reports for senior leadership.
- Provided consultation regarding reporting needs and determine best solution based on available tools, techniques, platforms, databases, software, and delivery mechanism.
- Worked with leadership of Data & Analytics Department to build teamwork and continuously improve department methods, processes, and coordination.
- Collaborated with direct management to execute build and development of data mart and/or implement changes to system builds to enhance and improve analytic modeling capabilities.
- Developed requirements document to provide information technology and analytic leadership on system enhancements. Planned and defined data architecture standards for data marts and Enterprise Data Warehouse (EDW).
- Managed vendor relationships to ensure successful execution of projects and realization of return on investment.
- Provided advisory role to staff and management as well as other departments with workflow and process improvement.
- Developed departmental intranet solution to provide collaborative space for analytics and its customers' health system-wide.
- Identified opportunities by proactively working with cross-functional teams.
- Monitored customer satisfaction through KPIs from managed teams, feedback from operations teams or direct communication from customer and prioritized service-related issues for swift resolution.
- Spearheaded personnel management activities, including accountability, performance management, and discipline.
- Managed inventory, production, workflow and distribution, analyzing each stage of product life cycle and recommending improvements to streamline processes.
- Oversaw reporting functions to executive leadership.
- Updated system information, making appropriate changes to documentation.
- Facilitated system upgrades, communications and status to customer and leadership.
- Participated in Data Governance Committee on behalf of the data analytics team.
Project Manager of IT Audit & Information Security
John Muir Health
Walnut Creek, CA
05.2007 - 07.2016
- Technical expert in management of information security and compliance activities in design and enforcement of operational controls business sensitive data.
- Managed audit activities performed internally or by external parties from inception to completion.
- Interpreted audit report and develop management action plan responses to address audit findings.
- Performed periodic monitoring to ensure ongoing compliance to help minimize or eliminate risk and audit findings.
- Conducted internal audits (i.e. general computer controls, physical security) to ensure applicable controls are in place meeting best practices and regulatory requirements.
- Managed key projects to achieve critical success for organization by meeting time-sensitive targets in key areas of Access Management, Security Risk Assessments and Business Process Improvements projects.
- Ensure security policies are in compliant with relevant regulations to help minimize or eliminate risk and audit findings.
- Performed periodic evaluation of IT controls design and effectiveness.
- Developed engagement-planning documentation to communicate rationale for scoping decisions and developed specialized audit programs to ensure adequate coverage of risk.
- Communicated audit scope, issues, risks, and recommendation to management in written reports.
- Reviewed strategy and processes to ensure compliance with applicable laws, regulations, and financial auditing standards are met.
- Managed HIPAA Security Risk Assessments for entire health systems which consist of three acute hospitals and twenty-one outpatient practices throughout county.
- Assisted management with regulatory and compliance issues, workflow deficiency, process monitoring, engineering improvements, and information security forensic investigation.
- Maintained compliance reports and communicated to leadership on quarterly basis.
- Worked with other operational leaders to help adopt control design and assist with implementation.
- Implemented and managed enterprise-wide Phishing Program.
Education
Bachelor of Science - Business Management
University of Phoenix
Tempe, AZ 09.2019 - 06.2022
Skills
IT Audit (General Computer Controls)
Certification
ITIL Foundation Certification in IT Service Management, Axelos, ID 4989656.20251063
Timeline
Sr. Consultant
Coppei Partners
04.2022 - Current
OneTrust Certified Privacy Professional, C53875
04-2022
Sr. IT Risk & Compliance Consultant
StateServ Medical
01.2022 - Current
John Hopkins University (Coursera): Healthcare Data Security, Privacy and Compliance
01-2022
Information Technology Security Consultant
ITAC Solutions
11.2021 - Current
IBM (Coursera): Cybersecurity Compliance Framework & System Administration
11-2021
IBM (Coursera): Cybersecurity Roles, Processes & Operation System Security
11-2021
IBM (Coursera): Intro to Cybersecurity Tools & Cyber Attacks
11-2021
Information Security Consultant
DeliverHealth Solutions
03.2021 - 09.2021
Associate Director of Project Management Office
OptumInsight
12.2019 - 06.2020
Bachelor of Science - Business Management
University of Phoenix
09.2019 - 06.2022
Senior Manager of Data Analytics
OptumInsight
07.2016 - 12.2019
ITIL Foundation Certification in IT Service Management, Axelos, ID 4989656.20251063
02-2014
Project Manager of IT Audit & Information Security
John Muir Health
05.2007 - 07.2016
Prior Employment Details
Regulatory Project Manager January 2003 - January 2006
United Healthcare, Cypress, CA
Claims Research Analyst August 2000 - January 2003
PacifiCare of California, Inc., Cypress, CA
Prior Employment Details
Regulatory Project Manager January 2003 - January 2006
United Healthcare, Cypress, CA
Claims Research Analyst August 2000 - January 2003
PacifiCare of California, Inc., Cypress, CA
Similar Profiles
Melissa DiassoMelissa Diasso
Dental Assistant at Dental Partners of Towson & Dental Partners of Owings MillsDental Assistant at Dental Partners of Towson & Dental Partners of Owings Mills
OKUWA EBUNJESU SAMUELOKUWA EBUNJESU SAMUEL
PROJECT ENGINEER at Sanni, Ojo and Partners Consulting Limited, Ojo and Partners Consulting Limited, SOPPROJECT ENGINEER at Sanni, Ojo and Partners Consulting Limited, Ojo and Partners Consulting Limited, SOP
Sarthak ShahSarthak Shah
Tax Associate at Apple Growth Partners (Burton Partners)Tax Associate at Apple Growth Partners (Burton Partners)
POOJA PRABAKARPOOJA PRABAKAR
Software Engineer II at Concentrix CatalystSoftware Engineer II at Concentrix Catalyst
Kayley ToefieldKayley Toefield
Market Development Representative at DocuSignMarket Development Representative at DocuSign