JORDON STARINIERI
Pickerington,OH
Summary
Cybersecurity and Third-Party Risk Specialist with over 15 years of experience in leading, scaling, and enhancing security programs for global organizations such as Amazon and JPMorgan Chase.
Proven ability to architect enterprise-grade third-party security strategies, automate risk assessment platforms, and align regulatory frameworks with business agility. Adept at briefing executives, enabling cross-functional collaboration, and implementing controls across highly regulated environments.
Overview
14
14
years of professional experience
Work History
Technical Program Manager & IT Risk Leader
Amazon, Inc
06.2022 - Current
- Directed enterprise-wide third-party security strategy for Amazon Health Services, ensuring compliance with HIPAA and HITRUST standards.
- Launched AI-driven control assessments and continuous monitoring tools, enhancing accuracy while minimizing manual workload.
- Led integration of HealthSec’s third-party risk team into Amazon’s centralized VISA program, promoting unified assessment models across the organization.
- Designed automated third-party assessment workflows in ServiceNow, reducing cycle time by 40% and improving risk signal accuracy.
- Mapped HIPAA, HITRUST, SOC 2, NIST, and ISO 27001 to streamline evaluations against Amazon's security standards.
- Initiated Targeted Risk Assessment program, creating documentation and training that improved vendor vetting processes.
- Redesigned Contract Central workflow to implement security assessment gates, increasing compliance rates by 50%.
- Developed residual risk calculator and issue management tracker to facilitate data-driven vendor approval decisions.
Vice President - Supplier Assurance Risk Lead
JPMorgan Chase & Co
08.2018 - 06.2022
- Executed global third-party risk assessments within Corporate Third-Party Oversight program.
- Developed and refined due diligence procedures for FMU and Agent Bank vendors.
- Performed technical evaluations of supplier environments to validate controls.
- Directed mitigation strategies and best practices for internal and supplier leadership.
- Enhanced KRI tracking systems to improve monitoring capabilities.
- Facilitated education and awareness initiatives across organization and vendor network.
Third-Party Information Risk Specialist
Nationwide Insurance
02.2015 - 08.2018
- Conducted critical vendor risk assessments, strengthening security control frameworks.
- Introduced CASB (Skyhigh) across enterprise to enhance cloud governance.
- Designed TP3 platform, receiving recognition at CTO DevJam.
- Executed on-site assessments and provided executive remediation plans.
- Achieved Outstanding Contribution Award for Q1 2017.
Security Consultant - Contractor to Nationwide
ComResource
07.2014 - 02.2015
- Coordinated security audits and policy reviews for offshore vendors.
- Identified compliance violations in overseas datacenters and reported findings.
- Developed disaster recovery plans in case of a breach or system failure.
- Responded promptly to all reported issues regarding IT Security matters.
Information Assurance Team Lead
Northrop Grumman IS, DSD
03.2011 - 07.2014
- Led team of 11 in compliance initiatives within DoD Agile environment.
- Developed a vulnerability database utilized across multiple programs.
- Managed Plans of Action and Milestones, STIGs, and DISA compliance tracking.
- Assisted the manager in setting achievable goals for the team while monitoring progress towards them.
- Trained new staff in relevant processes and procedures.
Education
Master of Science - Information Security & Assurance
Western Governors University
Bachelor of Science - Information Technology (Info Assurance & Security)
Capella University
Graduate Certificates - Cybersecurity Best Practices, CISSP
University of Fairfax
Skills
- Risk assessment
- Vendor management
- Compliance auditing
- Data analysis
- Third-party evaluation
- Project management
- Process improvement
- Regulatory compliance
- Cloud governance
- Effective communication
- Team leadership
- Strategic planning
- Relationship building
- Needs assessment
- Problem solving
- Project leadership
- Continuous process improvements
- Developing project strategy
CORE COMPETENCIES & CERTIFICATIONS
- Third-Party Risk (3P/1P) • HIPAA, HITRUST, SOC 2, NIST, ISO 27001 • ServiceNow, Salesforce, Skyhigh, Sphera
Control Effectiveness • Risk Quantification • Residual Risk Modeling • Policy Development • Program Architecture
Executive Communication • Strategy Development • Automation Enablement • KPIs/KRIs
Certifications: CEH, CHFI, Security+ • Inactive DoD Top Secret/SSBI Clearance
Timeline
Technical Program Manager & IT Risk Leader
Amazon, Inc
06.2022 - Current
Vice President - Supplier Assurance Risk Lead
JPMorgan Chase & Co
08.2018 - 06.2022
Third-Party Information Risk Specialist
Nationwide Insurance
02.2015 - 08.2018
Security Consultant - Contractor to Nationwide
ComResource
07.2014 - 02.2015
Information Assurance Team Lead
Northrop Grumman IS, DSD
03.2011 - 07.2014
Master of Science - Information Security & Assurance
Western Governors University
Bachelor of Science - Information Technology (Info Assurance & Security)
Capella University
Graduate Certificates - Cybersecurity Best Practices, CISSP
University of Fairfax