As the Chief Security Officer of Heartland Payment Systems, John leads the security and IT compliance programs of the corporation. This encompasses the protection of sensitive data through risk and threat modeling along with compliance with internal, industry and regulatory obligations. John’s teams provide vulnerability analysis, penetration testing, and application security testing. He also heads the internal auditing team for the IT organization.
John is Heartland’s liaison with security professionals in the Financial Services Information Security and Analysis Center (FS-ISAC) where he is also an active member of the Payments Processing Information Sharing Council (PPISC). John has been chair or co-chair for the past two CAPP exercises for payment processors conducted by the FS-ISAC and the PPISC. In addition, John was the chair on the PPISC working group studying best practices for digital forensics and data leakage protection. John participates on the FS-ISAC Threat Intelligence Committee and works with state and federal law enforcement concerning issues related to payment card frauds and theft.
Prior to joining Heartland in September 2009, John held leadership roles in information security for Convergys (Intervoice) and Alcatel-Lucent. He spent several years in Antwerp and Paris leading Alcatel’s European information security group. In this position, he led security operations that had responsibilities in 139 countries.
John is an adjunct professor at the University of Dallas where he teaches digital forensics. He co-founded with Dr. John Nugent the university’s Information Assurance Program — which focuses on corporate security and risk management. The program has been designated a National Security Agency Center of Excellence since its inception.
John has been an active participant with the United States Secret Service North Texas Electronic Crimes Task Force since its inception in 2003. In addition, he is the founding president of the Federal Bureau of Investigation’s North Texas InfraGard Program. John is also a active member of the Information Systems Security Association (ISSA) and the Information Systems Audit and Control Association (ISACA). John holds the CISSP and CISA designations as well as being certified as an Information Technology Infrastructure Library (ITIL) Service Manager.
John was recently awarded the Information Security Executive (ISE) of Year Award for
the Central part of the United States by The Executive Network. He was also designated
a member of the 2012 class of the ComputerWorld Premier 100 IT Leaders. In February,
2013, John was named Chief Security Officer of the Year by SC Magazine.