Associate of Science, Embry-Riddle Aeronautical University
B.A., Indiaana University
CJ is a Managing Director at Aon’s Cyber Solutions, serving as a leader and expert in the areas of Cyber Risk Management, Architecture, Security, Incident Response, and Controls.
CJ has over 20 years of experience working with enterprise clients across various industry sectors, including Financial Services, Retail, Manufacturing, Healthcare, High-Tech, Transportation, Higher Education, Private Equity, and others.
CJ led and drove the growth of the Aon’s Cyber Solutions Security Advisory Practice, in addition to leading various strategic client accounts and engagements.
- Developed, implemented, and managed the Third Party Cyber Risk Management program for a global bank.
- Managed and executed various global compliance initiatives for various organizations and compliance matters, including NY DFS, NIST, HIPAA, and PCI-DSS.
- Served as an expert witness in contested and highly complex cyber security matters.
- Successfully managed the implementation of a consolidated compliance function in support of a GRC transformation project for a global bank based in the US.
- Managed the implementation of multiple security and PCI-DSS enhancements for a large national retailer in the US, including new solutions and controls for database security, multi-factor authentication, and threat & vulnerability management.
- Managed cyber risk remediation efforts for a new payment card product launch for US bank.
- Led and executed cybersecurity assessment and audit engagements for multiple financial services organizations.
- Directed the development of an information security strategy and roadmap for a global professional services organization, in consideration of their compliance objectives related to the ISO/IEC 27001/27002 standards.
- Conducted and supervised multiple SSAE 16 / SOC 2 / SAS 70 Type I and II engagements in the financial services sector for various service organizations.
- Developed and implemented a framework and methodology for the assessment, management, and remediation of information security risks for a global technology company.
- Managed and executed an enterprise-wide information security assessment program for a global manufacturing organization.