John Annen

An experienced and insightful leader in information security who will make your company safer.

Milwaukee, WI, United States

Details

Experience: Experienced expert in executive level information security issues available to help your company safer.

2018 : Present

Independent Consultant

Executive Information Security Expert

I took a break from my career to care for loved ones with chronic illnesses and disabilities.

2016 : 2017

Family Leave

Career Break / Full Time Caregiver

Key Achievements

Substantially improved the visibility of and respect for the Information Security Role

Lead project to design security strategy process, including development of strategic plan

Designed security incident response process

Designed firewall management policy and process in cooperation with network security team

Conducted multiple high profile internal investigations

Summary of Duties

Management of information security for northern Europe and global HQ

Lead a matrix organization of 23 information security officers from Schindler Group companies

Senior adviser to the Group Information Security Officer on security strategy

Management of strategic security projects

Advise global project teams on security issues

Design and implement global security processes and policies

Design security architecture in cooperation with technical teams

Analyze proposed changes to the security infrastructure for risk and compliance

Perform in depth security audits of Schindler Group companies and services

2009 : 2016

Schindler

Zone Information Security Officer - Europe North

Key Achievements

Reduced security related critical audit findings by approximately 70%

Transferred day-to-day operational security to line organizations, resulting in substantial increase in effectiveness and efficiency

Reduced serious malware outbreaks from 2 per year to 1 in 5 years

Summary of Duties

Coordinate and implement IT security policies and initiatives

Subject matter expert and internal consultant to management, project teams, IT operations, development, legal department, customer support and business teams on all aspects of IT security

Write, maintain and implement IT security policies and procedures in accordance with business strategy

Primary contact point on IT security issues for employees, contractors and external companies and agencies

Lead investigations into IT security incidents

Evaluate new security vulnerabilities, changes in law and other external developments for relevance to company’s IT security posture

Coordinate external IT audits and external penetration tests

Track and coordinate mitigation of IT security risks and vulnerabilities

Manage strategic vendor relationships

Chair the standing IT security council

2001 : 2009

SWX Swiss Exchange

Head of Information Security

Key Achievements

Member of three-person hardware and network design team that designed and implemented major Internet infrastructure overhaul, including full redundancy of all components, multi-layer border security, state-preserving firewall fail over, load balancing and reverse proxy servers

Designed innovative firewall infrastructure, which resulted in enhanced security, while realizing substantially reduced capital and operational costs compared to conventional design

Installed and configured approximately 80% of UNIX infrastructure for new exchange in London

Summary of Duties

Lead administrator and top level support for firewalls, Internet connectivity and storage management

Responsible for hands-on operation, troubleshooting, etc. of several firewalls, email gateways, Web proxies, and central virus scanners

Investigate virus outbreaks and other security events in support of the Head of IT Security

Active member of standing IT security coordination council

1999 : 2001

SWX Swiss Exchange

Senior System Administrator, UNIX / Firewall / Internet

Company: Independent Consultant

Spoken Language: English, German

About

Specialty Areas: Information Security, Security Strategy, Data Privacy, Incident Response and Investigations, SOC, Leadership, Security Architecture, IT Governance, Risk Management, Security Audit, Business Continuity Planning, IT Operations, Security in Cloud Services and Outsourcing

- More than 25 years of IT experience in complex environments

- Leadership in a global, matrix organization

- Focus on business and the human element in IT

- Outstanding analytical ability

- A visionary and strategic thinker

- Strong written and spoken communication skills in English (native language) and German (fluent) with presentation expertise in both

- Effective in presenting complicated technical and non-technical issues to audiences at all levels of the corporate hierarchy and with all levels of technical understanding

- Experience with ISO 27001 and many other standards, regulations and best practices

- Bachelor of Science Degree in Mathematics

- 8 years experience in Manufacturing / Aerospace

- 10 years experience in International Financial Services

- Professional Experience in Government, Higher Education and Healthcare