John Ochman
Details
Business Administration and Accounting & Finance
American InterContinental University
Sayreville War Memorial High School
PSEG
Manager, Information Security
Infrastructure Delivery & IT Engineering Leader for Cybersecurity Services at PSEG, a fortune 500 publically traded diversified energy company. Responsibilities include selecting, designing and implementing varied information security services such as Data Loss Prevention, SIEM, eMail protection, Single Sign On cloud services, encryption and other security related services as well as 3rd party team management.
2015 : 2019
PSEG
Infrastructure Delivery & IT Engineering Leader for Cybersecurity Services
Specialties include :
• Intellectual Property Protection
• PCI / HIPAA Compliance
• Threat Intelligence
• Malicious Behavior Detection
• Incident Management and Response
• Security Architecture
• Security Operations
• Disaster Recovery Services
• Setting Security Standards & Strategy
• Risk Management
• Contract Negotiation
• Database Security Management
• Project Management
• Business Impact Analysis
• Vendor Management
• Application Management
• Talent Management
2015 : 2015
Information Security Leader
Expertise in Security Operations, Data Loss Prevention, Breach Management, Incident Response
Security Operations Manager, 2009 – 2015
Established BD’s first Security Operations and Security Analytics service for an infrastructure spanning over 50 countries and 46,000+ employees. In charge of all aspects of talent selection, selection and implementation of security platforms, vendor contract negotiations as well as setup and management of outsourcing relationships. Highlights include :
• Implemented a comprehensive Data Protection Program for SAP that enabled the consolidation of global services onto existing US based ERP platforms. Project was nominated for Tech Exec Networks ISE 2012 Northeast Project of the Year.
• Deployed RSA Security Analytics across internal data centers which identified dozens of applications using basic LDAP lookups exposing thousands of UserID/Passwords on the network daily.
• Designed and implemented a global Data Loss Prevention Program that identified malicious activity and prevented the loss of tens of millions of dollars in sales revenue and Intellectual Property and resulted in the arrest and conviction of the threat actor.
• Served as the incident response leader of a yearlong remediation effort to remove an Advanced Persistent Threat from the internal network. This coordinated effort involved a project team of over 400 associates across multiple business units.
• Implemented and streamlined a global ArcSight SIEM landscape that reduced collected events-per-second by over 70% and positioned the tool to be the single pane of glass for the Security Operations Center.
• Strong vendor management and negotiation skills resulting in large discounts on maintenance renewals and new purchases including over $1MM in savings on a Symantec Data Loss Prevention license purchase.
• Outsourced Disaster Recovery Services to a 3rd party which enabled lowering recovery-time-objective by 24-48 hours and reduced the number of on-site employees required for each drill from ~30 to 2-3.
2009 : 2015
Becton, Dickinson and Company
Security Operations Manager
Managed data center operations, disaster recovery service and global server/application performance and availability monitoring for the company’s most critical IT services. Highlights include :
• Renegotiated and streamlined outsourced data center operations reducing annual service fees by over $3MM while improving service deliverables.
• Streamlined and reduced the total cost of ownership for server and application monitoring by consolidating and standardizing on a centralized BMC Patrol based solution that increased application availability by over 20% and enabled administrators across the globe to respond to real-time events.
• Improved operational processes by designing and driving the implementation of SolarWinds Orion for network monitoring allowing the retirement of HP OpenView while delivering dramatically improved service and reduced annual operational expenses.
• Streamlined and improved application administration transforming a patchwork of inconsistent IT services into a centralized SLA driven team that improved deployment times, application performance and systems availability.
• Formed a centralized database administration team that supplied consistent high availability, performance tuning and backups across multiple application landscapes.
2001 : 2009
Becton, Dickinson and Company
IT Operations Manager
Skills
Business Process Improvement, CISSP, Cloud Computing, Cross-functional Team Leadership, Databases, Disaster Recovery, Encryption Services, Enterprise Resource Planning (ERP), Enterprise Software, ERP, Information Security, Information Security Management, Information Technology, Integration, ITIL, IT Management, IT Strategy, Management, Networking, Process Improvement, Program Management, Project Management, Security, Servers, System Administration, Vendor Management
About
Business and technology focused Information Security Professional with a broad array of progressive experience across multiple IT and Information Security disciplines. A results driven individual with strengths in team building, financial planning and setting department goals that align with company objectives within complex global environments. Proven performance in delivering global Security Operations Services aligned with strategic business objectives while adhering to legal, regulatory and privacy requirements. Experienced with the detection and response to insider and external threats. Extensive track record of driving operational efficiencies and reducing operational expense.
John graduated Summa Cum Laude from American Intercontinental University with Bachelor’s Degrees in Business Management and Accounting & Finance. John also holds CISSP, GISP and GLEG certifications.
Profile Photo
