Resume

John Allman


Chief Information Security Officer; MBA-IT; CISSP
27 Years of IT Experience; 19 years of Management Experience
john.allman@tuxinternet.com
https://www.linkedin.com/in/j-allman/

Summary

Motivated and dynamic member of executive leadership with a proven record of managing projects from concept to completion, generating and building relationships, and coaching individuals to success. Skilled in building and supporting cross-functional teams in an international environment and making critical decisions during challenges. Adaptable and transformational leader with an ability to work independently, creating effective presentations, and developing opportunities that further establish organizational goals.

Highlights

  • International Business
  • Executive Leadership
  • Strategy and Planning
  • Risk Management
  • Board Presentations
  • Budgeting
  • Strategic Planning
  • Team and Relationship Building
  • Change Management
  • Cybersecurity

Previous Job Experience

Community Loans of America and Malnik Properties
Chief Information Security Officer
November 2016 – Current
Roswell, GA; London, UK; Salt Lake City, UT; Miami, FL; Chicago, IL

Malnik properties is an international commercial banking environment consisting of four companies in both the US and UK. The largest, Community Loans of America, processes loans out of 800 physical locations around the US, and most recently, online.  With these new products came the need for more security. With my strong security background, I was asked to create and develop a security team for Community Loans of America and Injury Care Solutions.

  • Direct report to CIO, managed up to thirteen staff and three managers.
  • Designed, built, and implemented the information security department.
  • Responsible for 4 separate companies 800+ locations in the US and UK: Community Loans of America (Atlanta, Ga), Next Wave Lending (Miami, Fl), Injury Care Solutions (Salt Lake City, Ut), Loans 2 Go (London, UK)
  • Responsible for weekly state of business update presentations with Board of Directors, CFO and CIO setting short- and long-term strategic priorities.
  • Lead compliance efforts for PCI DSS, EI3PA, HIPAA, NIST, ISO, GDPR, CCPA, and others
  • Designed systems for Vulnerability Management, Data Protection, classification, and Risk management.
  • Designed Disaster Recovery facility for increased business continuity.
  • Managed annualized budget of up to 11.4 Million.
  • Managed onsite systems as well as private and public cloud including Google Cloud and AWS
  • Redesigned colocation facilities saving 1.5 million per year.
  • Redesigned development pipeline through to production through policy and procedural enforcement
  • Set up Risk Management teams and policies.
  • Wrote all security strategy, policies and guidelines using common frameworks CBK, OWASP and ITIL

Intercontinental Exchange/New York Stock Exchange
Contract Security Engineer, Monitoring and Metrics
January 2015 – October 2016
Atlanta, GA; New York, NY

Intercontinental Exchange (ICE) Owns multiple trading systems throughout the world including the New York Stock Exchange. I worked as a contractor to develop a new active monitoring system to compliment the passive system they had in place. I designed and built all aspects of the system then trained their security department on its use. It is the current and now most important monitoring they have. Along with it I created a metrics system available to senior leadership.

  • Individual contributor working as an Engineer.
  • Created a graphing metrics system for use by the executive team at ICE.
  • Designed risk reporting and metrics specifically for NYSE.

Vonage Business (Vocalocity)
Manager, Security – Monitoring and Metrics
October 2013 – January 2015
Atlanta, GA

Vonage is a telephony company. They acquired Vocalocity to add business phone service to their offering. Additionally, Vonage residential had no cloud or virtualization where Vocalocity was completely AWS cloud based. I was brought on to manage their security team of two individuals. My responsibilities also included training and migration with the new company.

  • Managed team of 2, reported to the IT Director.
  • Managed communications between monitoring, security, networking, and automation
  • During purchase of Vocalocity oversaw documentation and training of new department members as well as adaption of software and systems to AWS.
  • Created Gantt chart structure while rolling out scrum management framework.
  • Successfully managed the implementation of IDS/IPS and SIEM.
  • Collaborated with the director of security in helping model corporate governance rollout.

Vendormate (now GHX)
Director of Engineering
August 2010 – September 2013
Atlanta, GA

Vendormate is a healthcare services company adding security and efficiency to medical facilities. As a senior manager my team was responsible for product implementations, software, network, and servers. We designed the technology for a company starting from $15 million to being sold for over $220 million in only 3 years. Vendormate was 20% AWS, upon their acquisition they have moved to 100%

  • Managed and hired a team of 6 members, 3 domestic and 3 in India, reported to the VP of IT
  • Managed work and projects on a framework half internal and half AWS cloud based.
  • Planned, budgeted, and implemented DR structure from day zero including facility and planning.
  • Collaborated with the VP of IT and Director of Internal IT to move the entire business’s physical location to a temporary location for 6 weeks then back to our original facility.
  • Created, budgeted, and managed a project to move colocation facilities for all private cloud hardware.
  • Managed multiple projects to implement open-source software including git, NAGIOS, Graphite and KVM
  • Worked with software engineering to implement clusters for Hadoop, Elasticsearch and Mongodb
  • Hired and managed engineering teams in the US and India

Consolidated Resource Imaging (CRI)
Security Consultant
February 2010 – August 2010
Tikrit, Iraq

Computer security service in Iraq for the Department of Defense. More details provided upon request and approval from DoD.

  • Experience with DoD Information Assurance (IA) policies and procedures.
  • Experience creating DOD RMF packages and associated work products.

Cox Communications
Director of Information Technology
November 2002 – January 2004
Atlanta, GA

  • Managed team of 7; reported to senior manager.
  • Handled vendor relations for 3ed party hardware and software, the largest of whom was Juniper
  • Managed finances for projects with budgets as large as $1 billion
  • Created software removing human error from firewall rules. Implemented on over 200 firewalls
  • Managed collaborative trip to New Orleans after hurricane Katrina to restore 911 service.
  • Managed relationships with the NSA and other agencies.
  • Wrote governance and communications documentation to maintain relationships.
  • Used of 6 Sigma to manage work of software developers,

Stayonline
Director of Information Technology
November 2002 – January 2004
Atlanta, GA

Scientific Atlanta
Network Administrator/ Encryption Specialist
January 2001 – November 2002
Lawrenceville, GA

Cammunity.com
Director of IT
April 2000 – October 2000
Atlanta, GA

HomeCom.com
Manager Unix Systems and Security
January 1999 – April 2000
Atlanta, GA

Bax Global Logistics
Systems Administrator
October 1997-December 1998
Atlanta, GA

Sales Technologies
Systems Administrator
July 1997- October 1997
Atlanta, GA

Whole World Theatre
Technical Director
August 1996 – July 1997
Atlanta, GA

Target Response Systems
Systems Administrator
July 1996 – March 1997
Cumming, GA

InHealth Records Systems
Unix Systems and Security Administrator
March 1994 – July 1996
Norcross, GA

Education

Western Governors University
Salt Lake City, UT
Masters of Business in Information Technology
February 2021

Western Governors University
Salt Lake City, UT
Bachelor of Science in Cybersecurity
October 2020

Southern Technical College (Now Defunct)
Marietta, GA
Bachelor of Science in Artificial Intelligence
July 1995

Certifications and Awards

EC-Council Certified Incident Handler (ECIH)
September 2020

CIW Web Security Associate
June 2020

CompTIA Network+
February 2020

CompTIA A+
January 2020

AXELOS IT Service Management (ITIL)
December 2019

ISC2 Certified Information Systems Security Professional (CISSP)
March 2002
May 2018

CompTIA Security+
March 2010

CompTIA Linux+
March 2010

Eagle Scout
March 1992