Jack Nichelson
Education:
Executive Master of Business Administration (MBA)
Systems approach to executive management
Baldwin Wallace University
2012 : 2014
Leadership
Organizational Leadership
FBI Citizens' Academy
2012 : 2012
B.S.A.S.
Computer Information Systems and Business Administration
Youngstown State University
1997 : 2003
Experience:
Inversion6 is a cybersecurity risk management provider that offers custom security solutions. We work alongside companies to offer a full suite of information security services and solutions that help define cyber security strategy, identify and remediate threats and risks, select and deploy the right technology, and prepare and protect you from malicious attacks. From fractional CISOs to a full service MSSP, Inversion6 partners with you to Eliminate Reactive and protect your business against threats.
2018 : Present
Inversion6
Chief Information Security Officer
Reporting to the CIO and partnering with other IT directors we develop and execute the IT strategic plan for Medical Mutual. I am accountable for the availability, performance and security of the following environments : mainframe, servers, workstations, network, telecommunications, and security.
• Developed 2020 strategic plan to move the company Datacenter to a CoLo Datacenter lowering operating costs, improving disaster recovery and refreshing the server and storage hardware to converged infrastructure.
• As part of the 2020 strategic plan 6 major software applications (Windows 7, Windows 2008, SharePoint 2013, Exchange 2013, Office 2010, and System Center 2012) where identified to be upgraded or moved to cloud services. Developed plan to migrate 2,700 users over to Office 365 before the Datacenter move to lessen impact of move.
• Created a Work from Anywhere strategy to improve the availability, performance and security of our remote access solutions and ensure our workforce and call center could easily move between offices and home.
• Formed a vulnerability management team that closed over 55,000 critical & high vulnerabilities in the first 6 months and completely redesigned the patching process to now deploy patches to 98% of the Windows environment in 30 days with better testing and more automation to reduce manual effort spent each month.
2017 : 2018
Medical Mutual
Director, IT Infrastructure & Engineering
Serve on the senior leadership team assisting the CIO in developing the strategic plan for Chart’s global IT infrastructure and security controls. This includes budget forecasting, resource procurement, staffing decisions, merger integration and system/application implementations to align our strategic plans to the company mission. Accountable for the maturity and enterprise-wide operation of all servers, workstations, telecommunications, and risk management program.
• Designated Information Security Officer responsible for the security protection strategy and programs for protecting intellectual property and regulatory data that includes PII, HIPAA, PCI, Safe Harbor and ITAR.
• Develop 3-year strategic plan and Business Continuity Program with help from my team of 4 managers, 5 individual contributors and 15 site administrators that architect, implement and administer the IT infrastructure and security used enterprise-wide across 43 locations. Administer an annual $14M budget including both OPEX & CAPEX with 5-year forecasting.
• In 2014, Chart was in the bottom 20% of companies for security maturity based on the number of reported security incidents by BitSight and after implementing a metrics scorecard we ended 2016 in the top 10% of peer companies.
• Part of a team responsible for $7M (2014-2016) of cost avoidance and savings through better vendor management and effective negotiations using the Karrass Negotiation method. Implemented a new procurement management process to ensure that we are receiving proper discounts and competitive bids and created vendor calendar to track fiscal year-ends to plan optimal technology spends to maximize discounts.
• Successfully renegotiated Microsoft Enterprise Agreement (EA), and Level 3 MPLS Telecommunication agreement for a total value of new contracts $3.4 million and saved over $500k per year. These new agreements included the enablement of new services such as Office 365 and Microsoft Azure.
2014 : 2017
Chart Industries, Inc.
Director, IT Infrastructure & Security
Coach and mentor students; provided a real-life learning environment conducive to working adult learners. Classes instructed include Cisco CCNA, CCNA Security, CCNP, CCVP – CompTIA Network+, Security+ and Convergence+
2011 : 2017
The Sage Group
Senior Adjunct Instructor
Recruited to develop the information security and data privacy program under the CIO. Built the vision and executed strategy for the security program. Set the policy, and define risk mitigation projects to secure all corporate assets, intellectual property, and regulatory controlled data, balancing risk with ensuring user convenience. Respected agent for change across the enterprise that enhanced projects, managed budgets and resources to deliver on the vision of a security aware culture.
• Recognized as one of the “People Who Made a Difference in Security in 2013” by the SANS Institute for setting an example that others could follow to reduce the occurrence and severity of information security incidents.
• Prepared and drove adoption of international security and privacy standards and controls to manage data protection across people, process, and technologies based on ISO 27001.
• Implemented an enterprise vulnerability management program.
• Developed a computer security incident response team and a global cyber security awareness program.
• Reduced malware infections by 60% and the need for reimaging systems by 80% through a metrics driven approach to reduce the attack surface of our workstations and servers.
• Developed and delivered training across the organization on security and data privacy through a combination of in person training, online training, and email awareness campaigns.
2010 : 2014
GrafTech International
Director of Global Information Security
Company: Inversion6
Years of Experience: 29
Experienced Chief Information Security Officer (CISO) and Technology Executive with extensive experience leading the transformation and management of information security, IT infrastructure, data management and cloud services for organizations across diverse industry verticals- inclusive of Manufacturing, financial, health care, and government. I have proven ability to establish and align on vision, build high performing teams while partnering with business leaders to drive execution across global organizations. I’m consistent in delivering solutions that balance risk, business realities, and operational impacts while communicating in a way that senior engineers, development teams and business leaders understand.
Awards and Accomplishments:
★ Winner of CSO Magazine's CSO50 Security Innovation Award in 2014 for connecting security initiatives to business value. ★
★ Recognized as one of the “People Who Made a Difference in Security in 2013” by the SANS Institute for setting an example other could follow to reduce the occurrence and severity of information security incidents. ★
Certifications:
CISSP | CRISC | GSLC | GCIH | CCNP | VCP
Specialties:
Enterprise Risk Management | Governance | Risk and Compliance | Vulnerability Management & Compliance | Global Security Policies & Procedures | Security Awareness | Incident Response | Privacy Law | Safe Harbor | ISO 27001 | Vendor Management | Lean Six Sigma Green Belt | Budget Management | Project Management | Strategy Development & Execution | Training & Mentoring | Talent Management | Network Security | Contract Negotiations | Global Security Policies & Procedures | Previous DoD Top Secret Clearance (TS-SCI)