Executive Director Information Security at JPMorgan Chase & Co.

Paul Colnan

A proven Information Security professional with experience managing people, process and technology across a variety of industry sectors, with a focus on financial services.

With experience in the cyber security world consulting to some of the world's biggest brands, Paul engages with the business at board level to enable trusted secure commerce. With an ‘ethical hacker' background, he is able to address complex security challenges but is equally passionate about driving effective change through unambiguous leadership and communication.

Executive Director Information Security

CISO

With pragmatic experience delivering cyber security leadership to many industries in my previous role, I am now responsible for the Group-wide vision, strategy and execution of information security and assurance activities for all business units. Key to this is business and Board alignment through the fostering of authentic relationships throughout the business. Primary areas of focus are data security, compliance and process optimisation, whilst also understanding the real and perceived needs of the business.

Group CISO

As a passionate cyber security professional, I use my deep technical skill in penetration testing, vulnerability management and risk consultancy to lead the delivery of cyber security services. With a degree in Ethical Hacking and Network Security, Lead ISO27001 Implementer and QSTM (CTM) status, I have built experience and capability delivering cyber security programmes to world-class organisations.

Principal Consultant

•	Responsible for the strategy, planning and continuous improvement of new and current security technologies, procedures and processes 
•	Delivery of vulnerability audits and penetration assessments
•	Devised and delivered an enterprise-wide information security ‘Secure Behaviours’ programme 
•	Six Sigma champion within IT; whilst qualifying for black belt

Group IT Security Analyst

Multiple IT roles under the 2 year IT Graduate Scheme:

IT Manager (Jan 2013 - Dec 2013)

•	Responsible for all IT operations of a NSI Gold Cat-II NACOSS-accredited Alarm Receiving Centre (ARC), including support and technology implementation
•	Responsible for all IT supplier and contract management
•	Delivered a complete network refresh project, including implementation of Cisco networking and Checkpoint security products
•	Administrator of Microsoft Server, Unix, VMware and Checkpoint technologies
•	Deep technical understanding of CCTV and Alarm IP-based systems and software, including Sureview Immix and Monitor Sentinel platforms

Governance Manager (Jun 2012 - Dec 2012)

•	Supported a programme to licence an in-house developed SAP environment to a major automotive manufacturer 
•	Responsible for the project management of a COBIT implementation to support this work, which included self-assessment against the PAM framework and managing the required activities to bring processes to baseline standards. 
•	Achieved COBIT v5 Foundation

Practitioner Development Programme (Mar 2012 - Jun 2012)

•	Intensive Lean training intervention which resulted in achievement of Level 3 Unipart Way, then implementing this knowledge to increase manufacturing line productivity by 37% over an 18 month period
•	Completed Personal Impact & Presence 2-day training course

IT Shared Services Graduate (Sep 2011 - Mar 2012)

•	Developed understanding of IT management within a federated business model 
•	Gained experience in the management of an enterprise WAN environment, including multiple sites connected using MPLS technologies
•	Responsible for review of the IT Site Audit process and implemented a self-assessed model
•	Qualified as PRINCE2 Practitioner and ITIL v3 Foundation