John Lazo

Professional Background

John Lazo is a remarkably equipped IT professional specializing in Compliance, Privacy, and Risk Management, with over 20 years of diverse experience in the information technology sector. John’s expertise is highlighted by a comprehensive background that includes serving as an Information Security Officer and IT Director, allowing him to leverage his profound technical prowess in IT Information Security, Governance, Risk Management, and Compliance Management. Throughout his career, he has maintained an unwavering focus on delivering bottom-line results, formulating business solutions that are both technologically advanced and tailored to meet the diverse needs of various organizations.

His current role as Senior Manager of Information Security & Privacy at Protiviti showcases his leadership abilities and his commitment to securing sensitive information while navigating complex compliance landscapes. Previously, he held the position of Manager - Security & Privacy at Protiviti, ensuring that organizational policies and practices adhered to established security standards and regulations. John has also made significant contributions as Vice President of Data Security at HIPAA One®, where he sharpened his focus on safeguarding patient data within the healthcare industry. His extensive experience further includes working as a Senior IT Security Consultant at Presage Solutions, LLC, and as an Information Security Consultant at LazoTEK Computer Solutions.

Leadership and Innovation

John’s journey is marked by a series of impactful roles. As an Information Technology Security Manager at PAYjr, Inc., he was responsible for guiding teams toward best practices in security and risk management. During his time as a Senior Systems Engineer at Networks Inc, he demonstrated his technical acumen by designing and implementing systems that strengthened the overall security posture of the organization. His versatility is further evidenced by a robust career in IT security management, which spans positions such as IT Security Manager at Paymentech Inc and Information Technology Consultant at Aerotek Professional Services.

Continuous Growth and Development

Beyond his solid career history, John’s trajectory exhibits a commitment to continuous professional development, as seen in his accumulation of numerous industry-recognized certifications. This remarkable array of qualifications includes the ISC2 Certified Information Systems Security Professional (CISSP) and the ISC2 Certified Cloud Security Professional (CCSP), both of which underscore his deep technical knowledge and extensive expertise in information security frameworks.

Education and Achievements

John Lazo's academic credentials are impressive, with both a Bachelor's and a Master's degree in Cybersecurity & Information Assurance from Western Governors University. This strong educational foundation has empowered him to tackle complex challenges in the realm of information security and risk management effectively.

Certifications and Accreditations

John’s academic achievements are complemented by a wealth of professional certifications that highlight his expansive skill set. Among his noteworthy credentials are the ISACA Certified Information Security Auditor (CISA) and the ISACA Certified Information Security Manager (CISM). These qualifications reflect his competency in auditing and managing security systems in accordance with industry standards. Additionally, John is a HITRUST Certified CSF Practitioner, establishing his expertise in healthcare data security frameworks.

His commitment to professional excellence is further illustrated by an impressive collection of certifications including:

• Certified Chief Information Security Officer (E - CISO)
• Certified Ethical Hacker (E - CEH)
• Certified Information Handler (E - CIH)
• Certified Encryption Specialist (E - CES)
• Certified Network Defense Architect (E - CNDA)
• Microsoft Certified Systems Engineer (MCSE)
• Cisco Certified Network Administrator (CCNA) and many others.

These certifications collectively demonstrate not only John's comprehensive understanding of IT security protocols and practices but also his dedication to remaining current with the latest trends and technologies in the field.

Achievements

In his extensive career, John Lazo has undertaken numerous projects and initiatives that have revolutionized the way organizations approach cybersecurity practices. His holistic view of information security encompasses not just technical implementations but also the critical aspects of compliance and risk management.

As a thought leader in the field of cybersecurity, John has continually championed innovative solutions that go beyond conventional frameworks. His role at Protiviti has involved overseeing strategic initiatives related to security, privacy, and the management of sensitive information—ensuring that organizations are not just compliant but also proactive in their approach to risk management.

Impact in the Industry

John’s influence extends beyond individual projects and roles; he has contributed to raising awareness and improving the standards of information security practices across the organizations he has worked with. As he interlinks technical expertise with compliance necessities, he plays a vital part in fostering a security-first culture within his teams and the broader organizations.

In addition to his technical achievements, John is also dedicated to the professional development of others in the field. As a training specialist, he passionately shares his knowledge with aspiring IT professionals, contributing to the growth of a more secure digital landscape.

As organizations face increasingly sophisticated threats, John Lazo stands out as a formidable figure committed to safeguarding information assets through rigorous, well-structured strategies that adapt to the ever-evolving security landscape.

His ability to synthesize complex technical information into actionable strategies not only highlights his expertise but also showcases his passion for empowering others in their cybersecurity journeys, making him an integral asset in the field of information assurance and risk management.