John Ossawy

Lead Senior Security Engineer focused on improving security outcomes across the company. Operating at the front line of risk to identify vulnerabilities and threats and collaborate cross-functionally across the organisation to implement defences.

I've led critical security initiatives, conducting 246 Application Security Design Reviews using frameworks like CIS, NIST, and OWASP. My focus on enhancing security and managing third-party penetration tests has significantly bolstered our security posture. I've played a pivotal role in vulnerability management and cloud controls, contributing to the successful attainment of SOC2/PCI compliance in 2021/2022/2023.

Team Lead for IT Security, managing 15 Security Engineers in EMEA & APAC for the world's largest inter-dealer broker. During my tenure, I was instrumental in elevating TPICAP's security posture, leading significant projects and directly contributing to our robust cybersecurity operations and reporting to the CISO as part of the Senior Security Leadership Team.

I reprioritised Incident Response protocols, implementing sophisticated DLP controls with Azure Information Protection and Clearswift DLP. My leadership in deploying advanced SaaS security solutions like Trend ApexOne, Qualys, Symantec MSS, and Thycotic Secret Server Cloud significantly enhanced endpoint protection, vulnerability management, SIEM, and IAM/PAM systems.

Belfast Lead for Cyber Defense Engineering & Operations Team reporting to Global Information Security Department operating across AMER, EMEA & APAC. My leadership in the Belfast CDEO team's included recruiting key talent and enhancing team visibility company-wide. I played a central role in ensuring the security and monitoring of 18 critical applications. As a subject matter expert in Data Access Management, I oversaw the security of over 900 databases.

My initiatives in disaster recovery and automation significantly improved operational efficiency, with a 40% reduction in post-DR check times. I also led incident response coordination and a seamless year-long technology refresh program, ensuring continuous business operations without disruptions.

Started my career at Fujitsu through their Graduate programme and progressed to a permanent position as a Security Engineer II. My commitment to excellence and meticulous attention to detail further propelled my progression to a Senior Security Engineer position.

Functioned as the SME for endpoint security, adeptly managing over 250,000 endpoints across various contracts. A highlight of my tenure includes successfully mitigating a critical WannaCry ransomware attack within the Northern Ireland Libraries network, showcasing my proficiency in crisis management and cybersecurity resilience.