Principal Advisory Director
About Jonathan Nelson
Jon Nelson is a Principal Advisory Director in the Security & Privacy practice. A seasoned security professional, Jon is passionate about helping clients improve their security practices and capabilities.
Jon has over 25 years of experience in IT and cybersecurity, primarily within the fintech industry. Most recently Jon served as an Information Security Risk Officer for a Fortune 500 Fintech responsible for core banking and payment systems, moving trillions of dollars each day. In this role Jon led a team of risk managers and analysts responsible for vulnerability management, governance, app sec assurance and enterprise architecture.
Jon has also been tasked to lead an app sec red team that employed shift-left principles such as Threat Modeling, Abuse Case Development, and STRIDE methodology to software lifecycle development. This team was also responsible for app sec fundamentals such as Static Analysis Security Testing (SAST), Dynamic Analysis Security Testing (DAST), Open Source Security Testing (OSST), and Manual Application Security Testing (MAST).
With more than two decades dedicated to the field of IT security Jon has knowledge of a wide range of security measures, ranging from traditional layer 3 firewalls to Web Application Firewalls (WAF), Data Loss Prevention (DLP) systems, and Database Activity Monitoring (DAM) solutions. His adeptness at integrating these technologies into cohesive security frameworks has consistently yielded measurable improvements for the organizations he has served.
Jon also has experience navigating complex compliance landscapes including PCI and GLBA, ensuring organizations adherence to industry standards. His expertise also extends to privacy topics, enabling organizations to navigate data protection regulations.
Jon holds security certifications including Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH) as well as a Bachelor of Science degree from Nebraska Wesleyan University.