Jon Kadunc, Cism Cdpse
About Jon Kadunc, Cism Cdpse
Jon Kadunc serves as the Director of Identity & Access Management at Thomson Reuters, where he has worked since 2021. With extensive experience in various management roles at Thomson Reuters and Thomson Financial, he has implemented significant security and governance initiatives across cloud platforms and identity management.
Work at Thomson Reuters
Jon Kadunc has been serving as the Director of Identity & Access Management at Thomson Reuters since 2021. In this role, he has focused on transforming the Identity organization by employing agile security operations methodologies to address regulatory and risk requirements. Prior to his current position, he held several managerial roles within the company, including Manager of Identity & Access Management from 2017 to 2021, Manager of Platform Security & SLA Compliance from 2014 to 2017, and Manager of Performance Engineering from 2009 to 2014. His extensive experience at Thomson Reuters has contributed to significant advancements in identity management and security operations.
Education and Expertise
Jon Kadunc holds certifications in CISM (Certified Information Security Manager) and CDPSE (Certified Data Privacy Solutions Engineer). His educational background and professional certifications underscore his expertise in information security and data privacy. This knowledge has been instrumental in his roles at Thomson Reuters, where he has implemented various security programs and governance initiatives.
Background
Before joining Thomson Reuters, Jon Kadunc worked at Thomson Financial as an Associate Manager in Performance Engineering from 2005 to 2009. His career in performance engineering laid the foundation for his subsequent roles in security and identity management. His experience spans over 18 years in the technology and security sectors, with a strong focus on identity and access management.
Achievements
During his tenure at Thomson Reuters, Jon Kadunc has led several initiatives that have enhanced the organization's security posture. He implemented a Cloud Governance program that facilitated governed access to enterprise cloud resources across major platforms, including AWS, Azure, Google Cloud, and Oracle Cloud. He also coordinated efforts to improve self-service user experience for account management, significantly reducing help desk costs. Additionally, he completed a NIST 800-53 IAM requirements assessment and initiated a remediation program, further strengthening the organization's compliance and security measures.
Projects and Initiatives
Jon Kadunc has spearheaded various projects aimed at improving identity management and security operations. He launched an Identity Protection and IAM Controls expansion program to address critical issues such as multi-factor authentication non-registration and network inactivity. He also improved the internal identity master data management solution by eliminating PII attributes to mitigate exfiltration risks. Furthermore, he automated the enterprise-wide SOX server access control certification process, covering over 5,000 hosts and 70 applications, which was completed on time and under budget.