Meet the Resiliam Team

Michael Johnson


Resiliam’s founder and Managing Member, Michael Johnson has more than thirty years of experience in the security field. Mike, an expert in ISO frameworks, particularly ISO 27001, founded Resiliam (under its former name, Security GRC2) after a 19-year career with the New York region’s leading provider of organizational security services. There, he had executive-level responsibility for marketing, sales, and management, and oversaw a full range of outsourced security services, from information/computer security to uniformed security officers. During that time, Mike also spent five years building a large security operation in the metropolitan New York City area, servicing the security needs of the region’s leading pharmaceutical, commercial real estate, financial services, accounting and law firms.

Over the course of his career as a security professional, Mike has been involved in over 65 ISO engagements and in excess of 200 audits. With a wealth of experience and expertise in all fourteen domains of ISO/IEC 27001:2013, Mike also holds a Masters in Business Administration (MBA) and Masters of Science in Information Assurance (MSIA).


David White


David brings over fifteen years of management consulting experience to the Resiliam team. Prior to joining Resiliam, he served in leadership roles at two strategy consultancies operating in the financial services industry. In those positions, David advised management at top global investment banks, commercial banks, and asset managers on business and sales strategy, new product development, pricing optimization, institutional relationship management, competitive benchmarking, and brand strategy. David graduated Phi Beta Kappa, with Highest Honors, from Princeton University.


Michael (Mike) Jennings


Mike has more than 26 years of Business Continuity Management System (BCMS) and risk management experience and has worked extensively with clients globally on their BCM programs. He has held senior and executive level management and consulting roles with JLT Specialty, RSM, Brocade Communications, Strohl Systems and Iron Mountain. Additionally, Mike spent many years as the Business Continuity and Disaster Readiness executive for a large health insurance plan in New England.

He is an adjunct professor at Boston University teaching BCM and ERM at a Masters level and is a founding member of Continuity Insights Magazine’s Editorial Advisory Board. Mike is a past Chairman of the Emergency Preparedness Committee for Boston’s Medical, Academic and Scientific Organization. He holds a BA from Norwich University and a Master’s Degree (MS) in Business Continuity, Risk Management, and Security from Boston University.


Alan Sawchak

Senior Consultant MBCP, AFBCI, CORM, ARM, ISO 22301 Lead Auditor, CIS LI

Al is an accomplished business continuity and risk management professional. He has earned the Master Business Continuity Professional (MBCP) designation from the Disaster Recovery Institute International and is an Associate Fellow of the Business Continuity Institute (AFBCI). He is also a Certified Organizational Resilience Manager (CORM) at the International Consortium for Organizational Resilience, where he serves on the Board of Directors. Mr. Sawchak’s career has included positions with a global insurance company and in Strohl and SunGard’s consulting practices, and he most recently served as the Business Continuity Specialist at Duquesne Light. He authored an article published by Forbes entitled “Social Media’s Role in Disaster Response Improves Overall Organizational Resiliency.”


Lee Colón

Project Manager CIS LA, CAPM

Lee has over twenty years corporate experience in diverse industries including Management Consulting, Financial Services and Academic Publishing. As Resiliam’s Project Management specialist and Office Manager, Lee focuses on business operations, client management, vendor relations, invoicing and office administration.  Lee holds a Bachelor of Arts degree from Skidmore College.


Antonio Saratan

Senior Consultant MPA, ISC2 Associate (CISSP), GDPR P, CCSFP

Antonio Pruett-Saratan II has 15 years of experience in Information Technology and data analysis, spanning the legal, automotive, cellular and mental health industries. He has been responsible for an ISO 27001 Information Security Management System and has specialized in the implementation and maintenance of information security frameworks such as ISO 27001, NIST 800-53, NIST 800-171 and the HITRUST Common Security Framework. He has run for public office, contributed to white papers at the University of Pennsylvania and written applications in VBA, T-SQL and .NET. He has experience in business and machine data analytics and a significant amount of technical experience including managing domains, endpoint configuration and application development. Antonio has a BA in Political Science and a Masters in Public Administration. He is an ISC2 Associate, Certified Common Security Framework Practitioner and Certified GDPR Practitioner.


Paul Johnson

Senior Consultant CCSFP, CIS LI

Paul Johnson leads Resiliam’s healthcare and HITRUST Assessors practice, leveraging his 20+ years of healthcare IT and Information Security leadership experience. He’s served as the senior IT executive in leading healthcare service and analytics firms including Health Dialog, Best Doctors and ISO Claims Partners. In these roles, Paul was responsible for all aspects of IT including information security, HIPAA compliance, software development, technology operations, and strategy for these high-growth healthcare organizations. His experience ranges from consulting on information security to operations management and business development activities in the US and Europe. Aside from healthcare, Paul has also held leadership roles in a large SaaS provider to the automotive industry, where he was responsible for corporate operations, information security and PCI compliance. Paul holds a BA from Tufts University in Economics and Psychology and an MBA from Northeastern University’s High Tech MBA Program.