Meet the Resiliam Team

Michael Johnson

Managing Member MBA, MSIA, CISSP, ISO 27001 LA, C GDPR P, CIPP/E, CIPM, CIPT, ISO 27701 Lead Implementer

Resiliam’s founder and Managing Member, Michael Johnson has more than thirty years of experience in the security field. Mike, an expert in ISO frameworks, particularly ISO 27001, founded Resiliam (under its former name, Security GRC2) after a 19-year career with the New York region’s leading provider of organizational security services. There, he had executive-level responsibility for marketing, sales, and management, and oversaw a full range of outsourced security services, from information/computer security to uniformed security officers. During that time, Mike also spent five years building a large security operation in the metropolitan New York City area, servicing the security needs of the region’s leading pharmaceutical, commercial real estate, financial services, accounting and law firms.

Over the course of his career as a security professional, Mike has been involved in nearly 100 ISO engagements and in excess of 400 audits. With a wealth of experience and expertise in all fourteen domains of ISO/IEC 27001:2013 and ISO 27701:2019, Mike also holds a Masters in Business Administration (MBA) and Masters of Science in Information Assurance (MSIA).

Contact: (917) 942-8771 or via email

David White


David brings over fifteen years of management consulting experience to the Resiliam team. Prior to joining Resiliam, he served in leadership roles at two strategy consultancies operating in the financial services industry. In those positions, David advised management at top global investment banks, commercial banks, and asset managers on business and sales strategy, new product development, pricing optimization, institutional relationship management, competitive benchmarking, and brand strategy. David graduated Phi Beta Kappa, with Highest Honors, from Princeton University.

Contact: (917) 942-8772 or via email

Paul Johnson


Paul Johnson leads Resiliam’s healthcare and HITRUST Assessors practice, leveraging his 20+ years of healthcare IT and Information Security leadership experience. He’s served as the senior IT executive in leading healthcare service and analytics firms including Health Dialog, Best Doctors and ISO Claims Partners. In these roles, Paul was responsible for all aspects of IT including information security, HIPAA compliance, software development, technology operations, and strategy for these high-growth healthcare organizations. His experience ranges from consulting on information security to operations management and business development activities in the US and Europe. Aside from healthcare, Paul has also held leadership roles in a large SaaS provider to the automotive industry, where he was responsible for corporate operations, information security and PCI compliance. Paul holds a BA from Tufts University in Economics and Psychology and an MBA from Northeastern University’s High Tech Program.

Contact: (917) 942-8780 or via email

Paul Kirvan

Senior Consultant CISA, FBCI

Paul Kirvan is an experienced business continuity, risk management, GRC and IT audit professional. He has earned the Fellow of the Business Continuity Institute (FBCI) designation and is also a Certified Information Systems Auditor (CISA) with the Information Systems Audit and control Association (ISACA). Paul’s career has included positions with Marsh & McLennan’s risk consulting practice and Senior Manager and BC Advisory Services Program Leader with Prevalent Networks, LLC. He has authored dozens of articles for various TechTarget web sites and has served on boards of directors for several professional organizations.

Contact: (917) 942-8776 or via email

Alex Rudolph

Consultant CIS LI, CSX, ISO 27701 Lead Implementer

Alex has over 4 years of technology risk consulting experience. Prior to joining Resiliam, he served in a senior consultant role at a global leader in technology risk advisory services. Alex has advised management in achieving technology risk compliance with Sarbanes Oxley for industry leaders in the telecommunications, technology and life sciences sectors. In this position, he assisted management in identifying and remediating unaddressed risks in their information technology environments. Alex holds a Bachelor of Science in Business Administration from Boston College, with concentrations in Finance and Information Systems.

Contact: (917) 942-8775 or via email

Damian del Rio

Consultant CIPP/E, CIPT, CIPM, ISO 27701 Lead Implementer

Having worked in the IT Governance field for over 12 years, Damian has a diverse blend of skills comprising information security, data privacy, cybersecurity, ERP implementation, IT audit and regulatory compliance. As a Certified Information Systems Auditor (CISA), he performed numerous internal and external audits related to the governance, control, and security of information technology. Damian is also well versed in global data privacy regulations and consistently monitors developments in jurisdictions around the globe, including the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Throughout his career, Mr. del Rio has worked for PwC, Verizon, Deloitte, Myspace and Sempra Energy. He holds a B.S. Business Administration (Information Systems and Operations Management) from the University of Southern California.

Contact: (917) 942-8766 or via email

Lee Colón

Project Manager PMP, CIS LA, C GDPR P, CCSFP

Lee has over twenty years corporate experience in diverse industries including Management Consulting, Financial Services and Academic Publishing. As Resiliam’s Project Management specialist and Office Manager, Lee focuses on business operations, client management, vendor relations, invoicing and office administration.  Lee holds a Bachelor of Arts degree from Skidmore College.

Contact: (917) 942-8774 or via email