Illinois’ software sector includes public SaaS companies, enterprise platforms, digital infrastructure businesses, and fast-scaling technology organizations that depend on security to support product growth and customer trust. The leaders in this feature reflect that mix. Their backgrounds span enterprise IT, compliance, cloud engineering, SaaS security, governance, and security program building inside companies where software delivery, platform reliability, and customer assurance all matter.
John Colburn — Vice President of IT, Security, and Compliance, Sprout Social
John Colburn serves as vice president of IT, security, and compliance at Sprout Social, where he effectively operates across both CIO- and CISO-level responsibilities. His remit spans enterprise security, IT operations, governance, risk and compliance, business systems, automation and AI, and Salesforce engineering. That scope stands out in a software company environment, where security leadership increasingly overlaps with broader platform and internal technology decisions rather than sitting in a narrow control function.
Before joining Sprout Social, Colburn held technology leadership roles at Morningstar and Time Out America. At Morningstar, he oversaw corporate systems and helped lead major cloud and productivity modernization work, including Office 365 and Azure AD migration. That blend of enterprise systems leadership and security program development gives him a profile shaped by transformation as much as defense, which makes him a strong fit for an Illinois software feature.
Jay Friedman — Chief Information Security Officer, project44
Jay Friedman is chief information security officer at project44, where he built a global security program for a rapidly growing SaaS company. His profile emphasizes pragmatic, risk-based leadership across information security functions, with responsibility for enabling growth while building trust with customers and prospects. He also led the company to first-time SOC 2, ISO 27001, and TISAX compliance milestones, an important achievement for a software business operating at scale with enterprise customers.
Friedman’s earlier roles at Paylocity, Maclear, Discover Financial Services, the University of Phoenix, Zurich, JPMorgan Chase, and Crowe reflect a career that combines application security, IT forensics, risk, and governance. That background gives him both technical and programmatic depth. In the software sector, where security leaders often need to translate controls into customer confidence and business velocity, that kind of experience is especially valuable.
Mitch Hood — Chief Information Security Officer, bswift
Mitch Hood is chief information security officer at bswift, where he also leads cloud engineering and digital workforce technology. His role reflects the way software and platform companies increasingly connect information security with infrastructure modernization and digital enablement. At bswift, his focus includes safeguarding systems and data while supporting a resilient and agile technology environment, which aligns closely with the demands of a modern software-driven business.
Earlier in his career, Hood served as VP of product and technology and CISO at Paylocity, where he led teams across infrastructure, systems, network, databases, storage, DevOps, SRE, cyber threat analysis, and penetration testing. He also held senior operations leadership roles at CVS Caremark, Aon, Hewitt, Sportvision, and Sears. That breadth gives him one of the more operations-heavy profiles in this slate, shaped by large-scale technology delivery as well as security leadership.
Steve Mueller — Chief Information Security Officer, Information Resources, Inc.
Steve Mueller has spent much of his career at Information Resources, Inc., where he serves as SVP of IT and chief information security officer. His profile reflects a long-term technology leader who grew with the organization across engineering, networking, end-user support, infrastructure, and eventually enterprise security. In a software and data-centric business, that kind of institutional depth can be a major advantage, especially when security needs to be tied closely to operational realities.
Mueller’s experience includes managing large multinational infrastructure environments, overseeing outsourcing transitions, and leading the process to achieve ISO 27001 certification. Earlier in his career, he worked on engineering and systems development tied to BehaviorScan and other data collection and interactive media technologies. That history gives him a profile grounded not only in IT and compliance, but in product and systems development, which fits well inside a software industry feature.
James Lopez — Chief Information Security Officer, CoinFlip
James Lopez is chief information and security officer at CoinFlip, where he now leads security for a business operating in the cryptocurrency space. His profile centers on building cybersecurity programs that support innovation and growth rather than functioning only as a defensive layer. That positioning is especially relevant in software-adjacent and platform-driven businesses, where security leadership often has to support product confidence, operational resilience, and customer trust at the same time.
Before CoinFlip, Lopez held security leadership roles at Valent U.S.A., Cars.com, Dyson, Xylem, CSC UKI, Solutionary, Blue Cross and Blue Shield of Illinois, and Sears Holdings. That background spans e-commerce, enterprise security, risk and compliance, and regulated environments, giving him a practical and varied foundation. In a feature on Illinois’ software industry, he brings the perspective of a leader who has moved across multiple sectors while consistently operating at the intersection of technology, risk, and business enablement.
Where software security leadership in Illinois is heading
The leaders in this group show how software security leadership in Illinois is expanding beyond traditional perimeter defense or compliance ownership. Their work increasingly touches cloud platforms, AI, enterprise systems, customer assurance, digital operations, and product-adjacent risk. Taken together, they reflect a software market where security leaders are expected not only to protect the business, but also to help shape how it grows.
Explore more profiles of the leaders shaping cybersecurity across numerous industries in our CISOs to Watch collection.