Effective July 31, 2016, the Commonwealth Enterprise Portal (WebCenter Interaction) will be taken offline permanently.
Agencies must move any remaining content they wish to keep before this date. For more information, please visit the migration project site.

Office for Information Technology Executive Leadership

John MacMillan

Deputy Secretary for Information Technology and Chief Information Officer

John MacMillan was appointed as deputy secretary for information technology and chief information officer for the commonwealth in March 2015.

John brings nearly three decades of IT industry expertise to the CIO’s office, including 18 years with IBM, most recently assisting the state of Ohio with its data center strategy. He also served for a decade with federal departments in Canada.

During his career, John has developed experience in areas including application development, system integration, data center operations and facility management, as well as knowledge of statewide programs including public health, education, transportation, rehabilitation/corrections, youth services, tax collection and enterprise ERP.

John graduated in Computer Technology / Computing Science from Algonquin College. He has held a Project Management Professional (PMP) certification since 1998, and earned his Stanford Certified Project Manager (SCPM) from the Stanford Center for Professional Development in 2009. John is ITIL Foundations certified. He and his wife have two sons.

Rosa Lara

Deputy Chief Information Officer

Rosa Lara was named Deputy Chief Information Officer in March 2015.

Rosa has over 15 years of experience in the information technology field, including oversight of very visible and highly complex initiatives.  Notably, she earned a Governor’s Award for Excellence in 2009 for her role in leading the implementation of the IT solution the commonwealth leveraged to oversee $6.7 billion in ARRA funding from the Federal Government.  She has experience in the areas of business process reengineering, large scale implementation efforts, financial management, procurement and managing for results.  In her current role, Rosa has oversight over the IT policy, governance, strategic planning, project management, and the commonwealth’s broadband program.  She has held numerous positions within OIT – including the Director for the Bureau of Application Development, which was responsible for close to 300 applications and a Deputy Chief Information Officer for Health and Human Service agencies.

Rosa earned a bachelor’s degree in Public Administration from The College of NJ, a Masters of Public Administration from the Maxwell School of Citizenship and Public Affairs and a Masters of Information Resources Management from Syracuse University.   She and her husband, Francisco, have two sons.

Erik Avakian

Chief Information Security Officer

Erik Avakian was named Chief Information Security Officer for the commonwealth in June 2010.  

Erik joined the commonwealth in 2005 and became deputy CISO in 2007.  He has over 15 years experience in securing enterprise-level environments and is an expert in reducing risk and mapping security to the business. He has extensive experience in security governance, risk management, compliance and incident response and remediation. As CISO, Erik is responsible for establishing  enterprise security strategy, standards, controls, and security policies and leads the Enterprise Information Security Office, which defends against cyber attacks, reduces the commonwealth’s vulnerability to cyber attacks, and minimize damage and recovery time from attacks if and when they occur.  

Erik holds numerous industry certifications including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), GIAC Security Essentials Certification (GSEC) and is ITIL v3 certified. He is an active member of the National Association of State Chief Information Officers (NASCIO) Security & Privacy Committee, the SANS State Advisory Board,  the International Information Systems Security Certification Consortium (ISC2), the Information Systems Audit and Control Association (ISACA), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Pennsylvania Criminal Intelligence Center (PaCIC).