SUMMARY

• Extensive experience gathering client requirements and translating into automation. Promotes control culture by designing, implementing, and administrating frameworks, policies, and standards using leading practices like COSO standards and CObIT.
• Has extensive experience supporting development of both business and technical requirements and has written many strategic GRC roadmaps for major corporate clients.
• Builds effective and efficient qualitative and quantitative decision support systems by leveraging a deep understanding of fundamental AI concepts and how to ensure data structure integrity. Has extensive experience integrating complex data structures and hierarchies by with GRC elements in alignment with leading standards like ISO 31000.
• Diverse and proven track record in team building and managing strategic global operations.
• An industry thought leader in GRC, operational risk, with a focus on anti - fraud initiatives, and contributor to the development of industry standards. Strong quantitative, analytical, and communication skills.

PROFESSIONAL EXPERIENCE

Senior Solution Architect

Confidential

Responsibilities:

• Provide technical expertise in developing solutions to complex software engineering problems, which required frequent use of ingenuity and creativity. Provided work leadership to others. Interfaced with senior management to provide and obtain information and to build consensus regarding project direction.
• Write functional detailed design specs as well as responding to requirement documents and system level test plans
• Contribute to organizational goals and objectives
• Interact cross-functionally on matters that required coordination across functional/organizational lines.
• Accountable for overall product and/or served as a customer advocate, sometimes represent organization as principal customer contact
• Collaborate with other engineers and other engineering groups, voluntarily share information
• Offer proposed design changes/suggestions to processes and products, exert significant latitude in determining objectives of an assignment
• Exercise considerable latitude in determining technical objectives, without appreciable direction
• Understand and adhere to cost/delivery/quality targets established during the program design phase
• Work effectively with cross-functional and/or global teams, readily share information with others.

Confidential

Senior Architect, Practice Lead

Responsibilities:

• Because of the role of this institution as a financial services peering point, the risk exposures were identified as systemic.
• The evaluation was based on B.I.S. principles for the successful management of operational risk, ISO 31000, COBit.
• The report, which included statements of likelihood and impact as well as recommendations, was delivered to the Board of Directors.
• Based on COSO’s approach to implementing an enterprise risk management framework, I developed a strategic roadmap for the effective implementation and execution of a firm wide control framework and a supporting GRC platform.
• Provided support directly to Chief Privacy Officer on matters related to risk control self assessment (RCSA), issue management, new business initiative approval (NBIA), third party oversight (TPO), control governance, reporting, technology controls, audit/exam preparedness and resiliency.

Confidential

Senior Architect, Practice Lead

Responsibilities:

• As GRC architect, deployed automated findings solutions; extensive experience using advanced Archer functions and features and designing and implementing customized calculated fields; used auto events to manage alerts and filters applied to questionnaires generated from question library and reports; Supported enterprise implementation at logical and physical tiers including interface, application, and database, and web.
• Implemented access control solutions. Have extensive experience managing access and entitlements by employing roles and groups, record (record permission fields) and field level (private fields) access controls.
• Mapped risk assessment and exemption processes and reconciled with technology resources. Developed user interfaces and reports as required for policy, vendor, and incident management solutions.
• Supported back end services utilizing SQL Server 2008, Windows Server Manager, Internet Information Services Manager, and Archer Control Panel (queue, notification, event scheduler, plug in command invoker, data feed) in a multi host environment. Responsible for index rebuilds and performance maintenance. Managed LDAP configuration.

Vice President

Confidential

Responsibilities:

• Delivered approximately 2000 core GRC calculations per month across 40 ODA’s using Archer iViews to create custom dashboards. Functioned as lead data architect and managed complete development lifecycle.
• Defined and implemented reporting, governance, metrics, process controls and standards across distributed implementation teams for four business divisions, one IT division, four regions.
• Extensively utilized calculated fields and cross-referenced over 70,000 content records against over 5000 organization units, 1217 division/region combinations, to produce 7-12 different metrics used to evaluate compliance for performance evaluations.
• Designed, implemented, upgraded reporting standards and methodologies using Archer page layout configuration options, including custom objects and tabs defined by business requirements.
• Utilized access control tools including groups and workspaces to delivery data security and application security.
• Developed applications with a variety of functions including control assessments, automated workflows utilizing notifications, calendars for data sorting, large data stores for searching, web based reporting applications that utilized graphical interfaces as well as tables.
• Developed MS Access-based and Archer SmartSuite reporting applications and advanced data structures for quantitative and data content analysis. Developed ad hoc solutions as required.
• Was responsible for all troubleshooting analysis and support of application layer including extensive data import processes.
• Implemented tracking and auditing functionality within Archer environment to facilitate troubleshooting.
• Designed production process that leveraged Excel spreadsheets, Access and SQL RDB tools, as well as Archer in order to use the right tools to accomplish objectives.
• Drafted into central team to lead establishment and management of firm-wide risk management and monitoring functions. Defined and implemented KRI reporting, governance, metrics, process controls and standards across distributed implementation teams for four business divisions, one IT division, four regions.
• Managed multiple risk measurement and management processes.
• Designed, implemented, upgraded reporting standards and methodologies.
• Worked with the Electronic Trading teams to timely implement controls over the following electronic trading systems: