SUMMARY:

Talented financial industry manager with exceptional contributions in Operational Risk Management, IT Security Risk Management, and Third - Party Risk Management including subject matter expertise from the Information Security and BCP perspectives. Experience in performing Business Process Mapping via Visio, internal audits including SOX testing, evaluating SIG/SIG lite and SSAE16/SOC reports, Risk and Control Self-assessments (RCSA), Control Testing, Processes Mapping and resolving internal and external regulatory findings. Acted as SME for BISO’s and BURM’s within business units. Provides a unique and compelling blend of expertise that spans identifying and mitigating risks, implementing controls, risk mapping and ratings, conducting due diligence, reviewing policies/procedures, training, process improvement and technical security and enhancements. Expertise spans the following disciplines:Operational Risk Management / BCP

TECHNICAL SKILLS:

• IT Security
• ISO 27001/27002
• NIST 800-50
• 53
• COBIT 5
• COSO
• IBM Open Pages
• JPMC Proprietary IBID Systems
• Access rights control/recertification
• IAM lifecycle
• Agile user stories
• SDLC Lifecycle
• SharePoint
• SQL for Sybase queries
• Microsoft Office (expert Visio)
• FTP
• Bloomberg web-based form design
• Algorithmics / Open Pages (IBM) risk management software and PGP security software

PROFESSIONAL EXPERIENCE:

Confidential,New York, NY

Consultant - Operational Risk Department - Risk Manager

• Risk Manager for aligning the Operational Risk Department’s policies and procedures with Regulatory Guidelines. Creating process flow mapping in Visio and identifying control points for all of the Lines of Business (LOBs) for the Americas to support the RCSA Program and working directly with the CRO on this initiative.

Confidential,Newark,NJ

Consultant - Individual Life Insurance - Vendor Risk Manager

• Designing the vendor governance process for the Individual Life Insurance business unit. Evaluating the current-state, future state and proposing risk tolerance and regulatory compliance (OCC, FRB, FFIEC). Advising the BISO from the Information Security perspective. SME for evaluating SSAE16 / SOC reports
• Collaborating with the Enterprise-wide Third-party Risk Management team, and Information Security to negotiate a contract with a Big 4 consulting firm to outsource the low and medium risk assessments based on NIST 800-53Ar4, COBIT5, ITIL and ISO 27001/27002 controls

Confidential,Jersey City,NJ

Consultant - Enterprise Information Security - Technology and Vendor Risk

• Created framework for Technology Risk and Vendor Risk Management within the Enterprise Information Security Department and the implementation using ARCHER. Designed process flows, policies and procedures complying with regulatory requirements (OCC, FFIEC, FRB) and executive management initiatives
• Framework includes Planning, Due Diligence (SIG / SOC reports), Risk Assessment following NIST / ISO 270002 domains, Contract Negotiations, Continuous Monitoring and Engagement Termination

Confidential,New York, NY

Consultant - Operational Risk Control Regulatory Reporting

• Collaborating with the Data Management Control and Regulatory Reporting teams to create data sourcing process flows and document governance controls to comply with the future state FR Y-9C (IHC) and FR Y-14Q (CCAR) reports

Confidential,New York, NY

Senior Business Consultant - Corporate & Investment Banking

• Advisory role on a multi-year ‘access uplift’ initiative driven by firm-side CIO to significantly enhance capabilities to deliver on global compliance mandates e.g. SOX, SSAE16 and Regional Regulations while simultaneously improving: stability of the operating environment, confidentiality of information, mitigation of fraud risk and enforcement of cross border and information barrier restrictions.

Confidential, New York, NY

Risk Manager - Operational Risk Management Department

• Responsible for the design, development and implementation of a centralized and effective Operational Risk oversight function for the branch adhering to the Basel II/III accord
• Created policies and procedures including process flows for Consolidated Issue Tracking, Key Risk Indicators (KRIs), Vendor Risk Management (in ARCHER) including FACTA compliance, Incident Reporting and the Risk and Control Self Assessment (RCSA) program
• Conducted and presented trend analysis on all internal and external Operational Risk Management related issues for the branch at the enterprise-wide risk and operational risk management committee meetings.
• Trained the Business Unit Risk Officers on identifying KRIs within their respective business unit and reporting any thresholds met
• Implemented an RCSA program including tier1 and tier2 risk assessments, risk identification, inherent risk rating assessment, documenting controls, determining residual risk including testing and creating action plans for gaps
• Conducted training sessions for all staff members on reporting operational incidents, near misses and losses incurred
• Created a business use case for a new Operational Risk Management platform to increase transparency for the bank’s RCSA program, Consolidated Issues Tracking, KRIs, Scenario Analysis, Internal and External loss data analysis and overall Operational Risk profile

Confidential,Jersey City, NJ

Consultant - Financial Systems & Analysis Department

• Mitigated risk on an internal audit finding involving sign offs on the disclosure data included in the financial statements
• Liaised with IT and Financial Reporting teams to create BRDs, testing and implementation of a platform to automate the disclosure reports and produce transparent sign offs on the 10k and 10Q financials
• Conducted training sessions with the Financial Reporting team on how to use the new platform

Confidential, NY, NY

Consultant - Finance Department

• Conducted Gap analysis for the BRD/FRD document involving the RWA Denominator Calculation and the latest NPR following Basel III accord
• Updated the manual processes from the data providers, verified data pulls and created templates
• Liaised with development on dependencies, issues, assumptions and risks

Confidential,White Plains, NY

Consultant - Legal Department

• Analyzed the business needs for the AML, Legal, Credit Risk departments and how to facilitate a holistic approach for the on-boarding and on-going risk monitoring of clients
• Provided recommendations for a risk management framework and the specifications for a web-based portal for the collaboration of the risk monitoring departments and the Account Managers to communicate all their shared information including a risk profile for each client and issue tracking

Confidential,New York, NY

Banking Officer - Operational Risk Management Department

• One of three to build and implement the Operational Risk, Vendor Risk and BCP frameworks for all of the Americas
• Facilitated Risk and Controls Self-Assessments (RCSA) to assist Business Units to create risk and control libraries, determine key inherent risks, conduct control testing, residual risk ratings, action plans for the gaps identified and ongoing monitoring
• Negotiated with both internal audit and external regulators, responded and resolved any ORMD findings
• Developed the SOX Risk Assessment Matrix, test scripts, and testing instructions for ORMD
• Contributed to the development and implementation of an enterprise-wide Operational Risk Management framework for all of the Americas that incorporated BASEL II requirements and met regulatory standards
• Provided support for quantitative programs in the framework including Internal and External Loss Data collection, Scenario Analysis, Economic Capital quantification and Key Risk Indicator identification and collection
• Facilitated the qualitative programs including Risk and Control Self-Assessments, Issue Tracking and Sarbanes-Oxley 404 testing
• Responsible for writing and updating the General ORM, Risk Map, Loss Data collection, and Issue Tracking, BCP and Vendor Risk Management policies and procedures ensuring regulatory compliance for the Americas region. Designed and managed the implementation of a cloud based version of ARCHER to support the Vendor Risk framework.
• Restructured a bank-wide risk classification scheme for the Risk Map that served as the foundation of the ORM framework and facilitated the aggregation of data across ORM programs
• Prepared analysis to present the ORM risk profile to senior management on a monthly basis

Confidential,New York, NY

Technical Analyst - Prime Brokerage

• Serviced hedge fund clients trading complex products including Options, Swaps, CDS and Emerging markets
• Gathered technical requirements from clients and liaised with the development team involving specifications for the transmission of position and transaction files and trade files
• Provided technical support for clients and worked closely with developers for enhancements or fixes
• Designed and implemented a proprietary CRM tracking system which generated reports for senior management
• Conducted training sessions and created procedures for new associates
• Created a QA environment for testing all new “plug-in” software
• Maintained all client information in SQL for Sybase

Confidential,New York, NY

Call Center Manager - Client Services

• Managed a technical support team for web-based software that streamlined the business processes between brand owners interfacing with their licensees
• Bridged clients with Network Services, Professional Services and Software Development groups
• Created a process flow for all incoming client queries, incorporating a call logging schema and monthly call reports for clients using Clientele CRM software
• Developed and maintained a working practices document for the call center which included its mission, objectives and employee training programs

Confidential,New York,NY

Technology Analyst - GS Financial Workbench

• Organized the GS Financial Workbench Support Desk in the New York, London, and Tokyo offices by establishing documentation and providing group and individual training for new staff members
• Coordinated projects supporting the “Wealth Management Services” and “Open Swaps” applications
• Provided QA support for new web site development
• Supported both the Internet and Intranet GS Financial Workbench applications, third party software and created documentation for GS Financial Workbench technology analysts