PROFESSIONAL SUMMARY:

• Senior security leader with a history of creative problem solving for risk management and broad - based IT experience
• Influenced decision-makers and built consensus for advancement of continuous-improvement initiatives.
• Solid relationships with internal and external customers through credibility, accountability, and quality deliverables.
• Bridged communications between technical and non-technical audiences through sound knowledge of system architecture, administration, and management of operating systems coupled with excellent presentation skills.

SKILLS:

IT Risk Management & Mitigation |Cybersecurity | Security Analysis | Risk Assessment | Status & Key-Metric ReportsTeam Building & Development | Change Management |Disaster Recovery Planning, Testing & Preparedness Threat Modeling | Implementation, Testing & Vulnerability Assessment | Identity & Access Management

EXPERIENCE:

Confidential, Westlake, Texas

Senior Manager, Issue Management

Responsibilities:

• Executed established risk governance guidelines for risk identification, remediation, and control effectiveness.
• Performed and monitored risks as they were discovered and resolved through an Action Plan / Risk Acceptance.
• Responded to internal audits for clarification and reports/examples/reasons for actions taken.
• Monitored the 2nd line of defense to ensure they were overseeing the 1st line.
• Special projects that required creativity and analysis to complete for Confidential .
• Taught 2nd line of defense how to do Thematic Issue Analysis through a series of meetings with each department.
• Created and presented monthly summaries to Executives.
• Managed transition from Archer to Confidential application for recording risks and the remediation.

IT Control and Risk Manager

Confidential

Responsibilities:

• Assisted with maintaining and monitoring adherence to technology policies and standards.
• Determined inherent risk level and appropriate controls for new products and technology services for Confidential and Confidentialk.
• Skilled at communicating technical issues to technical and non-technical audiences.
• Challenged the output of the first line from Confidential Technology Services Risk and Control Self-Assessments (RCSA).
• Partnered with business unit management to determine more effective and efficient ways to manage technology risk, including developing and monitoring of risk metrics and IT dashboards.
• Coordinated with peer 2nd line of defense functions to synchronize communication and execution of risk management activities throughout Confidential Technology Services (STS).
• Responded to internal audit requests for procedures/ results.
• Ongoing risk management for multi-year projects.

Confidential, Phoenix, Arizona

Cybersecurity Analyst

Responsibilities:

• Directed end-to-end processes designed to enhance system security and meet regulatory guidelines for advisors.
• Assessed and developed prioritized action plans for identified vulnerabilities for 7,500 offices across US.
• Documented procedures and end-user guidelines. Enforced compliance with all applicable statutory requirements for financial industry.
• Supported 3rd-party risk assessments.
• Facilitated corrective actions to maintain acceptable risk, exposure-based regulations, and best practices.
• Designed and implemented information security programs in support of financial advisors; verified compliance with information security frameworks and wrote guidance for reaching compliance.
• Improved toolkits continuously; created program-development and assessment templates for client-work products.
• Delivered timely and effective recommendations for responding to viruses, malware, and breaches in real-time.
• Recognize the relationships, dependencies, and impact of neighboring business functions and projects on security.

Confidential, Fort Worth, Texas

Project Manager, Information Security

Responsibilities:

• Produced timely and high-quality deliverables in support of information technology projects for 70+ countries.
• Acted as the global point of contact for all security projects.
• Defined scope, project plans, project schedules, requirements specifications, architectural diagrams and descriptions, and test plans using Jira/Agile frameworks.
• Organized project planning, status meetings, reviews, requirements, and release planning. Managed change requests and chaired status meetings.
• All policies and projects included GLBA for worldwide data management and ISO 27001.
• Implemented DR across three divisions for global operations.
• Enhanced security and manageability with Active Directory consolidation of 53 domains into one.
• Increased malware protection through migration of all 15K users across the globe to Trend Micro.
• Facilitated global administration and support for backups with consolidated Commvault architecture.

Confidential, Dallas, Texas

Manager, Security & DR

Responsibilities:

• Successfully audited small firm's IT security, budget-friendly best practices.
• Detailed the need to develop DR strategies - even without a legal requirement.
• BCP plans and succession planning for family-owned companies.