PROFESSIONAL PROFILE:

• Information Security & Risk technologist with over fifteen years of expert in multi - billion-dollar global payroll, financial and supply chain organizations.
• Self-directed leader and team player in pursuit of value for the organization and its stakeholders.
• Effective at communicating and collaborating with business and IT teams that enable success.
• Seeks continuous improvement, adhering to security & privacy standards, using creative ideas that facilitates business growth.
• Adept at aligning business and technology to meet business demands and regulatory requirements, and to strengthen the organization’s security & privacy posture.

CORE COMPETENCIES:

• Management
• Strategic Leader Results Oriented Communicator Coach
• PEOPLE, PROCESS & TECHNOLOGY
• Focused Agile Cost Effective Process Improvement
• Security & Compliance
• Confidentiality Privacy Integrity Availability

AREAS OF EXPERTISE:

• Agile
• Distributed RACI
• Project Management
• Business Enablement
• Kaizen
• Risk Analysis
• COBIT
• ISO 31000
• Threat Intelligence
• Control Matrix
• FAIR
• Risk Management
• Data Flow Mapping
• Process Improvement
• Strategic Planning

TECHNOLOGY:

• Active Directory
• NetSecure
• RSAM GRC platform
• AWS
• Oracle, Access
• Splunk
• Clarify HRMS
• PowerShell
• Toad (DB Access - SQL)
• Contrast Security
• Quality Center
• UNIX, zLinux, .NET operating systems
• DLP (Symantec)
• Rally (Agile Development)
• Varonis
• Microsoft Office Suite
• RSA Archer GRC

PROFESSIONAL EXPERIENCE:

Confidential, Atlanta, GA

Cyber Security Risk Manager

Responsibilities:

• Finding & Exception overhaul
• Cyber Security Risk and Enterprise Risk Management Alignment
• Privacy: GDPR & CCPA compliance
• Risk Analysis
• Policies and standards review and updates
• Third Party Risk Management

Confidential, Atlanta, GA

Sr. Tech Project Manager

Responsibilities:

• Managed the TS Local Business Security team consisting of cross functional associates in the division.
• Led the team to deliver client centric security response that fostered urgency and transparency to resolve security incidents and breaches.
• Authored the IT security and privacy roadmap and led collaboration with senior leadership to drive security strategy by defining security goals, identifying requirements and executing plans to achieve timely outcomes.
• Managed efforts to design and implement database purge processes to delete unneeded data for GDPR and adhere to privacy policies.
• Designed, developed, and implemented controls to deliver adherence to ADP Security policy derived from SOX, SOC1, ISO 27001 and NIST standards.
• Established a risk queue process for identifying and prioritizing security findings.
• Reduced the running number of open incidents by 25%.
• Designed and implemented a divisional Security Incident Reporting Tool to enhance reporting and reduce response times.
• Acting lead for addressing high profile security incidents providing leadership and guidance in the incident response process.
• Designed a streamlined pen-test process better suited for an agile environment based on the concepts of release often & fail fast. Integrated the process across product owners, development teams, infrastructure & engineering, and pen-test teams.
• Drove the deployment of QualyisGuard agents on QA and dev servers, and WhiteHat on iAT servers to scan all web application products. Tracked results in RSA Archer and defects in CA Rally.
• Worked closely with teams to drive down the number of existing findings, and to ensure no newly developed vulnerabilities are move into production.
• Designed password reset functionality for the TS client facing products to reduce service calls by 10%.
• Drove DR testing to 98% success rate in one of the most complex IT environments within ADP.
• Designed, and led a team to implement a local provisioning tool that integrated with the corporate eProv and HRMS that cut provisioning time by 30% and significantly increase productivity.
• Designed a TS Computer Incident Response management process to reduce response times during operational outages.
• Performed multiple security control reviews and risk assessments and drove the remediation of security and audit findings.
• Managed all SOX & IT general control audits.
• Provided vendor management and assessment services to track vendors and to ensure they met strict ADP security standards.
• Provided security addendums for contractual agreements with prospective clients.
• Initialized SOC1 reporting into the organization to improve sales and client retention.
• Came in Third Place in the ADP ICE (Improve Client Experience) Global Challenge in 2016 as part of business transformation. Entries were made from associates all over the world and part of the concept was used in recent strategic platform upgrade.
• Acted as SME for collaboration in a number of workshops and kaizens.

Confidential, Dunwoody, GA

IT and Operational Auditor

Responsibilities:

• Introduced the COBIT Framework to the IA dept. to devise audit programs that evaluated IT general controls to ensure security and audit compliance.
• Provided financial, operational and IT general control audit services to evaluate controls and address risk related to finance, business operations, and data processing.
• Developed audit programs for mainframe, active directory, DR, and applications.

Confidential, Marietta, GA

Owner /Operator/Investor

Responsibilities:

• Hired and led a team of multi - talented personnel in the construction industry to drive sales and manage construction projects.
• Managed all aspects of the business which led to a deep understanding of business operations and control.

Confidential, New York, NY

IT and Operational Auditor

Responsibilities:

• Provided IT general control audit services to evaluate controls and risk related to data processing and security.
• Performed audits on mainframe, client/server networks, active directory, DR, and CHIPs (Clearing house) and SWIFT money movement applications.