SUMMARY:

• Regulatory Compliance, Governance, Risk Management/Models, Policy formulation and strategy development, Critical Asset Risk Management, Enterprise Program Office Management and Project Management (PMI/PMBOK, Confidential, Waterfall), Business/IT Alignment, Gramm - Leach-Bliley Act (GLBA), HIPAA, FISMA, FedRAMP, Due Diligence/Audit for multiple LOBs, Audit & Risk Assessment, Strategy formulation, Critical Asset Risk Management (DHS/FEMA), Community Preparedness for Cyber Incidents (DHS/FEMA), Community Cybersecurity, NIST framework, COBIT, Requirements gathering and approval, Change Management, Issue escalation and Resolution, Incident Management/Business Continuity and Disaster recovery, Terrorism/Counter-terrorism, and Program/Policy Implementation.
• Global security environment, Global crime networks, Financial Crimes Enforcement Net-work (FinCEN), Financial Action Task Force (FATF), National Incident-Based Reporting System (NIBRS), International Anti-money laundering (AML) legislation, National AML regulation (SARs), Terrorism/Counter-terrorism, U.S. National Security Strategy, U.S. Strategy to Combat Transnational Organized Crime, International criminal enterprise, global policy analysis and development.
• Financial management and performance measurement, Accounting (GAAP/IASB/FASB), Financial models, Translation exposure/ Economic exposure and risk analysis, Investment Analysis & Portfolio Management, Managerial and Cost Accounting, Budgeting and forecasting models, Financial information assurance and security, Audit processes and due diligence (Sarbanes Oxley), SSAE16 Attestation.

PROFESSIONAL EXPERIENCE:

Consultant/Mediator/Negotiator

Confidential

Responsibilities:

• Advise small firms on compliance.
• Consult with small business owners on Internet services. Create subordinate policies to I/S/A policy.
• Advise non-profit board and leaders on risks and mitigation of risks.
• Convene mediated settlement conferences for state agencies, businesses, and private parties. Advise legal counsel and clients on negotiation and options for resolution.
• Spearhead consensus building between client groups.
• Generate negotiation options for corporate and state organizations. Develop and execute communication plans.
• Perform analysis, assessment, and communication of risks.

Advisory Project Manager/Program Co-Director

Confidential

Responsibilities:

• Chair enterprise issues resolution committee for all departments, affiliates, and vendors.
• Made recommendations to Executive VP/Chief Privacy Officer, Program Director, and executive committee on risk mitigation and resolution is issues.
• Co-directed enterprise program activities for $18M GLBA initiative.
• Develop and managed project schedule and resources with 8/80 granularity.
• Communicated critical issues and subject matter to Program Director and C-level executives. Escalate issues to appropriate lines of business leaders, project managers, and vendors.
• Monitor program costs for overruns and scope creep. Recommend approaches for program and project management.
• Fulfilled major role in collecting and confirming requirements from operational units and cost approval. Met with project managers to discuss and resolve barriers and issues affecting program success.
• Co-managed and advised 40+ project managers across multiple LOBs.
• Develope criteria and requirements for strategic initiatives and global enablement. Structure engagement approach and scope for developing proof of concept.
• Identify and document (for approval) automated functions and processes. Review current processes and develop stop-gap assessment for strategic goals. Determine viability of vendor capability, quality of service, and SOW definition.
• Hold extensive communication with decision-makers to ensure risks were managed, security protocols were tested and implemented, and performance of integrated and migrated systems met operational goals.
• Ensure testing approach, case development, and approval process to verify new functionality.
• Recommend technology criteria for operating platforms, database, and application performance requirements. Established criteria for implementation and rollout, and contingencies for exit strategy.

Consultant/PMO

Confidential

Responsibilities:

• Fulfilled primary role for creating corporate strategy for $38M enterprise business systems migration for Nortel. Identify program level requirements for enterprise level migration, testing, and implementation.
• Develop baseline strategy for all LOBs.
• Review current business systems, processes, and policies.
• Conducted audits and risk assessments of business systems across multiple business segments. Created policy, standards, and guidelines for enterprise migration.
• Recommended security and quality processes for application development. Interview prospective resources for due-diligence team.
• Supervised 15+ direct reports for due-diligence with indirect hire/fire authority.
• Co-managed due-diligence segment of the PMO for over 160+ projects in the U.S., Canada, U.K. and Asian Pacific. Established testing methodology, change management procedures, and approval of business system migrations and rollouts.\

Senior Analyst/Programmer

Confidential

Responsibilities:

• Chairman (Governance/Risk/Compliance), Issue Resolution Executive Review Committee, GLBA Privacy Act Compliance. Leadership in overseas projects in Beijing and Shanghai, China; and Gurgaon, India.
• Advised Executive Management, Co-management of Enterprise Programs, Team construction and oversight.
• Alignment of Organizational strategy to Enterprise Architecture and Information Security Architecture. Information Security Life Cycle.
• Defense-in-Depth Strategy.
• Management of Enterprise Information Security and Assurance Services. Risk Awareness & Human Factors Training.
• Bell-LaPadula, Biba, and Clark-Wilson Security Models.
• DoDD 8500.01E and governmental measures for information security and assurance.
• Regulatory frameworks: PRIVACY, Gramm-Leach-Bliley Act (GLBA), HIPAA. Working knowledge of the Federal Information Security Management Act (FISMA). Due Diligence/Audit for multiple LOBs
• Working knowledge of using COBIT, FISMA, FedRAMP, NIST frameworks for governance, auditing, risk mitigation, and compliance management and policy development.
• Years of leadership experience in Audit and Risk for Gramm-Leach-Bliley Act and Y2K.