| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
CISSP, CSSLP, CISA, CIA, CPA, CGEIT, CRISC, ITILPHONE NUMBER AVAILABLE EMAIL AVAILABLE Candidate's Name LinkedIn Cyber and Information SecurityDynamic, disciplined and assiduous professional with solid execution experience of proven Cyber/Information Security, Information Technology and business risk management knowledge and skills in Fortune 50 companies. Strong problem solving and analytical skills. I have created and managed cyber/Information security risk management functions and led pioneering initiatives to create Information Security programs in Fortune 50 firms. I have demonstrated solid hands-on expertise in IT GRC programs, Gen. AI, audit, process re- engineering, operational risk management, metrics, cloud and network infrastructure risk management. I also have excellent knowledge in developing strategic plans and prioritizing tactical initiatives. Strong communication, collaboration and teamwork skills are a strong as well. Key SkillsCyber/Information Security Risk Management Infrastructure Vulnerability Risk Management Gen AI PCI-DSS SWIFT GRC Risk Assessment Cloud Computing Risk Management NIST Issue Management IT/Ops. Risk Management Reg. Compliance Incident Mgt 3rd Party Process Engineering Data Analytics /Metrics & Reporting ISO 27001 SOCx GLBA SOX KPIs/KRIs ExperienceWells Fargo Cybersecurity - Business Intelligence & Analytics, Pittstown, New Jersey December 2021- November 2023 VP, Sr. Lead Information Security AnalystAnalyzed cyber data collected from infrastructure scans with Qualys, cloud scans with Prisma and Application Security scans from various tools. Isolated/identified key material cyber risks, trends, and advocated for focused solutions where appropriate. Analyzed cyber risk data and created metrics that provided visibility into the behavior of cyber risk management by using weekly and monthly comparative trends to understand risk posture as well as identify risks bottlenecks and devise solutions and therefore increased level of risk remediation. Worked extensively with infrastructure vulnerability management team to operationalize vulnerability management consequence model to ensure material vulnerabilities are prioritized and given the appropriate risk remediation treatment or escalated to senior management team for quicker action, resulting to over 85% of high risk past dues being remediated. Worked extensively with the Business Information Security Officers (BISO) teams, specifically acting as the principal liaison between cyber security program activities and Chief Information Officers (CIO) of core businesses and technology entities to meet strategic cyber program objectives. Role accelerated the achievement of tactical and strategic cyber security risk objectives. Managed all Point of View (POV) cyber security assessments or targeted assessments impacting cyber security programs. Partnered with BISOs and cyber security program champions to monitor, assess, advise and report results of assessments to BISOs and CIO organizations to ensure cyber risks identified are prioritized and remediated timely. Successfully achieved an overall reduction of potential material risks. Served as liaison between BISOs and cyber programs for infrastructure security programs, information security risk management and third-party cyber security programs-serving as a two-way communication catalyst for cyber security program with potential risks impacting the CIOs, resulting in the elimination of bottlenecks and improved risk management execution. Managed, coordinate and reported all cyber risk/issues and corrective actions identified in the Cybersecurity organization. Worked diligently with risk owners to ensure remediations were timely or escalated to senior management for faster resolution. Wells Fargo Cybersecurity-Information Cyber Security, Pittstown, New Jersey March 2021-December 2021 VP, Sr. Lead Business Technology Consultant-Cyber Security Programs Created the enhanced cyber engagement service process that allowed an efficient and effective method for how participating partners can collaborate to transform cyber security engagement activities in an agile model that allowed for a deeper understanding of Cybersecurity strategies, initiatives/projects and prepared stakeholders for potential changes to improvement companys evolving risk posture. Worked with BISOs/CIOs to understand the impact of cyber security strategic plans, roadmaps, policies, controls, initiatives/projects, metrics, issues/corrective action plans and internal/external reviews on the line of businesses to ensure risk stakeholders were awareness of risk, which greatly improved proactive identification of risks and timely mitigation. Partnered with the BISO community, Cybersecurity program champions, Risk & Control Partners, and CIOs to facilitate feedback, provided consultation/advisory and conduct impact assessments on new or proposed changes to cybersecurity program strategies, policies, controls, initiatives/projects and metrics. As a result, BISO input was timely incorporated in products/services, which achieved a better overall risk reduction outcome.Wells Fargo N.A. Information and Cyber Security (ICS), Pittstown, New Jersey June 2020-March 2021 VP, Technology Business Service Principal Associate-Corporate Investment & Wealth Management Led 2020 SWIFT Customer Security Programme annual compliance attestation working with frontline technology risk and SWIFT Corporate teams to complete attestation, approved and submitted by the CISO to SWIFT. Developed and implemented a robust and comprehensive risk assessment program to ensure non-compliant counterparties are vetted and approved prior to engaging with Wells Fargo businesses, which greatly increase efficiency and execution by over 35%. Wells Fargo N.A. Information Security Risk Management Oversight, Pittstown NJ March 2016-June 2020 VP, Information Security Oversight ManagerLed several key initiatives using data analytics to identify new material risk types that have never been considered in terms of priority handling in WFC such as risk acceptances, vulnerabilities from infrastructure scanning, patching and production data in development environments etc. These discoveries were greatly appreciated by management, to which several million of dollars were allocated for program enhancements and remediation for about 3+ years, which significantly enhanced information security risk management and control effectiveness in the Line of Businesses (LOB). Initiated and implemented a strong strategic vision, and tactical roadmap for Information Security Risk Management Oversight(ISRMO) key risks that aligned with LOB risks practices, resulting in ~40% increase in new risks needing priority remediation. Created and led an initiative that identified pervasive risk acceptances as a material risk across LOBs, which resulted to a surprise recognition of risk acceptance as a major enterprise-wide issue/corrective action by senior management that must be addressed. Received several accolades and departmental recognition for this effort. Created and led several initiatives using data analytics to identify new material risk types for ISRMO oversight programs, which broaden and enhanced risk identification, tracking and reporting to improve risk posture and control effectiveness in LOBs and allowed better focus on material risks and prioritized remediation strategies resulting in a boost in risks reduction across LOBs. Created new IS oversight dashboards that provided critical visibility into risk behavior in LOBs assisting teams to pinpoint areas of focus and opportunities to self-examine control effectiveness, credible challenge, bolster self-identified issues and reduced the number of audits, compliance and regulatory issues by ~22%. Discovered through data analyses that senior management focused on remediating only high risks (3%) meanwhile 97% of composite risks with more material risk impact to WFC was given less remediation consideration, as a result the risk portfolio was re-stratified, more risks remediated and achieved an improved firmwide risk posture. Received senior management recognition. Trained new ISOMs and data analysts in in the production of charts and interpretation to understand underlining risk behavior and pinpoint specific risk areas, which resulted in team success as a second-line of defense for oversight risk activities. Citi N.A., New York, NY October 2010-March 2016Vice President, Information Security Officer for Corporate Center Global ID Administration (GIDA) Business Information Security Officer (BISO) Principal IT Risk and process consultant-supporting a 4-year Operations & Technology project to transform/consolidate 800 embedded legacy information security administration (ISA) functions into a modern Identity Access Management (IAM) platform with seamless process integration, operating synergies and risk reporting. Partnered with Global ID Administration (GIDA) and re-engineered key processes that enabled GIDA to successfully create a pay- for-service model and cost recovery for external and external services of over 5 million dollars. Partnered with GIDA to successfully transition 3200+ applications from legacy support status to state-of-the-art IAM platform with a cost saving of over 40 million dollars. Additional Relevant ExperienceDow Jones & Company, South Brunswick, NJDirector, IT Risk ManagementManaged firms disaster recovery resilience program, Created and managed the first risk management function in the firm. Created ITSM processes to introduce efficiencies in IT services such problem, change management etc., and developed ITIL industry standard processes and tools to manage issues and exceptions. Managed Governance Risk and Compliance Program. Citi N.A New York, NYVP, Lead IS Program ManagerLed the Development of a best in-class IS risk management program/processes that ushered a new innovative methodology for managing risks, issue management and risk acceptances/exceptions. The OCC used these tools as a benchmark for assessing other major banks. EducationMaster of Business Administration, MBA, Finance and Investments Long Island University, Brooklyn, NYMaster of Science, MS, Computer SciencePratt Institute of Technology, Brooklyn, NYBachelor of Science, BS, AccountingCity University Of New York-York College, Jamaica, NY |
