● Own and manage client relationships and projects for 10+ clients end to end● Develop and lead project plans based on task-based budgets with business owners and external stakeholders● Conduct Control Assessments against various regulatory compliance requirements (e.g., SEC, PCI-DSS, NIST CSF, NY DFS, NFA,etc.) to address relevant risk areas and develop a Plan of Actions and Milestones (Assurance Plan) to ensure proper controls areimplemented● Maintain risk management reporting dashboards (via internal reports and a home-grown portal) for client risk assessments andremediation efforts● Lead client engagements in support of regulatory cybersecurity risk remediation activities and building data governance frameworks● Review updates to client departmental procedures, including assessment procedures, questionnaires, and cyber training, to ensureinternal control activities, contractual obligations, and regulatory requirements are being met on a scheduled cadence● Review and interpret data flow maps and data sharing activities across enterprises to ensure regulatory compliance and to simplifyterms for Board Members and C-suite individuals● Regularly present to client leadership (e.g., CTO, CPO, CCO, CISO, Cybersecurity Director, VP, etc.)● Drive continuous improvements associated with the speed, quality, efficacy, and value of cyber engagements● Lead client engagements and perform due diligence in support of Private Equity portfolio companies during pre- and post-acquisition● Review and provide guidance on key IT Security policies and procedures - to include Written information Security Policies(WISP), Disaster Recovery/Business Continuity/Incident Response Plans● Lead and Support Critical 3rd Party vendor evaluations

● Developed and lead project plans in support of internal audits and risk assessments based on a task-based budget● Owned and managed client relationships and governance framework● Execute audits with clients on a variety of regulatory standards such as SOX, SOC2 Five Trust Principles, and MAR to ensureproper controls are in place● Assist clients with readiness assessments for a variety of regulatory frameworks (e.g., PCI-DSS, NIST CSF, NFA, SEC, etc.)● Assisted clients in getting process narratives in place to facilitate procedures in the event a breach or loss occurs

● Owned and managed client relationships, due diligence, and risk assessments for 20+ clients and vendors● Collaborated with various business units such as information Security, Privacy, Procurement, Audit, Compliance, and other teamsto ensure risk management objectives align with firm goals and milestones are met● Reviewed and interpreted data flow maps and information sharing activities across enterprises to simplify terminology for BoardMembers and C-Suite individuals● Managed the product build-out and roadmap of the firm’s phishing testing services● Developed, initiated, maintained, and revised policies, standards, procedures, work streams, and guidelines for the general operationof the Experiential Learning Program under the Vendor Management Outsourcing Services Team● Conducted privacy assessments for clients against HIPAA, CCPA, CPRA, GDPR, NAIC Model Law, and PIPL frameworks to identify privacy risk and provide strategies on how to implement controls to aid in the protection of data● Maintained risk management reporting dashboards for client risk assessment results and remediation efforts● Developed, maintained, and revised policies, standards, procedures, and guidelines for clients pertaining to privacy such as PersonalData Inventory, Data Retention Policy, Privacy Health Checklist(s), Investor Privacy Notice(s), Data Protection Impact Assessment(s), Employee Privacy Notice(s), Record of Processing Activities, etc.● Assisted with implementation and remediation efforts on how to implement security controls to further protect privacy of data● Mapped the CCPA, CPRA, GDPR, NAIC Model Law, and PIPL privacy regulatory requirements to ensure client privacy compliance meets the most stringent of standards

● Owned and managed client relationships● Managed the firms phishing testing services● Developed and reviewed security policies, standards, and procedures for clients based on regulatory requirements and security domains within the financial sector● Led and participated in client meetings to gather data needed to develop security policies to demonstrate their security posture● Advised clients on security best practices, compliance standards, and adherence to security regulations● Identified client resistance strength based on specific risk scenarios● Developed internal strategies and roadmaps to expand and improve upon current and new GRC services under current security frameworks and guidelines● Co-managed the external network vulnerability testing services● Built and maintained the teams onboarding and training manual● Oversaw onboarding and training of new security analysts and associates● Led internal orientation sessions with firm new hires to understand risk quantification methods and firm services

● Built and developed the Vendor Relationship Management Outreach and Support services● Assisted with the development of the firms Third Party Risk Management (TPRM) services● Facilitated information-security risk analyses of client third-party vendors based on relevant security frameworks (CIS, HITRUST, COBIT, NIST CSF, SOC, FFIEC, FINRA, GLBA, ISO, NIST, OOC Bulletins, PCI, SOX) to identify, assess, prioritize, evaluateand address information security, privacy, financial, and other areas of risk● Conducted on-site reviews and generated risk reports on third-parties internal security controls● Maintained risk management reporting dashboards for client third-parties● Analyzed technology audits, assessments, and security documentation (AITEC, Cyber Essentials, SIG Full/Lite, CAIQ, Cyber Essentials Plus, ISO 27001, SIG, SOC1, SOC2, SOC3)● Engaged with clients to develop and enhance information security policies and technical risk documentation● Performed ad-hoc work, including special projects, as necessary

Systematically reorganized office workflow which led to the combination of two full-time positions resulting in operational savings of more than $30,000 annually ● Managed operating budget of $200,000 - $500,000 per year● Oversaw grant budgets of more than $60,000+, when applicable● Created forecast models and conducted briefings to management on current budgetary matters and future cost projections● Provided annual program evaluations and was responsible for producing strategic guidance for future success● Project manager for 15+ advisory board meetings, conferences and speaker engagements per year● Project manager on redeveloping professional run organizations● Committee member for reviewing 30-40 applications for admission to various programs● Consulted 40-60 individuals on academic and career best practices

● Managed calendars, travel details, appointments and phone calls for Director, Assistant Director and Program Administrator● Oversaw events calendar and disseminated information to faculty, staff and students● Maintained electronic and paper filing system for the J.D. Certificate, LL.M., S.J.D. and Visiting Scholar Programs● Engaged with visitors to the office and directed them to appropriate staff