Brad K. Email & Phone Number

Saint Paul, MN, US

Baltimore, Maryland, US

• Responsibilities
• Monitor progress and results of both a personal portfolio of supplier risk assessments and those of junior associates
• Assesses adequacy of supplier control environments, identifying control gaps or weaknesses and resolves consistent with the Risk Response Policy
• Proactively influences and contributes to new or enhanced practices and procedures while supporting the development of colleagues of junior associates
• Contributes to continuous program improvement by sharing experience and learnings with peers and others in the firm responsible for supplier risk management
• Pursuing further development of generative AI risk managementAchievements

Richfield, Minnesota, US

• Responsible for executing and enhancing third party risk processes and procedures, including: onboarding, assessing, identifying and communicating risks, and remediation
• Advise business partners on security requirements and risk mitigation efforts and follow up to ensure remediation is completed.
• Collaborate with third party partners to establish remediation goals and deadlines.
• Lead implementation of a centralized vendor risk management program.
• Partner with the eGRC (Archer) team to advance capabilities, drive efficiencies, and improve reporting.
• Research new/emerging industry vendor security assessment models, methods, tools, reporting and provide recommendations to leadership. Achievements:

Minneapolis, MN, US

• Spearheaded the migration to Prevalent (GRC Tool) and automated major elements of the risk assessment process (Severity levels, Findings, Reports, etc).
• Conducted third party risk assessments utilizing NIST, ISO, PCI, and HITRUST frameworks
• Served as a liaison between vendors and various business units in efforts to complete security risk assessments in a timely manner
• Identified gaps within the current workflow and working with leadership/business units to implement solutions
• Developed dynamic questionnaire process that better fit the scope of vendor engagements

Minneapolis, MN, US

• Conducted risk assessments on medical devices and/or new system applications utilizing NIST, ISO, PCI, and HITRUST frameworks.
• Led security awareness initiatives across Allina Health by developing phishing campaigns and participating in knowledge fairs
• Developed knowledge base articles related to security
• Ensured risks are properly documented and accepted at the correct levels of the organization
• Generated of reporting metrics regarding the success of enterprise-wide phishing campaigns
• Communicated with various business units to ensure risks are understood

Minneapolis, Minnesota, US

• Ensured risks are properly documented and accepted at the correct levels of the organization
• Validated that remediation plans are in place to reduce risk where possible and pursue evidence toprovide proof of remediation
• Assisted in the generation of reporting metrics
• Supported the risk assessment process by collaborating with business partners
• Translated technical language into business terms to facilitate understanding of risk to the business
• Collaborated with senior and lead risk analysts on activities related to the development ofcommunication and presentations for internal and external audiences.Achievements:

Dallas, TX, US

• Conducted threat modeling to anticipate the actions of active threat groups.
• Implemented technical controls to mitigate future financial risk from being realized.
• Developed and maintained fraud queries, reports, and metrics to provide customized information for MoneyGram Online (MGO) stakeholders.
• Acted as a subject matter expert on data elements and data mining techniques within the reporting environment.

Minneapolis, MN, US

• Responsibilities:
• Develop outcome-based initiatives to ensure student outcomes are realized in a way that contributes to student success and satisfaction
• Administer the school’s established written outcome assessment plan to ensure the school’s programs and services meet the established benchmarks.
• Serve as liaison between various State Departments of Education as follows:1. Direct the administration of state/province governmental regulations affecting distance education schools2. Stay current with law changes3..

Master Of Business Administration (M.B.A.), General

B.S., Mass Communication/Media Studies