• Served as an IT Risk Officer within the IT Risk and Controls team, which is the technology risk management function within the first line of defense for First Citizens Bank, specifically aligned to the technology business unit that is responsible for IT asset management, IT finance, and IT project management• Provided risk management expertise, consultation, review, and challenge and served as a liaison between technology and the other risk management functions, programs, and lines of defense• Consulted and supported remediation of a large and complex supervisory issue• Executed risk and control self-assessments and advised on the integration of processes and controls of acquired entities, including Silicon Valley Bank

• Served as a Business Risk Officer within the Chief Controls Office, which is the first line of defense risk management function for Silicon Valley Bank, specifically aligned to technology business units, processes, risks, and controls• Provided risk management expertise, consultation, review, and challenge and served as a liaison between technology and the other risk management functions, programs, and lines of defense • Implemented, executed, and supported risk management policies, standards, and processes including risk and control identification, risk measurement, risk and control self-assessment, control testing, issue management, risk acceptance, risk appetite and limits, and risk reporting• Evaluated technology policies, processes, risks, and controls against FFIEC IT Examination Handbooks, FFIEC Uniform Rating System for Information Technology (URSIT), Control Objectives for Information Technologies (COBIT), IT Infrastructure Library (ITIL), Data Management Capability Assessment Model (DCAM), NIST Cybersecurity Framework, Cyber Risk Institute Cybersecurity Profile and Maturity Methodology, and Cloud Security Alliance Cloud Controls Matrix

• Managed an issue management oversight team within Corporate Risk, the second line of defense and independent risk management (IRM) function for Wells Fargo• Supervised the review and challenge of issues aligned to technology, information security, information management, third party, business resiliency, and disaster recovery risks, throughout the issue management lifecycle• Supervised issue intake reviews, IRM-identified issue reviews, IRM-owned issue reviews, tollgate reviews (issue submission, change to baseline, and issue closure tollgates), issue validation reviews, and communicated feedback and results as applicable• Developed and managed issue intake and tollgate review process documentation, templates, tracking tools, metrics, reporting, and training materials • Presented training sessions on various issue management and oversight topics for IRM and front line team members • Assisted with the development and review of regulatory updates, communication materials, and responses• Executed risk and control self-assessment, control testing oversight, and new business initiative reviews• Managed direct reports and performed supervisory and administrative activities including recruiting, training, development planning, goal setting, and performance reviews

• Supervised complex technology and integrated audits of business aligned technology groups, application development, and infrastructure support teams, as well as horizontal audits of third party risk management, project management, change management, and information security risk assessment functions across the enterprise• Supervised project audit of a large business acquisition with a focus on the technology and integration related risks• Led audit of enterprise information security risk assessment process and compliance with FFIEC requirements• Developed and managed audit coverage strategies related to IT controls for models, secure coding practices, and international technology across the enterprise• Managed direct reports and performed supervisory and administrative activities including recruiting, training, development planning, performance appraisals, mentoring, scheduling, annual risk assessments, and audit planning

• Managed SAS 70, internal audit, external audit, agreed-upon procedures, IT security reviews, IT risk assessments, data analysis, and system integration review engagements• Managed SAS 70 examinations of the securities processing environment of a client that provides back office brokerage services for its institutional and retail customers• Conducted IT internal audits at two financial services clients in loaned staff arrangements• Supported financial audit teams with business process and general IT control testing for various ERP and financial reporting applications including SAP, Oracle Financials, AS400, PeopleSoft, Lawson, and JD Edwards• Managed direct reports and performed practice management activities including staff performance reviews, resource scheduling, training, recruiting, and new business development

• Performed application development and support of a mobile workforce management system used by over 400 users that enabled real-time utility workforce dispatching, vehicle tracking, and service order completion• Developed and implemented software and hardware solutions including programming interfaces, developing and testing application enhancements, updating mobile devices, wireless connectivity, mobile printers, and GPS devices• Coordinated development projects between internal IT departments and external hardware and software vendors

• Performed procurement, setup, maintenance, and support of Windows workstations and servers.• Implemented data backup solution, disaster recovery plan, firewall, and VPN solutions.