Leading coordination efforts with internal and corporate groups and external auditors to help ensure proper control walkthroughs, population and evidence submission, follow-up of outstanding questions, and Points of Focus (PoF) coverage throughout the process as well as providing support to the corporate reporting organization for production of the final report.

Provided oversight and coordination for multiple long-duration action plans, creating best practices forums where owners could ask questions and leverage best practices. Executed Personal Account Dealing recertifications, creating procedures and job-aids to improve process execution time.

Managed and coordinated work initiatives within a Data Ecosystems team, including Issue and Action Plan Management and Application Control and Risk Assessments.Managed and coordinated planned and unplanned work initiatives within an IAM team, including Risk and Control Self-Assessments and Access Management Audits. Led team tasked with the governance and standardization of the Control Self Assessments process for Infrastructure Platforms and Tools across a line of business.

Senior member of team member tasked with the build out of the compliance function the organization.

Assessed applications for compliance with regulatory and firm policies, standards, and procedures covering the following areas: business recovery, application recovery, data recovery, technology infrastructure recovery and supplier / vendor recovery as part of a holistic approach to continuity risk management and business resiliency. • Developed process to execute reviews for Franchise Critical Applications. • Conduct Business, Application, Data, and Infrastructure risk assessments.• Document gaps and present summary to senior technology management.• QA check reviews to ensure compliance with program guidelines and standards.• Confirm remediation plans address the risk identified in the gap before closure.• Produce and improve management reporting used by senior Citigroup technology management and internal / external regulators and auditors.• Train, develop and manage new team members.• Gather and vet information for use in OCC Reviews.

Assessed applications for compliance with regulatory and firm policies, standards, and procedures covering the following areas: Information Security; Change Management; Disaster Recovery; Incident and Problem Resolution; Data Retention; and Systems Development Lifecycle.• Developed risk based assessment program, conducted substantive evidence gathering sessions to measure control effectiveness with Technology personnel (including management and support staff) and summarized results of assessment.• Prepared management reports for review and sign-off for over 125 applications.• Improved efficiency and effectiveness of technology risk assessments by implementing metrics and dashboard. This centralized assessment findings tracking and remediation process streamlined management reporting and issue tracking, follow-up, and escalation for over 3500 issues identified in assessments. Monitored project progress for issue remediation.• Assisted in providing advice and support to senior technology systems owners throughout Institutional Securities and Asset Management departments. o Communicated firm and regulatory policies regarding the Firm's Technology Risk and Information Security requirements for new systems (~ 500). o Assisted with annual compliance and re-certification of in-scope systems (~ 2000+). o Assisted in review of external client facing systems to ensure compliance with Information Security Policies. o Assisted with gathering information for regulators during regulatory exams/inquiries/sweeps.• As the Subject Matter Expert for the team, reviewed policies and standards including Disaster Recovery, Authentication, Authorization, and Audit Trail, Change Management, Data Management, and Data Security to ensure certification process complied with current Firm requirements as well as FFIEC guidelines.

SA CoordinatorSenior member of team that coordinated expansion of Sarbanes Oxley controls program to critical technology applications. Coverage included Company, Investment Management, Enterprise Data, Retail Brokerage, and Investment Banking.• Executed extensive analysis of application base to identify potential in-scope applications.• Negotiated with senior management and colleagues who owned potential applications to confirm and agree to application inclusion into the project.• Assisted with management reporting to track progress of initiative to date.• Responsibilities included both front office and back office groups at the firm.

SOX CoordinatorSenior member of team that coordinated IT SOX response across all business units to ensure compliance with Sections 302 and 404 of the Sarbanes Oxley Act of 2002.• Coordinated IT SOX response across Company, Asset Management, Enterprise Data, and Retail Brokerage business units for the firm.• Ensured timely response to questions and concerns while serving as the point of contact for external auditors.• Merged Retail Brokerage IT onto the centralized IT SOX process with E&Y consultants.

System Development - Various RolesVice President – Cost Allocations Development Manager, 2003 – 2005Vice President – Profit and Loss Applications Development Manager, 2000 – 2003Vice President / Senior Associate – Applications Service Desk, 1994 – 2000Associate – Global Funding and Treasury Systems Development, 1992 – 1994Trainee / Manager – Telecommunications Help Desk, 1990 – 1992

Field Artillery Officer, 1/35 FA and 1/41 Field Artillery