David Schroeder Email & Phone Number

Orem, UT, US

Portland, Oregon, US

• Gathered requirements with stakeholders/SME's, authored MDM Standard and BYOD policy based on NIST/SCF frameworks.
• Engaged regularly with technical and non-technical stakeholders.
• Researched and applied NIST CSF, RMF, and SCF frameworks where necessary and applicable.
• Reviewed and adjusted existing new and existing documentation with Legal/HR teams.
• Provided subject matter expertise to GRC team on other existing governance, risk, and compliance projects.

Oakland, CA, US

• Led the day-to-day security risk function - managing/training GRC team members as it pertained to risk management resulting in a measured quarterlydecrease in risk among all verticals.
• Led the deployment of ServiceNow risk module and OneTrust third party risk solution.
• Managed contracted personnel to implement long term goals/projects.Met regularly with peer teams and stakeholders in other business verticals to establish relationships, educate/inform about the risk function and.
• Provided/presented regular risk metrics to upper leadership to drive change in addressing security risks.
• Continually improved the risk process and ensured quality of delivered risk assessments.
• Assisted Director of GRC in managing other GRC functions.

Salt Lake City, Utah, US

Worked as a consultant for clients of the company performing baseline assessments of security, risk, and governance issues. Assisted clients in achieving and maintaining compliance requirements for various regulatory environments.

Salt Lake City, Utah, US

• Wrote and issued reports based upon risk attributes, controls, and residual risk of Bancorp engagements.
• Analyzed technical documentation including diagrams, flow charts, white papers, etc. to address potential security risks.Analyzed information security documentation provided by third-parties including SOC reports, PCI.
• Met regularly with business partners on a wide array of information security requests - establishing relationships to better serve the business.
• Managed and prioritized risk assessment queue for the Risk Assessment team.
• Coordinated with Supply Chain team to ensure Supply Chain needs were being met and contracts were being signed/approved in a timely manner.
• Continually worked on improving the risk assessment process to simplify and enable the business to move quickly while maintaining a high level of quality.

Lehi, Utah, US

• Led improvements to the compliance process improving the process from dozens of remediation action items to zero remediations in ensuing audits.
• Led/Managed the GRC function for SOX, HIPAA, PCI, and FDA technical compliance.
• Performed regular audit reviews including working with stakeholders, running queries against in-scope systems, and working with outside auditing entities.
• Wrote/Maintained IT policies.Served as incident response manager - first point of contact for helpdesk personnel, engaging necessary technical support, updating leadership on P1 events,etc.
• Served as Change Manager running change management meetings, ensuring change conflicts were addressed, changes followed applicable processes, etc.
• Managed/Maintained the sales commission process for the organization.

Yerevan, Yerevan, AM

· Worked with a small team of IT professionals to provide all IT solutions for a varied group of medical, law, dental, and general office environments. This ranged from providing server management and support down to teaching employees best security practices and assisting with helpdesk concerns. Troubleshooting and monitoring networks, phone systems, EMR.

· Worked directly under the CIO and interfaced with all aspects of IT administration for the company. I monitored routers and systems servers, worked on administering and troubleshooting the company ERP – SAGE, performed backups of critical company data, answered helpdesk tickets and provided timely service to office and warehouse employees, and generally.

CDL Class B - TransportationVehicle Maintenance

Provo, UT, US

Heavy Equipment - Dump truck >26000 lbs., loading, delivery, unloading, etc.Landscaping, excavation, demolition, general labor

Anchorage, AK, US

Tour GuideCDL Class B - TransportationADA TransportationVehicle Maintenance

Provo, UT, US

· Developed computer-based training modules to improve compliance across campus positions. I worked with department heads of various institutions to determine the needs of their office(s) and how I could help them to accomplish their training. Utilizing tools such as Adobe Captivate, Photoshop, Soundboard, and other related media, I created narrated.