David Li

David Li Email and Phone Number

Head of Risk and Compliance, Global Business Organization @ Google
New York, NY, US
David Li's Location
New York City Metropolitan Area, United States, United States
David Li's Contact Details
About David Li

David is a seasoned risk management professional with a proven track record in designing and leading risk management programs in both highly regulated and unregulated environments. With 20 years of experience, David specializes in implementing risk programs, working across teams and businesses to promote a healthy risk culture, enhancing operational resilience through risk assessments, controls testing and automation, and ensuring compliance with regulatory requirements.At Bloomberg, David was responsible for leading and overseeing our Enterprise Risk Management program (policies & procedures, risk assessment methodologies, independent testing, issue management, risk acceptance, risk reporting, and risk governance), providing 2nd LoD risk management coverage to a variety of product areas and business units, and performing risk & control assessments in a 1st LoD capacity, where necessary. In addition, David was also responsible for the SOC Reporting Program (+20 plus SOC 1s, 2s, and 3s).Prior to David's role leading ERM initiatives, he has led and executed programs relevant to Technology Risk, Information Security, and IT audits. Experiences include: creation of information security strategy roadmaps, managing information security governance programs, performing IT audits and various cyber/InfoSec risk assessments (e.g., NIST framework assessments), and other reviews against various compliance/regulatory frameworks (PCI, GLBA, etc). Understanding of common frameworks and standards include: COSO, DORA, GDPR, NIST CSF, NIST 800 series, ISO 27000 series, COBIT, SOX and Trust Service Principles.

David Li's Current Company Details
Google

Google

View
Head of Risk and Compliance, Global Business Organization
New York, NY, US
Website:
goo.gle/3DLEokh
Employees:
315106
Company phone:
916.253.7820
David Li Work Experience Details
  • Google
    Head Of Risk And Compliance, Global Business Organization
    Google
    New York, Ny, Us
    View
  • Google
    Head Of Core Risk And Compliance, Global Go To Market Operations
    Google Oct 2024 - Present
    Mountain View, Ca, Us
    View
  • Bloomberg
    Global Head, Risk Assurance & Testing Oversight
    Bloomberg Sep 2023 - Jun 2024
    New York, Ny, Us
    Responsible for (1) empowering 1LoD to embed data-driven risk assurance programs within their businesses and (2) oversee our 2LoD controls testing team, covering operational, compliance, and regulatory risk.
    View
  • Bloomberg
    Global Head, Enterprise Risk Framework, Assessments And Operations
    Bloomberg Apr 2020 - Sep 2023
    New York, Ny, Us
    Acting Deputy Head of ERM.In addition to my responsibilities as Head of Enterprise Controls Assurance, I assumed direct responsibility for our Enterprise Risk Management framework (policies, procedures, taxonomies and tools), governance program, issue management program, risk appetite program, and our risk assessment team. Accomplishments include:- Strengthening risk culture across the organization- Firm wide adoption of our ERM framework and GRC tool across all lines of defense- Expansion of our risk assessment team to cover more businesses- Ratification of our Risk Steering Committee charter- Maturation of initiatives and projects to full fledged programs
    View
  • Bloomberg
    Head, Enterprise Controls Assurance
    Bloomberg Feb 2017 - Apr 2020
    New York, Ny, Us
    Created and led the Enterprise Controls Assurance team. Under my leadership, the team and I accomplished the following:- Expansion of the cyber risk assessment framework I created to cover other areas of operational risk (third party risk, system reliability, disaster recovery, etc). - Developed a formal program to support the management and facilitation of our System and Organization Control (SOC) audits, resulting in a scalable approach to the increasing number of reports that we issued firmwide (20+ reports).- Implemented robotics processing automation (RPA) to various risk processes, including our own control testing, to drive efficiency and consistency on repeatable tasks.
    View
  • Bloomberg
    Technology And Cyber Risk Lead
    Bloomberg Jan 2016 - Feb 2017
    New York, Ny, Us
    Created and implemented a repeatable process to identify, assess, and report on cyber and technology risk. More broadly, was brought in to help create and build a risk management program from the ground up, helping to define our operating model, jump starting risk initiatives/programs, and build the foundations of a repeatable risk management framework.
    View
  • Nomura
    Vice President, It Risk & Control
    Nomura Nov 2014 - Dec 2015
    Tokyo, Jp
    Created and improved our IT Risk programs globally while implementing them regionally in the Americas. Accomplishments include:- Creation of an application risk assessment and vendor due diligence program- Expanded IT risk and control taxonomy- Enhanced risk reporting
    View
  • Morgan Stanley
    Vice President, Information Risk Oversight
    Morgan Stanley Nov 2011 - Nov 2014
    New York, Ny, Us
    Nominated by senior management to partake in the creation and development of the Information Risk Oversight department, which was created to provide independent risk oversight of our IT and Information Security functions. Accomplishments include:- Creation of our department charter and operating model- Development of a risk based methodology to independently assess risks related to the use, processing, storage, and transmission of information or data.
    View
  • Morgan Stanley
    Vice President, Information Security
    Morgan Stanley Aug 2010 - Nov 2011
    New York, Ny, Us
    Defined and evangelized a formal 3 year roadmap for our Information Security Program and creating a program to govern against it.
    View
  • Pwc
    Information Security Advisory Services
    Pwc Jul 2006 - Aug 2010
    Gb
    On site manager for various security assessment and advisory projects, including:- Technical security assessments of operating systems (UNIX, Windows, etc), databases (Oracle, Sybase, etc), and firewalls (CheckPoint, NetScreen, etc).- Creation of written information security standards, both procedural and technical- Assisted in the compilation and analysis of the results of PwC’s annual Global State of Information Security Survey
    View
  • Pwc
    Systems & Process Assurance
    Pwc Jul 2004 - Jun 2006
    Gb
    Supported a variety of audit projects, including:- Internal audits- Third party attestations (SAS65s, SAS70s, AUPs, and Systrust)- 404 SOX audits- Regulatory assessments (e.g., PCI, GLBA, HIPAA)- IT risk assessments, ITGCs
    View

David Li Skills

Information Security Risk Management It Audit Risk Assessment Information Security Management Sarbanes Oxley Act Iso 27001 Enterprise Risk Management Internal Audit Cobit It Risk Management Financial Risk Computer Security Information Security Governance Coso Framework Information Assurance Sox Information Technology Strategy Information Risk Ffiec Occ

David Li Education Details

  • Gies College Of Business - University Of Illinois Urbana-Champaign
    Gies College Of Business - University Of Illinois Urbana-Champaign
    Management Information Systems

Frequently Asked Questions about David Li

What company does David Li work for?

David Li works for Google

What is David Li's role at the current company?

David Li's current role is Head of Risk and Compliance, Global Business Organization.

What is David Li's email address?

David Li's email address is dl****@****erg.net

What schools did David Li attend?

David Li attended Gies College Of Business - University Of Illinois Urbana-Champaign.

What skills is David Li known for?

David Li has skills like Information Security, Risk Management, It Audit, Risk Assessment, Information Security Management, Sarbanes Oxley Act, Iso 27001, Enterprise Risk Management, Internal Audit, Cobit, It Risk Management, Financial Risk.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.