Charged with creating and orchestrating Cyber Security Defense, Enterprise IAM Ops and Automation; Control Function Technologies –implementing controls, reducing risk, improving service and driving efficiency. PAM Architecture, Audit, Automation and Compliance. Shared Security & Continuous Monitoring Integration of four disparate Global teams into single Enterprise Security Operations team, support of access to Active Directory (AD), Unix platforms, and over 800 business applications in support in excess of 70K global users. Global staff of 180 across US, APAC and EMEA. Initiated 3rd Party Risk, managed service outsourcing creating a performance driven cost per transaction model. Implemented Automated Access Revocation processes; ensuring timely audit, action and compliance . Strengthened PAM Controls; remediation of PA through deletion, vaulting and monitoring technologies throughout the multi-cloud environments and ecosystems. Automated, innovated and delivered a simplified request and approval process for platform and application access from on-boarding to decommission of accounts -both human and non-human. Delivered request-less provisioning via RPA Attribute Based Access Control (ABAC) pilot to production via SailPoint, Saviynt & Okta. As well RBAC cloud service model (AWS, Azure & GCP Cloud RBAC authorization system; Including B2B, B2C, C2B and C2C models. Led Active Directory Modernization effort and standardization; ensuring controls and hygiene across multiple global authentication domains and respective cloud authentication and authorization connectors. Initiating a proof of concept method to proactively recommend access needs using predictive analytics and machine learning; this methodology is also targeted to eliminate access risk. Developed technical - business architecture, case, cost recovery methodology and rationale for holistic onboarding, processes to automate and modernize the Enterprise Security Experience and improve productivity by $14MM

Aligns firm’s cybersecurity, access management, controls and resiliency teams. Proactively, strategically partners with all LOBs to enable design, adoption, integration of tech controls; deliver processes, solutions efficiently and consistently; drive automation of controls. Shapes future of global digital transformation and commerce. Brings critical leadership and thinking to the table, working with teams of architects, aligning cross-functional projects, ensuring that they’re within scope, feasibility, fiscally and technically sound. Collaborates with internal teams and business leaders, creating strategically sound Target State Architectures. Directs budgeting, hiring, mentoring, setting priorities and fostering a client-centric environment where everyone learns and grows. Cyber Production Management and Resiliency (PM&R) = IT resiliency, recovery capabilities to ensure the firm’s compliance with global laws and regulations as they relate to resiliency risk and to improve the availability and resiliency capabilities of our critical applications and infrastructure. Execution, delivery is achieved through active collaboration with other control areas within the firm (LOB Tech Controls, Global Technology Infrastructure, etc.) to protect assets and reputation. Development of the firmwide Internal and External Cloud Provider and Services resiliency controls. Developing a firmwide Resiliency and Recovery strategy related to Cybersecurity threats. Coordination of technology resiliency regulatory and audit activities to and improve action plans and reporting Enhance strategic DC DR test planning, execution and reporting processes. Proactive scans and resiliency design reviews to identify availability, capacity, configuration and performance issues and prevent or minimize loss of data and extended recovery times. Partners with LOB, Corp Functions to ensure consistent, comprehensive implementation of technology resiliency policies and standards across all regions.