Key responsibilities include:Perform technical IT risk assessments and control effectiveness assessments using a combination of available metrics and expert interviews.Help build project management rigor by creating work delivery cadences across team initiatives, manage stakeholder communications, work output tracking, and documentation management.  Provide guidance on information technology processes, controls, and compliance, and information technology risk management to team members.Work with technology and business partners across business functions/processes to ensure alignment, understanding and ongoing communication on information technology controls and information technology risk management.Ensure various compliance requirements (SOX, BASEL, GLBA, etc) are met through implementation of controls.Participates in the development of strategies for information technology processes and programs.Document current and desired future state capabilities, incorporating industry leading technologies that enhance AXP's ability to manage IT risk.Provide ongoing awareness and education of industry efforts and statistics relevant to information technology.Facilitates improvement solutions by working with all levels across Technology to determine security technology solutions that align with business strategies, technology strategic directions and compliance objectives.Provides consultation to internal business partners, customers, and vendors in assessing information technology risks and mitigating controls to ensure system availability and processing integrity.

- Manage a security strategy that is an integral part of the technology, innovation and ultimately the business security strategy for the organization.- Manage the development and implementation of security policy, standards, guidelines and procedures to ensure maintenance of security. - Manage information protection responsibilities which will include network security architecture, network access, monitoring network policies, employee education & awareness. - Manage security initiatives within a deployment pipeline implementation which will provide visibility in the production readiness of all applications by providing feedback on changes to the system.- Manage security initiatives directly related to the set of practices within DevOps that aim to shorten the systems development life cycle and provide delivery of high software quality. - Manage security resources team encompassing engineers, analysts and consultants- Consult upstream with executives to prioritize security initiatives and spending. - Oversee incident response planning as well as the investigation of security breaches and assist with disciplinary and legal matters associated with breaches as necessary.- Work with 3rd party vendors to implement independent security controls & audits.- Work with Risk & Compliance departments to adhere to state & federal standards. - Oversee a network of security vendors safeguarding the company’s assets, intellectual property and computer systems, as well as the physical safety of employees and visitors.

Direct report to CIO/CISO-Specialize in managing 'Problems, Audits, Operations, and Projects'-Manager of cyber security controls implementation(SIEM, MDM, Vulnerability Scanning, Patch Management, Penetration Testing, File Integrity Monitoring, DLP, Laptop Encryption, Malware & Anti-virus endpoint security)-Manage cyber security incident response team(CIRT) -Accountable for NIST CSF framework & CIS Top 20 controls alignment to bank's Information Security Program to mitigate risk via I.T. governance strategies and internal controls implementation-Accountable for governance, risk, and compliance(GRC) implementation in alignment with risk rating & cyber security maturity to meet institutions GLBA federal regulations and FFIEC guidance standards-Accountable for VMware infrastructure administration-Accountable for managing virtual information security officer(vISO) relationship-Accountable for system continuity 'DR' software(i.e. Neverfail) & Business Continuity(BCP)-Accountable for managing internet service provider(ISP) vendor relationship-Accountable for overseeing risk assessments, development of policies, procedures, testing, and security reporting processes.-Accountable for vendor management and review (SOC 2 & SSAE18) -Accountable for information technology planning and tactical implementation-Accountable for Access Control practices-Accountable for all LAN endpoint security technology via N-Able & Asset Inventory(i.e. Hardware & S/W)-Responsible for the maintaining knowledge of current and emerging IT products, trends and best practices-Developing & maintaining effective departmental procedures-Effectively handling all aspects of IT project delivery-Providing daily oversight to all technology related employees and vendors-Maintaining current and accurate hardware and software inventories-Effective management of all technology issues-Participant in monthly 'Cyber Threat Intelligence Work Group' conference call for regional community banks

Responsible for the proper functionality of all hardware and software on the Paragon LAN/WAN. Design, recommend, configure, install, maintain, and troubleshoot all aspects of internetwork. Technical lead on Frame Relay to MPLS migration project with vendor AT&T. Configuration of PIX/ASA remote and site to site VPN deployment. Led project strategy, implementation, and prioritization for build out and connectivity between several branches and primary bank data center.

Configured, implemented, and supported networking peripherals including routers, switches, bridges, and wireless access points. Coordinated final testing, performed complex troubleshooting, and provided Level 3 support.

Hired by chief technology officer as lead technical solution resource for multinational children’s toys and apparel manufacturer. Coordinated software upgrades, performed troubleshooting, and oversaw releases for flagship retail information system product.