CISO responsible for a Nebraska and Iowa financial institution. Head of enterprise cybersecurity and information technology risk for a regional financial institution, serving as the program and process owner for activities that provide for the confidentiality, integrity and control of customer, employee and institution information in compliance with external regulations and internal policies and standards.

Head of enterprise cybersecurity and information technology risk for a regional financial institution, serving as the program and process owner for activities that provide for the confidentiality, integrity and control of customer, employee and institution information in compliance with external regulations and internal policies and standards.

A transformation expert for a major regional bank who is responsible for the risk management initiative across IT organization, including the build of the IT risk management roadmap, strategy, policies, standard and framework. Responsibility in transforming the IT organization to leadership's desired state. Key accomplishments include:- Initiating organizational change toward risk-focused Lean IT culture. Introduced and successfully seeded effective bottom-up culture change with "The Phoenix Project" and collaborative IT team engagements to effectuate confidence toward organization transformation goals.- Rapidly developed and successfully delivered a brand new Technology Risk Management program, including framework, KRI development process procedure, KRI production process procedure, Risk Registry process definition and procedure, KRI periodic review analysis methodology, and Technology Asset Risk Assessment Enhanced FMEA methodology. All processes and programs were developed to deploy at CMMI > 2.5 and attain greater than CMMI 3.0 within 12 months.- Established comprehensive Technology Risk Governance, deployed and executed with a Technology Risk Oversight Committee and aligned to Enterprise Risk and Operational Risk Management organizations. - Established key three-tier alliances with Internal Audit and Information Security organizations. Conducted peer review and support initiatives with information security to advance PCI-DSS compliance initiative.- Closed legacy audit findings for IT Risk noncompliance within 30 days of engagement through Agile/xPM influenced parallel program architecture and execution.- Directed domestic and offshore IT Risk talent in accelerated Agile execution, risk-aligned cultural transformation, and delivery aligned to Lean IT Kanban approach. Drove team member satisfaction and confidence to strong levels through demonstration of rapid delivery and acceptance of work-product to influence organizational change.

Responsible for the architecture, development and operation of enterprise security, risk and compliance portfolio risk management practices for First Data Corporation, including New Product, New Application, New Technology, Platform, and Strategic Initiative risk assessments.Key successes include:- Developed inter-organizational risk assessment framework with Global Product Development for accelerated product development and early product risk detection and remediation. With over 20 product initiatives assessed in 2013, 86% of the assessed products had risks discovered and remediated that would have otherwise lead to likely disruption of successful product delivery and production objectives.- Created early visibility reporting in new initiatives to empower governance, regulation and compliance practices to engage early in the pipeline, clearing obstacles and delivering substantial acceleration to the business team in product development and delivery.- Developed new assessment methodologies in cross-organizational collaboration, applying an Agile Development variant to quickly assemble, pilot, test and iterate practice and program capabilities for early success and organizational buy-in.Certifications held: CISSP, CRISC, CISA, CAP