Direct the Information Security Manager (ISM) team to ensure that the CISO’s Cybersecurity Program is effective through strategic partnering with other divisional leaders throughout the company. Ensure timely engagement on business and IT initiatives, provide guidance on the security risk aspect of projects and assess/report Corrective Action Plans to improve Information Security programs and initiatives. Monitor and analyze risk and compliance activity data to identify trends and recommend steps to improve the program’s effectiveness. Design, implement and train information technology employees on a risk-based security program.• Contribute to the development of the Cybersecurity framework including IT policies and controls.• Implement strategic plans and objectives in alignment with the corporate strategy.• Ensure Business Unit (BU) awareness of and compliance with IT/Security related policies and standards and advise on alternatives, such as compensating controls, to resolve issues and exceptions.• Develop and communicate Cybersecurity roadmaps and lead the team to ensure that projects are completed on time.• Mature security training and communications.• Understand and publish the overall information security risk posture of the business unit, providing a holistic view of vulnerabilities and associated risks to the business and Information Security.• Provide consulting services to increase knowledge of Information Security standards, concerns, interpretation, and clarification of policies as well as advise on BU plans to achieve compliance.

Expertise in development and implementation of Cybersecurity and Audit programs to assess adequacy of internal controls and Cybersecurity risk mitigation. Skilled in evaluating existing internal controls, risk assessments, identifying the control gaps and proposing mitigation strategies. Served as program manager for the information technology Cybersecurity program.• Formulated the governance and communication plan • Assisted CISO in rewriting Corporate policies• Orchestrated multiple programs to remediate Cybersecurity concerns• Prepared and presented executive management reports regarding Cybersecurity trends, programs, and operations.• Lead the execution of the corporate wide identity access management tool• Identified issues related to current Information Technology General Controls (ITGC) and provided recommendations while conveying the current issues and gaps to C-suite management. • Designed, administered and trained information technology employees on a risk-based Compliance Program.• Analyzed compliance and security activity data to identify trends and recommend steps to improve the program’s effectiveness.• Attained Sarbanes Oxley (SOX) compliance status by increasing the passing rate for the IT Business Units to 100% and reported deficiencies to zero.• Managed and operationalized corporate vulnerability program• Implemented endpoint privilege management software and supervised the hardening of privileged access for all resources• Enriched the SDLC with audit and compliance controls and gates and authored training

Manage day-to-day aspects of project tasks, resources, communications and requirements gathering, as well as auditing processes. Work with corporate business leaders and internal and external vendors to ensure seamless transition of all functional systems. Managed cross-functional, international teams to complete enterprise projects on time, within budget• Contributed to internal and external Corporate audits• Authored and tested disaster recovery plan for company’s #1 application • Executed Service Management program during IT outsourcing changeover (2012)• Guided network and communications projects during IT off-shore outsourcing transition (2009)• Directed numerous office and data center relocation projects• Advised Change Control Board using ServiceNow• Cultivated and maintained a positive rapport with C-level executives, project teams and customers