Sr Director Global Cyber Security Risk & Compliance, Architecture, And Program Management
CurrentSenior Leader responsible for Risk & Compliance, Architecture, and the Program Office.* Created the Risk & Compliance function through global team construction, authoring policy & standard guidelines, implementing risk frameworks, designing processes & workflows, and implementing an architecture capable of supporting the organization.* Designed and executed risk assessment processes to evaluate the security & compliance posture of supply chain partners.* Designed and implemented processes to assess projects, technology, AI, and M&A objectives resulting in a series of control requirements that needed to be implemented in order to comply with regulatory and cyber standards.* Compliance responsibilities include Data Privacy (CCPA, GDPR, MLPS), PCI, HIPAA, SOX, CTPAT, BE Customs, Mexico AEO, and SWIFT.* Developed and implemented Cybersecurity Control framework (derived from NIST 800-53).* Implemented cloud based GRC platform and designed workflows to automate and orchestrate risk assessments, compliance reviews, policy management, and reporting.* Manage SAP GRC team responsible for identity and access management workflow orchestration, role definitions, separation of duty conflict resolution, technical configuration, and new feature implementation across all SAP instances.* Provided cyber leadership supporting 3 acquisitions, 8 divestitures, and a $2B public company spinoff.* Developed Transitional Services Agreements (TSA) to establish the services and support contracts required for divestiture activities.* Manage the Global Cyber & Information Security Program Office which oversees all projects and support activities for the department.* Created the security charter and plan to establish the guidelines, baselines, and expectations of the department.* Conduct Cyber Maturity Assessments (CMA) to establish baseline and future state capability goals.* Authored Cyber and Information Security Policies and Standards.