• Leads events planning for the chapter, which includes identifying speakers and securing venues.• Connects Chapter leadership with the local cybersecurity community in New York City and Long Island to forge new alliances with private technology and security organizations and public sector agencies.• Governs and provides oversight to the Chapter's strategy and operations.• Represents the Chapter in local cybersecurity conferences and acts as a point of contact for industry partners.• Empowers Chapter members to be more involved and contribute to the organization's growth by leading the Events Committee.

• Assesses the IT risk and control environment of large banking and capital markets institutions against NIST CSF, ISO 27001 or a proprietary risk framework to identify gaps in their cybersecurity program and advises them in remediating those deficiencies.• Leads teams of 3-4 members in our assessment projects, delegates work to staff and provide first level of quality review.• Provides mentorship to junior members of the organization and connects them with IT risk and cybersecurity professionals in the industry through my professional affiliations.• Supports audit and assurance engagements such as Sarbanes-Oxley (SOX) Section 404, System and Organization Controls 1 (SOC 1) and SOC 2 engagements as an IT Specialist where I provide independent testing over the general IT controls supporting relevant systems in the engagement.

• Served as an independent trusted advisor to the board committee of a global financial services group on providing reasonable assurance around the effectiveness of the organization’s technology control environment and maintaining compliance with regulation• Managed the audit relationships of technology groups that support the organization’s capital markets, securities trading and transaction banking business lines, and holds periodic on-going monitoring discussions with their leadership to assess changes to the organization’s risk and control environment• Led special engagements including targeted reviews of high-risk departmental processes or internally developed applications, and audit or regulatory issue validation• Assigned tasks and provides mentorship to junior team members to ensure that they are well equipped in completing their deliverables and understand the importance of their role in the overall engagement• Participated in all phases of audit execution including planning an engagement, identifying key processes and systems through walkthroughs with stakeholders, documenting objectives and scoping rationales, testing Information Technology General Controls (ITGCs) during fieldwork, and documenting results upon the reporting phase of the audit• Specialized in auditing ITGCs in the areas of identity and access management, technology recovery, vulnerability management, vendor management and change management• Provided independent validation in closing audit issues and regulatory findings that the remediation effort addresses the issue, institutes an effective control activity to mitigate risks and is sustainable to be consistently performed over time

• Supported the delivery of an introductory risk management course for a world-renowned graduate degree program to a diverse cohort of 30 students through creating class materials, providing feedback on student deliverables, leading class discussions, responding to student inquiries and requests, and administering exams• Guided students in building an enterprise risk management program based on COSO Enterprise Risk Management - Integrated Framework or ISO 31000 in their semester project that covers financial, operational, and strategic risk categories specific to their chosen target company and industry• Strengthened the department by connecting seasoned industry professionals to the academic community in its career events, networking receptions and through guest lectures• Continues to network with recent college graduates, young professionals, international students with limited work authorization, and alumni in building, or shifting to, a career in risk management

• Participated in Internal Controls over Financial Reporting (ICFR) audits including Sarbanes-Oxley Section 404 (SOX 404) and System and Organization Controls 1 (SOC 1) engagements to provide our clients an independent and reasonable assurance that their internal controls environment is effective in mitigating the risk of inaccurate financial reporting• Conducted walkthroughs with our clients’ stakeholders to understand the key applications used in their financial reporting process and decide on which have the highest risk of producing materially misstated accounting entries to scope in the audit using own professional judgement and collaboration with other audit team members• Performed Information Technology General Controls (ITGCs) testing including identity and access management, change management, data backups and technology recovery around the major applications and databases that support financial reporting• Documented test results and supporting exhibits using Microsoft Excel and Visio in a manner that can be understood by an independent reviewer• Performed quality assurance checks on the documents and reports distributed to clients to ensure that these deliverables conform to the level of professionality expected from the engagement team and prestige of the company• Increased the technology risk awareness of clients by constantly communicating potential findings and confirmed deficiencies around their technology governance, risk and control environment throughout audit engagements• Reduced our clients' risk of inaccurate or fraudulent financial reporting through our audit process which benefited investors, creditors, regulators and other external stakeholders in the global financial system

• Created new business for the firm by connecting prospective high net worth individuals with wealth management advisers fit for their individual financial strategies• Improved the relationship between the firm and its retail clients by serving as the main point of contact between parties and responding to ad-hoc requests