• Orchestrated a team of 20+ auditors, driving audits across BCM, Cybersecurity, and IT domains, resulting in enhanced risk mitigation and operational resilience.• Pioneered a senior stakeholder engagement model, revolutionizing IT audit reporting and committee communications, leading to faster decision-making and proactive risk management.• Strategically directed annual risk assessments and audit planning processes, culminating in a robust audit execution framework aligned with regulatory expectations.• Spearheaded the successful implementation of the RSA Archer Audit Management solution for the region, optimizing audit processes and ensuring robust compliance capabilities across multiple business units.• Led the validation efforts for the closure of an IT-related Matter Requiring Attention (MRA) for the New York Federal Reserve Bank (FRB), and effectively prepared and delivered audit coverage presentations for regulatory examinations by the FRB and the New York State Department of Financial Services.• Fostered international collaboration by coordinating with global IT audit partners in London and Tokyo, enhancing audit consistency and leveraging best practices across the organization.

• Managed team of 35 IT and cybersecurity auditors in the US (Detroit and Arlington, TX) and Shanghai, China.• Enhanced global audit synergy and best practice sharing by orchestrating collaboration with IT audit teams in London and Tokyo, significantly improving audit consistency across international divisions.• Revamped organizational structure and implemented a strategic resourcing plan, resulting in increased internal capacity and decreased dependence on external consultants, optimizing operational efficiency and cost-effectiveness.• Oversaw annual audit planning, including risk assessment and multi-year audit plan, including continuous monitoring and issue validation executive sponsor for agile audit initiatives within GMAS.• Led audit execution, crafted stakeholder reports, and spearheaded the implementation of a data and analytics program for IT audit, enhancing decision-making processes and optimizing operational efficiency.

- CISO for internal IT, includes cybersecurity, IT risk and compliance for Finance, HR, Operations, Digital P&L and infrastructure- Led IT effort for GDPR- Led security operations, including application security, supplier security, network security access requests and investigations- Executed risk assessments; SOX and IT policy (ISO) compliance; controls identification & implementation for enterprise initiatives; review/coordination of EU works councils requirements for IT tools- Led and addressed M&A-related and customer security requests, for internal IT

- Led and enhanced global IT and enterprise data management audit and data analytics functions, which was divested. Oversaw 50 staff globally.- Developed and executed initiatives for IT audit universe, risk assessment, standard audit program and integrated audit approach- Oversaw development and execution of divestment-related IT audit activities- Led IT audit implementation of the BWise audit module

- Led the ORM team that covers HR, Legal, Compliance & Regulatory, Communications, Enterprise Risk Management & Chief Administration Office functions.- Develop and execute risk reporting, risk and control assessments, training and awareness, and risk mitigation activities- Led enterprise program to develop key risk indicators (KRIs)

Interim Head of ORM for Property Casualty (PC) Americas.- Established the Operational Risk Committee for the region- Developed and executed strategy to complete risk and control self assessments for the PC US businesses

Program manager for the Workforce component of the Global Infrastructure Utility (GIU) initiative for AIGGS.

Global Head of IT Security & Risk, within Operations & Systems (O&S); executive sponsor for identity management systems.- Led successful remediation of SOX access controls issue within one year- Drove development of the IT security framework and guiding principles for divestment and separation across the company- Implemented the O&S Review Board, which reviewed plans for technology separation- Established and managed the O&S Risk & Compliance Committee- Directed strategy and execution of cybersecurity and IT compliance in support of the global infrastructure enhancement program- Led O&S efforts to address best practice recommendations from the company's Independent Consultant

• Led a global team of over 25 in the development of IT risk governance frameworks and supporting processes and tools; drove firmwide adoption of new programs; influenced line of business participation.• Provided oversight for maintaining the IT Risk policies and standards portfolio, outside service provider program and regulatory liaison functions.

• Led internal audit for the firm’s global infrastructure and retail application development and maintenance functions.• Developed the initial SOX 404 approach for IT and third party vendors.• Co-managed merger integration efforts for IT audit (JPMC and Bank One). • Led awareness and efforts to enhance the department’s use of automated auditing techniques.

Part of effort to establish an independent risk consulting business. Focus on IT audit and consulting services.

Managing Director (Partner) within the IT audit and consulting practice, focusing on financial services. Responsible for client acquisition and service delivery for:- Capital Markets and Asset Management - IT audit support and consulting projects, including systems development and conversion efforts; web strategy assessment, technology due diligence and internal audit support- Business Information Mining - analyze data in support of financial audit and special projects. Managed custom solutions for clients, including benchmarking, survey tabulation and election balloting

Managed and executed IT controls reviews for financial services companies. Completed a secondment to the company's London office.