Leads the IT Compliance function for Canada and the US.

Led the IT Internal Audit function responsible for conducting SOX and operational audits.

Plans and conducts information security / cyber security controls and compliance examinations of member broker/dealer firms. Advises FINRA member supervision staff on how to assess the effectiveness of member firms' technology and internal controls designed to support their business activities for the protection of customer and organization’s critical information and to ensure compliance with SEC and FINRA rules and regulations.

• Led the annual IT audit risk assessment and planning processes.• Designed updates and implemented changes to the Sarbanes-Oxley (SOx) IT audit program, processes and IT General Controls (ITGCs).• Managed third party (co-sourced) Internal Audit team to ensure completion of SOx ITGC and IT operations testing.• Planned and executed annual information security audits such as: internal/external penetration testing, social engineering, credit card tokenization, sales order and fraud response, and cybersecurity incident response.• Advised and consulted with internal stakeholders to ensure timely and consistent implementation of controls and business process enhancements.• Coordinated with external auditors to facilitate the delivery and analysis of audit testing results.

• Contributed to annual audit planning process, including the evaluation of high-risk areas, as well as planning and coordinating the annual audit plan and reviewing controls self-assessments (CSAs).• Represented Information Security in developing audit responses and discussing issues during IT audit-closing meetings.• Assisted with controls testing and quality assurance activities to ensure controls effectiveness.• Interfaced with Information Security, IT, Internal Audit, External Audit, Finance, and other stakeholders to define, maintain, monitor, and support compliance with company policies and standards.• Assessed and mapped internal controls to ISO 27001/2 Security Framework.• Evaluated and responded to customer assessment requests related to global information security and IT compliance.• Reviewed projects for information security implications during all phases of project lifecycle with a focus on pre-implementation reviews.

• Provided leadership, guidance, and strategic direction to divisions as the global IT compliance subject matter expert.• Monitored and assessed the effectiveness of compliance with IT policies and procedures.• Coordinated all IT control deficiency, remediation efforts in consultation with divisional process owners.• Managed the IT enterprise risk management (ERM) process and global IT compliance program to ensure compliance with all internal IT controls and industry regulations.• Member of corporate IT Leadership team responsible for developing and implementing the corporate IT strategy.• Led team of three direct report and three indirect report compliance professionals.• Evaluated IT impacts related to Safe Harbor (now GDPR) certification and compliance with European Union regulations.• Responsible for creating, reviewing and updating all IT policies annually.

• Served as the global IT SOX subject matter expert directing division SOX managers to complete controls documentation, testing and remediation activities in a timely manner.• Managed stakeholder expectations including: Audit Committee, Internal/External Audit and Executive IT management.• Evaluated division management’s results and presented SOX quarterly status to executive IT management.• Designed and maintained a repeatable and sustainable SOX audit process, ensuring quality and completeness of deliverables.• Collaborated with and directed division SOx managers to complete controls documentation, testing, and remediation.• Managed continuous improvement of the existing global IT SOX compliance program.• Conducted SOX training to international affiliates and management across Europe, Asia, Latin and South America.

• Responsible for audit compliance as a member of the division IT executive advisory team.• Created and implemented new division standard operating procedures to ensure compliance with Corporate IT and Regulatory policies.• Developed business impact assessments, disaster recovery (DR) plans and test procedures, and conducted DR tests for division IT systems and data centers.• Owned the user account, re-certification process that spanned multiple regulated applications and systems.• Managed the execution of new quality system releases to ensure compliance with Quality Assurance requirements.

• Managed audit scope and budget, facilitated meetings with senior IT and finance management, and issued audit reports.• Performed IT audits for ten domestic sites and four international affiliates across Europe while adapting to a variety of business practices, languages, and cultures.• Reviewed adequacy of controls, including general IT controls, DR planning, system security (e.g. AS/400, Windows, UNIX, MVS), and application-level security (e.g. SAP).• Consolidated and presented audit findings to international affiliates and management at divisional and corporate levels.• Mentored new auditors by helping them become acclimated with Abbott and audit department responsibilities.

• Led several projects for Fortune 500 clients including: data center integration and consolidation related to acquisitions, application consolidations, IT business process re-engineering, and hardware and operating system upgrades.• Created significant cost savings by reducing overall footprint and associated maintenance/operating costs for a large pharmaceutical client during a data center consolidation and integration effort.• Collaborated with internal and external vendor partners to ensure cost-effective hardware procurement for a multi-million-dollar infrastructure refresh project for a major claims processor.• Managed business cases and delivered savings estimates for an internal Voice over IP network transformation project.• Led a desktop operating system migration in a highly regulated pharmaceutical environment.• Conducted IT process gap analyses to identify synergies and implemented negotiated solutions globally.• Initiated and managed the process redesign for the procurement and refresh of data center hardware.• Developed standardized entry and exit processes for employees and contractors to ensure effective controls.• Participated in reviewing and developing responses to request for proposals.