I direct a team of Risk Managers responsible for the successful identification, assessment,communication, and management of security and risks present in all North American mergersand acquisitions. Additionally, I deliver thought leadership to improve, and execute on modernizing Global Risk & Compliance processes, risk controls, and stakeholder engagement. Tactically, I provide logging and reporting of security risks via our GRC tooling, ensuring timely closure of Threat & Vulnerability, Incident Response and Audit findings. I set the strategic direction of the department through development of short-term goals and long-term strategic plans to improve risk control and mitigation using a combination of NIST and ISO 27001 control frameworks.

I identify, evaluate, and mitigate risk to Cisco Systems at the Enterprise level through my work in the CASPR Program and in ISO 27k Readiness. The tactical portion of my risk management role includes the assessment of cloud services and providers used by Cisco to identify and remediate legal, regulatory and privacy considerations, data security, ID and access controls, application security, multitenancy, and resiliency risks. Additionally, I am building a program for applications in the IT vertical to build in ISO 27K compliance by design as well as a self attestation process to measure how well the security controls from ISO 27K Annex A have been incorporated and documented into IT practices.The other half of my role is very strategic, centering on integrating external providers into Cisco's Service Delivery framework, transitioning IT from being solution builders into solution brokers and integration consultants. Simultaneously I'm working to minimize the amount of disruption, overhead and duplication to ISO 27K to stakeholders caused by implementing additional security controls. This goal will be achieved by bringing multiple risk and compliance management teams together to pool previously collected data. Breaking down these silos will result in greater risk and compliance visibility, cost savings by reducing overlapping compliance applications, and improved control over Cisco's security posture.

Manages the activities of multiple project and cross-functional teams to ensure successful deployment of complex projects affecting Oracle and SAP Enterprise Resource Planning systems. Provides a full spectrum of project management including, planning, scheduling, conflict resolution, risk management, resourcing, reporting, status reporting, and communication.

Works with business and IT stakeholders to develop project budgets, milestones, commit schedules and risk assessments. Conducts regular status update meetings with project resources and sponsors to facilitate problem resolution and mitigate risks. Provides status reports to IT and business management as well as build and maintain relationships with stakeholders and project resources.