Manage all U.S. Privacy related data analytics and CCPA requests.Team Lead for all OneTrust vendor management activities.Collaborate with all Legal, Compliance, Vendor Management, Risk and Privacy teams.

Collaborated and negotiated several customer contracts with IT, Legal & Contracts teams. Conducted IT Vendor Risk Assessments & wrote final risk reports. Edited various Info-Sec centric policies and standards. Collaborated with Compliance & Privacy team on enterprise security awareness training.

Assisted with on-boarding & AML screening processes for large-scaled Integration project.Active member of the Risk Excellence Working Group.Collaborated with Business Controls, Contracts, Sales, Compliance and Legal teams. Edited and enhanced Know Your Customer (KYC) policies & procedures.

Conducted and managed Vendor Risk Assessments and Client Questionnaires.Researched 3rd Party Risk Management (TPRM) + Info-Sec + Cyber Security industry trends & tools.Collaborated and communicated IT regulatory requirements to business units and key stakeholders.Worked closely with Business Units, IT Senior Management, Vendor Risk, Contracts and Legal teams.

Provided risk analysis and support for clients to ensure compliance to security policies and ISO-27001 and NIST 800-53 controls. Responsible for vendor relationships that provide tools, products and services spanning current and emerging technologies. Collaborated with external auditors to conduct in-depth compliance audits and presented results to Senior Management. Liaison between Legal, Data Privacy, IT and Procurement work streams to negotiate contracts, SOWs and MSAs.

Acted as regulatory expert for information technology (IT) by identifying applicable regulations, understanding control environments, identifying gaps in compliance, and tracking remediation plans.Conducted weekly reporting status on international and domestic regulatory requirements to senior management. Maintained a relationship with regulators and tracked exam or assessment status and follow-up items.

IT Risk Manager (07/13 - 06/14)Conducted vendor and security risk analysis by verifying information provided by business partners; reviewed responses and analyzed the data to assign a risk rating to the vendor. Risk and Project Manager (10/10 - 07/13)Subject-matter expert for Technology team to identify risks, understand control environments, and track remediation plans. Compliance Analyst (06/08 - 10/10)Active collaborator with Enterprise Risk Management (ERM), compliance, governance, legal, vendor managment, technology, and regulatory teams. Project Coordinator (10/07 - 06/08)Coordinated IT audit initiatives; wrote and implemented effective policies to meet or beat audit deadlines.