Joined CIB - Payments business responsible for Cybersecurity and Technology Controls within Core transaction services

Joined BNY Mellon as Cyber-Security Information Risk Officer in Investment Management (IM) providing cyber-security, information risk management & technology control assessments, advisory and oversight. Assessing line 1’s compliance with the Information Risk Framework of the bank and delivering proactive management of cyber-security and information risk facing IM and ensuring risk management of key Business dependent Technology services are in alignment within the defined risk appetite. Ensuring quality, evidence-based responses from the 2nd line to the regional regulatory requests regarding cyber-security and technology risk.

Facilitated Information Security (IS) and Governance program by executing portfolios and initiatives to enhance Information Governance(IG), IS and data protection objectives. Conduct IS assessments & IG review of business processes.Supported the AM Cyber Security organization and information security programs. Provided level 2 support to Security Operation Center (SOC) for data protection and data loss prevention (DLP) incidents. Collaborated with Corporate Cyber team to develop SOC organization, operating model and framework.As Third Party Information Risk Manager (TPRM) responsible assessing and managing third party vendors and global suppliers IT risk for JPMC. Conducted third party application control assessments (ACA) and comprehensive risk assessments (CRA) providing risk management and oversight over 25 common business processes .Participated in third party vendor SWAT assessments for cloud security and mobile application controls.

CRISC, CISM, CISA, CISSP,CBCPDeveloped, implemented and managed Operational, Information Technology(IT)/Business Continuity (BC) risk assessments, projects and initiatives Implemented and managed Information Security strategies, projects and initiatives Managed IT Audit programs and regulatory compliance project initiativesDeveloped, implemented and managed Business Continuity /Disaster Recovery (BC/DR) program, testing and framework globally

Implemented and managed Information Security, Operational, IT & BC Risk assessment programs, projects and initiative. Project Management and collaboration with Project Management office (PMO).Support regulatory compliance efforts (SOX, FINRA, SEC).Developed, implemented and managed (BC/DR) & crisis management program and framework in the Americas

Managed Information Security department of 4 security analyst and oversee day to day information security operationsConceived security vision for the firmImplemented enterprise wide IT strategy and securityImplemented and managed security solutions to secure the firmResponsible for regulatory compliance and audit certification (HIPAA and SOX)

Managed day to day operation and service delivery related to Network, Telecom, Information security, Infrastructure /System project Management and TechnologyManaged IT Audit and SOX regulatory complianceCollaborated and coordinated with the business client and internal offshore IT Security Risk teams. Provided MIS reports to C-Level executives. Responsible for vendor management (Including governance & vendor risk management)

Provided Consultative Services to Pfizer for their Y2K program and to Medscape for their healthcare portal platform.

Managed day to day operation and service delivery related to Network, Telecom, Information security, Infrastructure /System project Management and TechnologyCollaborated and coordinated with the development teams and clients in the implementation of SDLC projectsCollaborated and coordinated with client IT Security Risk teams for security assessments and accreditations