Executive Director | Technology Risk Management - Americas
New York, New York, United States
Managed and directed the 2LoD Technology Risk function covering all aspects of IT Risk, Cybersecurity and Third-Party Risk in the Americas region.Led the Technology risk function, delivering identification and analysis on the root-causes of inadequate controls for technology, cyber and third-party based risks. Wrote new policies, established new KRI and developed new resilience solutions and guided the integration of Technology Risk into the firms enterprise risk strategy.Lead the regional Technology Risk Committee and oversaw the firms response to regulatory inquiries, providing sign-off on annual attestations and face-off to regulators during their periodic reviews and inspections.Highlights• Led the build-out and evolution of the regional Cyber Security Program, initiating peer bench-marking studies and external testing – including, 3rd party maturity assessments, penetration and security tests as well as internal continuity and resilience tests, e.g. table-top exercises, critical provider failure and simulated DDOS attacks and red-team exercises. • Implemented the new Third-Party risk program including standing up of a new risk committee to oversee the program, developed new controls, covering both 1LoD and external vendors and key third-parties, establishment of new KRI and and KPI and build out of new indicator framework to detect and monitor inadequate controls and performance.Skills: IT Security · Cyber Security · Third-Party Risk · Risk Mitigation and Resilience Strategies · Non-Financial Risk Frameworks