Enhance Zero Trust Architecture and Technology Capabilities and Controls Through Oversight and Credible ChallengeLead Development, Governance, and Adoption of an Enterprise Data Protection and Security StrategyLead Risk Assessments and Provide Advisory Services for Enterprise Security Architecture Across Zero Trust Initiatives Focused on Identity, Data, Network, Endpoint/Device, and User Experience Journeys

*Acquired by Morgan Stanley - April 2021Lead the 2nd line of defense IT Risk Management team responsible for Technology Infrastructure and Information Security business units.

Provided IT Security thought leadership, governance, and strategic direction across all banking segments. • Collaborated across banking segments to design, develop, monitor, control, and deploy an enterprise security architecture strategy that complimented the business goals while minimizing risks, improving agility, protecting assets, reducing costs, and enhancing benefits. • Aligned with segment CTOs to drive technology programs with an information security related focus across consumer, wholesale, and brokerage banking operations. • Defined, designed, architected, and validated results for strategic enterprise initiatives including, but not limited to; Insider Threat, DR/BCP, Incident Response and Management, Infrastructure Cloud Transformation, Enterprise DataLake, IT Simplification, Process Automation, Consumer Omni-Channel Digital Experience, NextGen Consumer Banking IAM platform, and Secure Enterprise API Gateway.• Established IT Security strategy with an emphasis on benefits realization, ROI, and regulatory compliance. • Analyzed, advised, and defined roadmaps, capability maturity models, and initiative prioritization.• Established reference architectures, standards, and patterns to ensure compliance in solutions.

Lead the risk management process to enable customer sales representatives to provide technology and information security related contracts for project delivery. • Managed a portfolio of customer consulting related offerings for Infrastructure, Cloud, Security, Middleware, and Database technology.• Guided sales pursuit teams through solution definition, pricing, deal creation, and execution of contracts.• Enabled Project Management and Delivery leadership teams with engagement readiness profiles. • Provided customer governance via project reviews, portfolio reviews, and project health checks.• Managed global cross functional teams for operational efficiency projects and tool enablement.

Advised customer executive teams on innovative IT solutions to enhance market strategies, minimize risk, securely meet business goals, and optimize benefits realization. • Managed a portfolio of enterprise business and IT strategy services focused on benefits realization, ROI analysis, value based cost analysis, optimization, and operational effectiveness.• Championed a CTO driven initiative to analyze business, technical, security, and user requirements to establish an Enterprise Security Architecture framework, secure architecture design, defense in depth strategy, security policies, privacy mappings, data classification model, and project roadmaps.• Engaged by a CIO to analyze IT security spend, calculate ROI/TCO, and capture enterprise IT business requirements to define a strategic 1, 3, and 5 year IT security optimization roadmap.• Presented findings and recommendations to Executives, C-Suite, and Board of Directors.Spearheaded the incubation of the Enterprise Solution Architect program and built a global team of 15 manager, director and senior director level Enterprise Security Architects & IT Solution Architects. • Recruited, hired, trained, mentored, staffed, compensated, and managed 15 direct reports. • Managed portfolio of Enterprise Security, Security Privacy & Compliance, and IT Strategy offerings.• Managed the development and delivery of the Oracle Security Solution Architect training program.• Analyzed requirements to establish Enterprise Security Architecture frameworks and roadmaps.• Developed security policies, privacy mappings, and IT Security defense in depth strategies.• Analyzed governance, risk and compliance business drivers to establish Roadmaps to Security.• Led security initiatives deploying Identity/Access Management, SOA, and Database Security. • Regulations: HIPAA, GLB, SOX, PCI, Safe Harbor, FDA 21, CISP, and Patriot Act.• Institutional Standards: HSPD-12, ISO-17799, ISO-27001/27002, CCOW/HL7, and ANSI.

Excelled as a Project Manager and Technical Team Lead for initiatives to address enterprise security, information security controls, identity/access management, network, application, and data security requirements for global companies across various industries and markets. • Prepared and presented results and recommendations to the C-Suite and Board of Directors. • Created information security business case justifications and strategy roadmaps.• Aligned GRC with regulatory requirements (SOX, HIPAA, GLB, PCI, HL7) and business needs.• Assessed enterprise security requirements, threats, vulnerabilities, and security posture.• Led ethical hacking, social engineering, penetration testing, and diagnostic reviews.• Evaluated and created risk mitigation and remediation plans.• Customized Information Security and Technology Frameworks (ISO, NIST, COBIT, ITIL).• Enforced information security controls and privacy protection plans.• Established Enterprise Security Architectures, Disaster Recovery, and Business Continuity Plans.• Deployed threat management and incident response programs.• Led implementation teams on Enterprise Information Technology/Security initiatives.• Drove internal and external enterprise security assessments and IT audits (SAS65/70, SOX404).• Evaluated, created and managed strategy, policy, procedure, guideline, and best practice materials.

IT Administrator and Operations Support lead with responsibilities for developing hardware/software standards, network/system installation and administration, operations reviews, IT security assessments, threat management, end user support, IT equipment maintenance, web development, content management, and managing purchasing, distributions and allocation of resources.