Served as as volunteer Subject Matter Expert by participating in workshops to review and write exam items (questions) for the Certified Information Systems Security Professional (CISSP) exam.

- Provide guidance to internal teams such as product managers and served as a subject matter expert and primary point of contact for privacy and data protection topics- Built and responsible for the company's Privacy as a Service (PraaS) initiative, its internal privacy advisory service that provides the business with expert analysis, evaluation, and recommendations based on U.S. state and federal (GLBA, CCPA, CPRA, etc) laws and European regulation (GDPR), company Privacy Policies, and other policies and standards-Responsible for, and managed, the Privacy Champions Program, which includes recruiting and training individuals across the business lines and functions to identify and manage privacy risk -Engage cross-functionally to understand the privacy needs and challenges of stakeholders, develop solutions, and drive continuous improvements to the Company's privacy risk posture-Lead strategic initiatives to address evolving privacy matters and deliver on maturity roadmaps, OKRs, and value realization- Conduct privacy impact assessments (PIA), data protection impact assessments (DPIA), incident management, and supported data subject request process- Created and delivered privacy awareness training and tactical risk management training, coordinated firm-wide awareness campaigns- Extensive knowledge of OneTrust platform

- Thought and strategy leader within the Corporate Privacy Compliance Program reporting to the Chief Privacy Officer (CPO).- Authored and maintained Firm's Privacy Standards establishing firm-wide expectations regarding the collection and use of personal information. Also co-authored the Firm's Privacy Policy.-Collaborated with business lines, functions, shared services, and other compliance programs to identify Privacy Risk and advise business on building privacy by design within new products, services, and processes.-Third party vendor privacy impact Subject Matter Expert (SME) and privacy point of contact for third party risk management organization.-Designed and implemented the Firm's enterprise wide Privacy Impact Assessment (PIA) program for new or updated products, services, or processes.- Privacy Regulation Liaison responsible for tracking global privacy laws and regulations and providing enterprise guidance and strategy for operationalizing the regulation requirements within the Firm.- Advised the business lines and functions of federal, state and financial and general privacy regulations including the CCPA, NYDFS, GLBA, Reg S-P, FTC safeguard rules, Federal Reserve, state regulators, and GDPR.

- Leveraged across multiple corporate enterprise accounts and was responsible for ensuring that all outsourced services delivered to the customers comply with the contractually agreed security control standards and industry standards, which include HIPAA, HITECH, and NIST. - Conducted annual internal risk assessments to identify any deviations from controls and areas of improvement. - Developed and maintained account security plans, policies, and operational processes for each account.- Internal and third party audits, such as annual SOC audits.- Managed the the end to end delivery of all managed security services provided to assigned client organizations, including reporting metrics and meeting service level agreements (SLAs), and service reviews.- Led a delivery team of security professionals.- Conducted privacy impact assessments and security assessments.- Privacy policies and procedures.- Consulted and advised on data collection principles, privacy by design (PbD), and consent requirements.- Assisted customers in complying with privacy regulations such as GDPR, COPPA, HIPAA, and other privacy regulations and directives.