• Responsible for configuring and deploying a variety of security technologies to monitor and respond to current and emerging cyber threats.• Ownership and management of the Information Security Incident Management Process.• Assist with formulating and implementing Information Security policies, and manage and maintain the Information Security Management System (ISMS)• Assist with the development of relevant Business Continuity Planning (BCP) plans for IT and business from an Information Security perspective.

• Designing and implementing efficient workflows with advanced reporting from RSA Archer and Microsoft SharePoint for the firm’s data privacy and vendor risk management program. • Working directly with cloud vendors to perform and analyze cybersecurity and IT controls assessments based on the Cloud Security Alliance (CSA) framework• Analyzing data and system classifications to align with industry standard tier ratings and to ensure assessments and frequency are appropriate for the level of risk• Building key performance indicators (KPI) and key risk indicators (KRI) to continuously monitor vendor risks and assessments.• Communicating vendor related risks to stakeholders at KPMG

Managed Cyber Security Controls, Business Continuity, Audit Remediation and IT Risk Management for multiple trading and analytics platforms in the Global Link (GL) business unit within State Street Global Markets• Established and managed a team to build a Global IT Risk Framework for GL, that included technology standards, processes and performance metrics, to mitigate risk and successfully reduce audit and compliance issues • Launched and coordinated infrastructure and application penetration tests across trading and mobile apps. Managed cyber remediation, incident and patch management across several business units. • Responsible for streamlining security logging to a repository for centralized control and monitoring across disparate production systems including Microsoft Windows, Linux, Mac, Oracle and SQL. • Disseminated IT control gaps and security events to business management, regulators, compliance committees, enterprise risk (ERM) and corporate audit. • Built use-cases, risk assessments and security solutions for data cloud migrations for key business applications

Director in the Technology Risk Management Services group, where I developed and managed the Information Technology (IT) Risk Advisory practice in New York. I specialized in Information Technology (IT) security, Sarbanes-Oxley (SOX) IT general controls testing and SSAE16 consulting

I worked as a consultant with the IT service department at Edward Isaacs and Company, a midsize accounting firm in New York City. I was responsible for all aspects of IT implementations, security and administration for the company’s clients and their in-house wide area network.