Sandra D. Email & Phone Number

Reston, VA, US

Implementing the cybersecurity risk management program. Leading three teams across the GRC team focusing on change management, third-party oversight, and risk management. Developing a risk management framework for identifying risks, managing the risk reporting process, and continuous monitoring.

Reston, VA, US

Leading three teams of Audit and Remediation Analysts in reducing technology risk to the client through analysis and implementation of strategic solutions.

Provide strategic technology solutions for companies in the financial services, non-profit, government, and education industries. Services include network support, application development, and technology risk assessments/management.

New Castle, DE, US

Adjunct instructor for the Physical Implementation & Design with Database Management Systems. Instruct students on how to design and manage DBMS using MySQL and MS Access. Also taught a Information Systems Theory and Practice where students were lead in discussion about how Information Systems help support the business. Outlined the relevancy of.

Malvern, Pennsylvania, US

• Planned client risk engagements to examine the regulatory, operations, and data-loss risks associated with IT projects, developed risk mitigation strategies, and compellingly presented the results to senior leaders.
• Utilized extensive knowledge and skills of third party oversight and risk management to redesign the technology assessment process which included adding automation and tracking, resulting in a 66% increase in process.
• Evaluated redundant risk management standards and convincingly presented a plan to integrate 43% of the standards into corporate-wide standards and retire another 23% of the standards that were no longer relevant to.
• Created a new consolidated risk assessment workpaper and new intake procedures introducing a formal planning and closing meetings, resulting in a 50% increase in productivity for completing the assessment.

Lancaster, Pennsylvania, US

• Wrote and persuasively presented a proposal to a business client, and directed the initiative for utilizing the strategic business intelligence toolset for fraud risk reporting, saving $250,000 in annual licensing fees.
• Led the strategic analysis for an enterprise GRC solution, and presented a proposal for 4 solutions that would integrate risk management enterprise-wide and reduced overall headcount by 3 FTEs.
• Skillfully proposed and directed the implementation of Power BI for the risk management team, reducing headcount from 3 to 1 FTEs.
• Utilized business acumen to increase awareness of information technology projects and metrics to business partners semi-monthly, resulting in a 50% increase in the use of internal solutions.
• Initiated and led the monthly collaboration sessions with technology partners for increased visibility of business needs, project pipeline, which resulted in a 30% increase in efficiency of small projects.

New York, NY, US

• Managed direct and indirect operations teams in the U.S. Developed a quality improvement strategy resulting in exceeding the service level agreements by 3 days and satisfying the 90% quality targets.
• Directed the rapid redesign of the job descriptions and rebuilt the 84-person compliance organization reducing turnover rates below 20% due to the enhanced hiring strategy.
• Managed the preparation of weekly, and monthly metrics reporting to senior management regarding department performance against KPIs.
• As co-chair of the personal development committee of a corporate professional network designed, developed, and presented personal development programs to a membership averaging 200 people across five locations, over a.
• As the co-chair of the corporate professional network, drove initiatives across 5 cross-functional teams to improve the goals of the professional network, which resulted in a 10% increase in general membership, filled.
• Guided young talent through mentorship, job shadowing, and networking resulting in promotions and accepting enhanced job offers.

New York, NY, US

• Designed a training program for relationship managers and trained 30-40 relationship managers on their responsibilities for managing vendor relationships.
• Used the COBIT framework to improve the vendor management efficiency by 5% through creating and implementing a process for new vendor requests which included adding vendor categorization and employing meetings between.
• Managed a team of 3-5 employees who assisted with initiating the periodic vendor reviews, which aided in time management and efficiency in the vendor management process.
• Updated policies to meet compliance standards and procedures for regulatory agencies including but not limited to FDIC.
• Assisted relationship managers with vendor remediation efforts.

New York, NY, US

• Developed and maintained strong working relationships with Sr. IT Leadership through routine meetings, continuous auditing and monitoring, and attendance in their staff meetings.
• Planned and scoped audit engagements for both Technology [e.g. Windows, Data Warehouse and Mainframe] and Operations [e.g. Marketing Services and List Management] audits.
• Partnered with Technology Risk Management to develop the IT control self-assessment testing and Sarbanes-Oxley Compliance reviews.

Philadelphia, PA, US

• Manage the design, development, implementation, and deployment of financial and operational risk management, impact analysis research and practice protection. This includes leading the development effort of policies.
• Facilitated the implementation of enterprise-wide governance, risk and compliance application in support of our compliance program. Reduced manual security remediation and assessment efforts by 75%.
• Drove knowledge delivery of Sarbanes-Oxley [SOX] & Payment Card Industry [PCI] methodology and implemented technology and business process changes for key technology and infrastructure controls to achieve regulatory.
• Delivered business process changes over critical operational compliance activities, including data loss prevention and risk mitigation resulting in a 50% reduction in manual effort. Created management reports to drive.

Malvern, PA, US

King Of Prussia, Pennsylvania, US

Glen Mills, PA, US

Doctor Of Philosophy - Phd, Accounting And Business/Management

Mba, Technology Management

Bs, Accounting And Information Systems