Vp, It Security & Risk
CurrentAs an accomplished cybersecurity professional, I specialize in creating information security governance programs by collaborating with business partners to design controls that safeguard the bank’s confidential information. My strategic approach combines technical expertise, banking acumen, and regulatory knowledge, resulting in robust, multi-layered defenses against cyber threats.Through my team we implement and oversee cybersecurity controls across the entire bank. Our approach is risk-based, both in working with frameworks such as CIS and NIST, and addressing findings from risk assessments, penetration tests, audits, and examinations. As the primary IT regulator liaison, I ensure seamless compliance. Additionally, my expertise extends to interpreting regulatory changes (e.g., FFIEC) and making necessary adjustments to our IT SOX controls.I play a crucial role in keeping our Board informed about our cybersecurity posture. By bridging the gap between technical intricacies and business impacts, my briefings empower informed decision-making at the highest level.Drawing on my background in business law and regulatory requirements, I effectively negotiate technology agreements. I overhauled the vendor management program to ensure regulatory compliance, creating new processes for vendor onboarding and due diligence. I am also responsible for the bank's cyber incident response.