Chief Information Security Office - CitiCyber RiskRisk and ControlsEnterprise MCA

Issue Management Strategy Sr Manager - Enterprise Risk Management

• Designed the roadmap and lead initiatives to transform Enterprise Infrastructure Risk Management into Enterprise Cybersecurity Risk Management within the Risk Management & Governance function supporting Citi’s Chief Information Security Office. • Planned, implemented, and maintain a comprehensive Cyber Risk program across the enterprise to include monitoring, reporting and analysis of cyber issues across all lines of defense. • Audit and Issue Management program lead for the EIRM / ECRM team, overseeing multiple programs to include Audit Management, Issue Management, Regulatory Exams, External Exams (KPMG SOC 1 Engagement).• Responsible for line-of-sight of all Line of Defense assessment activity, emerging Issues and Corrective Action Plans, and reporting development to ensure on time remediation of Issues/CAPs/Milestones.• Build, share and present weekly/monthly/ad hoc Risk & Control reporting decks to Senior Management keeping them abreast of key metrics.• Collaborate with team, Senior Management, and business partners to understand needs and develop strategic initiatives to provide robust risk & control reporting focused on emerging risks impacting CISO across all sectors/regions.• Train new hires and business partners on Issue and Audit lifecycles, policies & standards, and reporting requirements via several methods.

• Partnered with Compliance Director to develop the RJF Corporate control testing program and implementation of the overall compliance framework.• Developed the RJF Corporate Compliance Testing Standards utilizing expertise and widely accepted industry standards. Presented requirements of these standards to Senior Management and businesses in scope of the Compliance Test Plan.• Developed and executed the annual Compliance Test Plan.• Trained Business Unit Compliance departments in identifying, testing, and enhancing controls within their lines of business.• Partnered with other pillars within the newly formed Corporate Compliance framework to ensure meaningful and timely progress towards the future state target operating model.

• Worked with Senior Management to plan, develop and execute the Internal Review Group roadmap designed to comply with a 3-year engagement with the Department of Justice.• Successfully managed nine metrics designed to test compliance with the National Mortgage Servicing Standards (~300 requirements) without breaching error rate thresholds.• Managed a team of Business Analysts performing testing and ensured accuracy and quality of work.• Developed test scripts utilized for the performance of prescriptive audits designed specifically for the purpose of testing business performance.• Developed queries designed to identify test populations used for statistical sampling.• Presented test scripts and population queries for all managed metrics to large audiences consisting of representatives from external auditing firm, the Department of Justice, and HSBC senior management including the CEO.

• Project Manager for multi-million-dollar (4MM - 25MM) projects that ensured refunds/adjustments to customer accounts while mitigating and remediating operational risk. Projects were completed accurately and ahead of schedule by establishing effective benchmarks and constant coordination with Legal, Compliance, business partners, and offshore teams. • Determined project scope and strategy, performed root cause analysis, and developed interim & long-term fixes for immediate risk reduction and prevent need for future refund efforts.• Developed comprehensive criteria for accurate identification of impacted accounts, refund methodologies, tracking of methodologies and populations, distribution of refunds to affected customers and reporting/presenting results to Senior Management. • Conducted audits for project finalization using statistical and judgmental sampling to ensure all audit checkpoints were accurate and easily visible in preparation for internal and external auditors.

• Primary OQPA contact for Foreclosure, Restructures, and Disbursements business units. Overhauled the process flow between all business partners, outside counsel, and OQPA to provide a more fluid structure and greater accountability between all groups which enabled effective gap analysis execution of essential policies and procedures. • Coordinated meetings and worked closely with Foreclosure SMEs, Department Managers, and attorneys to create thorough and extensive user manuals for Affidavits and Verified Complaints. These manuals ensured the business was able to complete highly complex and sensitive documentation used in the Foreclosure process without delay or increased financial risk.• Worked with Compliance to timely and accurately maintain Nationwide Acceleration Foreclosure Summary and Local Ordinance Charts. These robust charts were utilized by the business to ensure 100% compliance with all regulatory requirements and local laws.• Coordinated meetings and worked closely with Disbursements and Restructures SMEs to perform gap analysis on existing and new procedures. These procedures ensured the business consistently and accurately executed required duties which prevented corrective action plans or assisted in the remediation of audit findings.