Responsible for the overall IT Risk and Compliance program, including:-Developing, implementing, and maintaining IT risk management methodologies-Conducting regular Company information security risk assessments-Working collaboratively with Enterprise Risk Management, Internal Audit, Legal and Compliance to appropriately manage information risk in alignment with established risk, legal and compliance risk tolerances and methodologies -Developing and implementing IT risk and security policies -Monitoring information risks, mitigation and remediation efforts-Understanding and monitoring the regulatory environment, and ensuring compliance with applicable regulations-Working with IT and entire staff to ensure their compliance with IT and risk security policies-Overseeing the Identity and Access Management program-Developing and implementing a security awareness program-Developing and implementing an IT controls framework-Working with IT to assist them selecting appropriate control activities; measuring and monitoring those control activities-Coordinating IT activities in response to Internal Audit requirements-Providing oversight of audit, regulatory and risk management activities across IT functional areas-Coordinating the IT component of both internal and external audits, federal and statement examinations related to information security -Ensuring compliance with Model Audit Rule controls-Providing IT risk consulting-Directing IT Risk and Compliance team activities-Continuously monitoring the risk function, identifying, developing and implementing process improvements

AVP & Chief Information Security Officer at Sammons Financial Group Member CompaniesResponsible for: - Implementation of the IT Security and Risk Program and Strategy - Security Policies and Standards - Deployment of Risk, Security and Control Frameworks - IT Security Program - Monitoring IT and Information risks, mitigation, and remediation efforts - Classifying and valuing enterprise data assets - Providing Sr. Business Leadership with IT risk reporting and metrics to enable appropriate decision making to include the following: a) Risk Dashboards, b) Gap Analysis Views, c) Correlation of Risks, d) Trends, e)Threats - Ensuring appropriate security awareness by delivering targeted security awareness, measuring security awareness, and providing input into the overall security awareness program- IT Risk Consulting.

Director, Security Risk Management, Integrated Operational Risk Management Lead team of Information Security Officers, partnering with the business to effectively manage information risk. Lead team of information security governance specialists responsible for ensuring compliance with regulations and IT Security policies, risk reporting, and oversight of the risk assessment framework. • Led the development of a comprehensive risk assessment methodology based on ISO 27002 information security standards. The comprehensive risk assessment provides a broad view of compliance with ISO 27002 control objectives and identifies high risk areas requiring management attention. • Developed and implemented a Data Classification standard. The Data Classification standard and associated business impact assessments for IT applications served as the foundation for the IT risk reduction program. • Developed a revised Risk Assessment framework. The new framework provides a structured approach to determining likelihood and impact of a risk. The framework will now be leveraged across US Insurance. • Key contributor to the development of new IT Security Policies and Standards. Developed new IT security policies and standards to support the current business needs and threat environment.

IT Director and Information Security Officer, Insurance Services Managed a team of Information Security Officers and analysts responsible for ensuring IT compliance with ING Security Policies. Partnered with Operational Risk Management to effectively manage IT and operational risk across the three Insurance Services business units. • Developed team to manage IT Risk disciplines across the Insurance Services IT organization. This team served as the organizational model for all other ING organization within the USFS umbrella. • Led the IT policy compliance Scorecard process for the Insurance Services business units. Developed security processes and documentation that was used as a model across USFS business units.

Head of Retail Life Legacy Applications Managed the daily operations of the Retail Life Legacy Applications team. Responsible for the integrity of the Production environment, daily Production Support, client relationship management, Helpdesk support, business analysis, software development and software testing. Responsible for $21M operational budget, 100 Programmers, Business Analysts and Project Managers.• Led the IT efforts related to the sale of the ING Life of Georgia business unit. Negotiated the IT Transition of Services Agreement, including pricing details. Led the project team that successfully converted over 1.5 million contracts off from the Life of Georgia applications on schedule. Earned ING’s Circle of Honor award (INGs highest honor) for contributions to this project. • Led the “Wellness Initiative” to build an effective partnership between ING and TATA Consultancy Services (TCS). Reduced IT staff costs by 10% by effectively partnering with TCS to balance onshore/offshore ratios. Implemented cultural diversity initiatives to improve working relationships.

Managed the daily operations of the Denver Model Office including the management of the business analyst team. Responsible for the integrity of the Production environment, daily Production Support, client relationship management, small and large enhancement management, Helpdesk support, business analysis and software testing.• IT Project Manager responsible for Denver site Data Center Move activities (programming, business analysis, software quality assurance). Successfully led the Denver site activities to accomplish the Data Center move on-time and on-budget. The project was transparent to the end users and resulted in no application downtime. • Developed automatic Regression test. Utilizing WinRunner, built an automated regression test that resulted in a 25% reduction in Production defects.

Provided Account Management, Project Management, Quality Assurance, and Business Analysis services to client. • Performed account management for five life insurance company client accounts (ING Security Life of Denver, ING Southland Life, Met Life, Equitable of New York and J&HKVI). • Developed testing methodologies for software vendors and life insurance companies.

Managed the product development cycle for Product Research and Development. Also responsible for project management related to a new variable life insurance administration system. • Performed project management duties for the complete implementation of new life insurance products, including product research and development, product pricing, systems implementation and marketing roll-out. • Recruited, assembled, and trained new Model Office team to test variable life insurance software.