Produce and oversee the development of independent risk management reporting for respective areas of coverage as input governance and management routines. Monitor the regulatory environment to identify regulatory changes applicable to areas of coverage, advise the business of changes, direct appropriate areas to implement, and challenge the implementation plan. Identify, aggregate, report, escalate, inspect, and challenge remediation plans, and performs thematic analysis on FLU/CF-owned issues and control enhancements. Design and execution of Global Risk coverage of enterprise information security management of third parties. Prepare materials and provide consultation for regulatory exams, audits, and inquiries. Participate in scenario analysis activities for coverage areas and challenge as appropriate.

Direct multiple / major technology teams within Information Security that research, engineer, develop, implement, communicate, monitor, and maintain the information security (authentication, perimeter security, security & compliance tools, etc), & directory technology systems (software & hardware) and security policies / procedures. Work across Third Party Information Security program to ensure the assessment process is aligned to meet regulatory requirements. Document end-to-end process and supporting requirement identification and documentation for technology and work flow enhancements. Execution of the streamlining and risk reduction processes. Identification of process optimization opportunities with process management and support. Direct interaction with line of business stakeholders in support of the assessment process and engagement requirements.

Manage team of assessors which are responsible for executing information security assessments with the Bank’s third-parties. Provide tactical support to the team and ensure flawless execution throughout the assessment lifecycle. Maintain clear and consistent communication between the team and the Line of Business vendor management community regarding their assessments, and handle any escalations that may arise. Identified process optimization opportunities, which include technology and work flow enhancements. Review completion of assessments including Information Security, Business Continuity and Payment Card Industry (PCI) where vendors and service providers are trusted with company and customer data. Coordinate with vendor managers, line of business and vendors on remediation and resolution of findings from online assessment audits.

Provide risk mitigation to BA Merchant Services by leading merchants and service providers through the complex process of PCI Data Security Standard compliance validation. Influence merchant PCI contacts to remediate PCI findings and provide regular update reports. Utilizes in-depth technical knowledge and business requirements to design & implement secure solutions to meet customer / client needs while protecting the Bank's assets. Maintain data integrity in the system of record (Archer) for further reporting to the card associations (VISA, MasterCard, Discover, AmEx). Promote and execute failure mode and effects analysis (FMEA) multiple years to enhance processes and procedures. Exercise judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results.

Designed, developed, implemented, enhanced and operated information systems and software in support of business goals. Designed innovative IPSec model allowing endpoint communication and maintenance within Secured Zone environments. Utilize in-depth technical knowledge to design and implement secure solutions to meet customer/client needs while protecting the Bank’s assets. Spokesperson on specialized projects dealing with endpoint security. Developed and implemented security standards, baselines, procedures and guidelines around endpoint protection for multiple platforms and diverse environments. Developed Business Continuity and Disaster Recovery plan and training for endpoint antivirus management and configuration. Configuration, testing, deployment, management and ongoing support of endpoint software in conjunction with security policy compliance and security vulnerability monitoring.

Managed team of systems engineers to build and maintain network at customer location. Provide security and network consulting to corporate clients/partners whom request assistance for data and network security issues. Architect security solutions for connectivity to trusted third parties. Create corporate standards and baselines for network and data security and implemented security policies and procedures for corporate use. Responsible for security, support, LAN/WAN management, design and implementation, for 250+ users across three corporate office locations. Provide security and network consulting to corporate clients/partners whom request assistance for data and network security issues. 
 Architect security solutions for connectivity to trusted third parties. 
Create corporate standards and baselines for network and data security. 
Implemented security policies and procedures for corporate use. 
Implemented and provide systems and network support on a Windows NT/2000 and 
Microsoft BackOffice network for three sites. Implemented and manage a secure mail relay and content filter solution. 
Manage Checkpoint Firewall-1 and VPN access. 
Researched, tested and installed a personal firewall on remote user laptops. 
Implemented host based IDS software where required. 
Planned, drafted, executed and administer corporate password policy. Implemented and maintain Internet Information Server 4.0 and 5.0; to host secure 
Internet and intranet sites, and provide secure client and vendor access via FTP. 
Installed MRTG to assist in managing bandwidth usage through the Internet router and 
the secure mail relay. 
Research, evaluate and assist in specification of hardware and software for usability 
and compatibility in and with company data and communications systems. 
Consulted, developed, implemented and managed clients network with Active 
Directory. Maintained SonicWALL firewall with office to office VPN connections between locations.

LAN/WAN network administration for 200+ users. Utilized for awareness training of corporate employees on corporate basics on multiple PC standards including; saving of data, full utilization of email and correct Internet usage. Directly assisted in monitoring and maintaining of network infrastructure. Maintained and managed data archival of corporate information and transferring of media to a commercial offsite storage facility. Responsible for corporate inventory of all computer, laptops, software and printers. Managed user and email accounts on Window NT operating system.

Worked to support both customers and sales representatives. Interfaced with all levels of management. Managed inventory and purchasing levels from Mainframe Computer System. Maintained excellent client relationships relative to actions and resolutions. Directly accountable for the ordering, inventory and handling of specialty products and catalog sales. Conducted computer automated data entry and pricing calculations for sales representatives, office staff and customers.