Experienced in Computer Information Security with diverse industry experience in banking risk management solutions to protect corporate and client assets while meeting business needs. Strong leadership, management, and technology skills in complex security projects around South and North America in developing and implemented Information Security Policies. Responsible for the development and implementation of security assessments for the region and ensure that all incident resolutions were completed and closed on time before yearly Corporate audits. Worked with staff and the audit team to implement the best solutions in the field and achieve program goals for the next audit. Effective communication and skills. Extensive travel across the region delivering security plans to achieve program objectives.
|Skills||Experience||Total Years||Last Used|
|IBM Mainframe, Midrange Computer, Windows||Operating Systems/ Appl.||30 years||December 2010|
Retired from Citigroup after 30 years.
Security Officer for Corporate and Regional countries. Lead and managed assessment programs to ensure compliance with Corporate policies and standards. Liaison between the Audit team and countries management related to Technology audits. Monitoring and reporting management regarding the implementation on remediations of identified issues from audit reports or self assessments.
Developed application security framework that served as the cornerstone for a highly successful applications implementation strategy. Implemented the Corporate Third Party Information Security Assessment (TPISA) program for our Delaware Third Party users community. Conducted TPISA certification process for Third Party users in Delaware as well as for the regional office in NY. Streamlined the self assessment process to faster close significant issues identified in audit's reports. Keep management inform of open issues and the plans for resolutions.
Compliance officer managing the implementation of security policies and standard for the operation and application technology departments. Providing management with monitoring reports for security issues and assisting development departments in the implementation of security tools to be integrated into their new applications. Implement IS due diligence exercises in all applications and keep management inform of corrective actions.
Lead technology auditor for North America and Latin America. Managed, prepared, and conducted technology audits covering operating systems, networks, databases, applications, and physical security of the computer facility. Involved with the planning of individual audits, selecting participating auditors, defining audit objectives, and fulfilling the audit in a defined budget. Interviewing business teams about working practices, challenging current practices and finding ways to improve internal controls. Sharing with management audit results and agreeing appropriate corrective actions to remedy the identified issues.
Minor in Statistics.
Companies Worked For:
Job Titles Held: