15+ years' experience in Program Management, Governance, Risk & Compliance (GRC), Vulnerability Management, Cybersecurity, Application Patching, Software Development and Testing.
Experience in PCI Compliance, FCC Compliance, NIST, CIS, ISO, SOX etc.
Experience in managing large security development and vulnerability remediation programs.
Demonstrated ability in stakeholder management and driving large programs end to end.
Act as single point of contact and drive and manage multiple global teams.
Collaborate with team members and stakeholders to understand or identify defined work problems and program goals, obtain prioritized deliverables, and discuss program impact.
Prioritize program goals, understand, and translate other stakeholders¿ needs into goals and deliverables with minimal assistance, and contribute to prioritization decisions.
Define the scope of projects and develop, execute, and manage project plans for supported program.
Drive execution of risk and compliance related activities focused on designing and testing controls and safeguards and vulnerabilities remediation and patching.
Support GRC work including statutory risk assessments, regulatory requests for information, exams/audits, governance, data & tooling systems, and reporting. · Act as a conduit between auditing, remediation, Legal, and business teams.
Maintain an in depth understanding of the broad regulatory landscape across multiple teams and focus areas, with the ability to translate changes into actionable project work.
Review and monitor key program metrics and escalate or define corrective actions for critical deviations.
Establishment of learnings, best practices, standardized frameworks and tools across program.
Maintain deep knowledge of policies, processed and compliance functions to identify stakeholders and build and maintain strong relationships across a wide array of teams.
Establish streamlined communication & engagement models with various stakeholders to communicate project status, updates, and ask for input and feedback to ensure cross functional alignment and on time completion of deliverables.
Assist with the development of System Security Plans, Continuous Monitoring, Plan of Action and Milestones, Security Controls Assessment, Risk Exposure analysis.
Identification of risks and detailing of mitigation plans to ensure that projects stay on track.
Ensure documents, evidence, record keeping are generated in accordance with internal processes and standards, are submission ready, and are appropriately archived in the document management system.
Identify gaps in strategy, systems, and processes to support growth at scale.
Create & facilitate presentations to support management understanding and influence decision making.
Reporting and tracking metrics, KPIs and preparing executive brief, presentations, weekly, monthly and quarterly business reviews.