Joanne Glauser

I am a senior IT Risk & Cybersecurity Leader with over 15 years of experience shaping secure technology environments across global financial institutions. My career is defined by a passion for building audit-ready, high-performing risk functions that stand up to scrutiny—from regulators, auditors, and boards alike.

As a change agent, I’ve led SOX and MAR programs, developed control testing methodologies, and updated enterprise-wide frameworks for monitoring, application security, and third-party oversight. I’ve served in both first and second lines of defense, helping firms recover from audit failures, maintain secure environments when modernizing, and scale governance at pace with innovation.

Colleagues and executives recognize me for bringing transparency—whether uncovering a $12M revenue opportunity during control testing or exposing thousands of instances of inappropriate production access. I serve on the board of CSA Delaware Valley and Advisory Council for SecureWorld, where I advocate for data-driven risk reduction and AI governance.

Let’s connect if you're risk capabilities require transformation, I can provide the confidence and transparency that is critical to any successful business.

Results Oriented Risk Management Leader with a proven track record of leading and strengthening control environments to safeguard organizational integrity and to sustain audit readiness. Recognized for identifying, escalating and remediating critical gaps – as well as improving, building or overhauling functions that lack structure, effectiveness or transparency. Bring extensive first and second line-of-defense leadership expertise across Operational Risk, IT Risk, Financial Controls, SOX, MAR, Fraud, Business Resiliency, and Third-Party Risk in complex, highly regulated environments. Adept at delivering effective credible challenges, producing impactful data-driven assessments and driving forward-looking risk identification and data-led control testing to protect against emerging business, regulatory and technology threats. A trusted partner to senior leadership in aligning risk management initiatives with strategic business objectives.

●Risk Management: Data Analytics, Digital Risk, Policy/Standard Management, Issues, Change, RCSA, Governance/Monitoring/Metrics, Sustainability, Root cause analysis, Audit Ready, Emerging Risk, COSO

●Information Security: Application, Infrastructure, PAM, IAM, API, AI, Cloud, Vulnerability, Regulatory 

●Data: Stakeholder & Technical Team Mgt, Reporting, Data Integrity & Protection, Warehouse Delivery

●Fraud: Focused Reviews, Governance /Monitoring/ Metrics, Product/ Portfolio/Acquisition/Digital reviews

●Third Party: Due Diligence, Contract mgt, Risk Assessment, Governance /Metrics, Continuous Monitoring

●Tools: Archer, Veritas, Process Unity, ServiceNow, BitSight, JIRA, ChatGPT, Perplexity

●Methodologies: Agile, Waterfall

Cornell University, Business Management 

• Certified Information Security Auditor (CISA)
• Certified Information Systems Manager (CISM)
• Project Management Professional (PMP)
• Six Sigma Greenbelt (SSGB)
• AI Management Systems (ISO 42001)
• ISO/IEC 27001:2022 Lead Auditor
• Insider Threat Management
• DSPM, Data Lakehouse Fundamentals
• DLP Specialist
• AI Certified Workflow Expert