- Design and implementation of a sustainable framework for Cyber Resilience for business-critical services, scenario-based stress testing, recovery solutions, risk identification and mitigation, executive reporting, alignment of NIST framework and regulatory requirements.
- Redesigned and implemented business continuity plans, including business impact analysis into the global resilience framework resulting in a 100% coverage rate for resiliency and recovery procedures for all departments.
- Completion of firmwide Information Security assessment to determine firms’ maturity of cyber resilience against industry recognized frameworks.
- Managed implementation of a firmwide cyber exercise program to gauge the effectiveness of awareness training against malicious communications, improving the firm’s resiliency rate by 40%.
- Successful management of industry-wide business continuity and cyber exercises (globally) including post-exercise and reviews and reports, residual risk by highlighting key successes and areas for improvement.
- Streamlined Business Continuity program within Group Technology by garnering the support of executive management, introduced on a global scale resulting in increased efficiency and recovery times.
- Winner of the firms IT efficiency award for recommendations on increasing productivity within the Middleware Services group.
- Development of a desktop application that streamlines the infrastructure change request submission process, significantly reducing the margin of error and overall processing time by 50%.
- Creation and management of Level 1 Service Desk global scorecard, supplying management, metrics, cost modeling, and departmental budgetary data.
- Served in the United States Navy onboard the USS James Madison ballistic missile submarine during the Persian Gulf War, achieved supervisor status of the Fire Control System.
- Completion of a two-year leadership program for the top 1% of performers within UBS.
|
Credit Suisse – Cyber Resilience Lead, Manager - 07/22 - Present - Performing independent operational risk and control assessments against controls underpinning cyber resilience and information security, including board level reporting.
- Creation of plausible cyber scenarios for executive walkthroughs and functional testing.
- Responsible for multimillion dollar budget with aligned FTE’s and engagements with key vendors.
- Define and implement a testing program to measure recovery capabilities against Critical Business Services and dependencies, front to back.
- Creation of threat response process to identify and test root cause analysis timings from the point of detection to initiation of recovery efforts.
- Cyber response and recovery plans, scenario-based incident response.
- Updating policies, standards, and guidelines to incorporate cyber resilience.
- Third party management, inclusion of cyber resilience into policy, onboarding process and the establishment of exercise requirements, to include a testing strategy.
- Work with technology to establish an improved recovery strategy for cyber relevant applications (cyber vault solution).
- Creation and implementation of a sustainable cyber resilience BAU model for integration into existing frameworks and leading collaboration efforts across functional teams, breaking silos.
UBS - Cyber Resilience Lead, Director (CISO)- 10/15 – 07/22 - Led the firm's Cyber Resilience program within CISO, covering all information security-relevant aspects of resilience, ensuring alignment with NIST, FSB, CSP, and compliance with policies and regulatory requirements.
- Creation of plausible cyber scenarios based on current intel for executive walkthroughs and functional testing.
- Managed and implemented a global internal access control and phishing program to measure the effectiveness of education and awareness including reporting mechanisms for internal audits and regulatory reviews.
- Manager for cyber assurance testing in the Americas, overseeing Red Team and penetration exercises.
- Led high-profile projects from inception to completion. Continually managing stakeholder expectations while maintaining accountability. Provide status updates and metrics to executive management and program stakeholders.
- Performed Information Security maturity and capability assessments aligned to industry frameworks.
- Led discussions with key stakeholders and executives for both Business and IT, updating the firm’s governance bodies to ensure the organization's resilience program remains in line with regulatory expectations.
- Developed and implemented a global training and exercise program for best practices, policy implementation, and plan development for both Business and IT, resulting in an improved security posture for the firm.
- Served as Operational Risk Manager, identifying, tracking, and reporting serious risks within the firm that has or may have a direct impact on business resilience.
UBS - Global Business Continuity Manager - 2/06 - 10/15 - Managed and developed a continuity program that covers continuity planning and disaster recovery programs for the internal staff on a global scale encompassing over 10,000 personnel. Responsible for ensuring recovery documentation and testing requirements adhered to strict regulatory and compliance guidelines.
- Worked closely with key business partners to develop and maintain critical staff recovery plans.
- Designed and implemented Business Continuity plans, Disaster Recovery Solutions, including Emergency Response, Global Business and IT recovery strategies, plan enhancements and plan exercises based on risks/threats (potential and experienced), and assessment of current and future needs.
- Championed wide-scale Business Impact Analysis for the Operations business, affording the business the ability to pinpoint key application dependencies impacting systemic processes over time and recovery prioritization for incidents occurring at critical processing times. The business in turn incorporated additional mitigation practices reducing potential fiscal and reputational exposure to the firm.
- Designed and led strategy development workshops and walkthroughs and tabletop exercises with various business units to develop and incorporate best practices for recovering critical functions.
- Improved testing efficiency and staff relocation requirements resulted in a significant cost reduction without sacrificing performance.
- Managed large-scale disaster recovery tests across all regions, all businesses, adhering to strict regulatory and compliance guidelines. Presented results and lessons learned to executive management highlighting key discrepancies and areas for improvement.
UBS - Regional BCM Coordinator Infrastructure Project Manager - 02/04 - 02/06 - Managed the delivery of important activities, such as technology refresh, security, and regulatory mandated work and the implementation of new requirements to cover either new development initiatives or remediation work to address production issues.
- Managed the development of the Equities crisis management process. Maintained and managed Equities IT Business Continuity Plan for North America, managing and reporting large-scale testing.
- Delivered the scope and requirements of key projects/initiatives within Production Services. Communicated project status to key stakeholders both internal and external to the department.
- Completed monthly project reporting for the Infra Projects Team Manager and the senior management within the department.
|
