Manager Data

Resume of Robert Greene

Summary of Qualifications

Location: Tampa Florida

Cell: 323-***-****

Availability: Available for an interview with 24 hours’ notice.

Candidate Experience:

• Over 15 years’ experience with concentration on audit, compliance, vendor management, and risk assessment within highly regulated industries including: Banking, Brokerage, Health Care, Manufacturing, and Theme Parks and Resorts.

• CISA certified and has performed and managed domestic and international compliance reviews, operational, financial and IT audits, and regulatory assessments.

• Extremely familiar with the rules and regulatory requirements of many national and international regulatory agencies including NIST, COSO, ISO 27001 and PCI.

• Experienced in GDPR assessments, documentation, remediation and policies.

• Worked with Safe Harbor and Canadian PIPEDA, cross border information and data protection regulations.

• Lead Major Corporate IT Risk and Controls Assessments including negotiating and facilitating remediation of any deficiencies.

• Work with and representing senior executives such as CIO's, EVP's, SVP's, Directors, Boards of Directors and their teams, to ensure compliance and remediation of deficiencies.

• Education includes Cambridge University in England where, on an exchange program, studied International Business, Politics, and Relations.

• Also possess a Law degree with specialties in Information Security, Contracts and Business Law.

Professional Experience

Disney Parks and Resorts January 2017 - Present

Compliance Manager

• Supervise Three Offshore Teams (India), Controls and Compliance, PCI, network scans, pen testing and remediation, Network Monitoring and Logging and coordinate activity with US teams.

• Liaise with: senior management: compliance, finance, operations, external audit.

• Coordinate and perform SOX testing, controls monitoring and internal controls design, GDPR Consulting, third party security assessments.

• Self-assessment performance and coordination, SLA monitoring, contract management.

• PCI assessment, remediation and compensating controls review and design.

• Network scan and penetration test remediation.

• Network Monitoring and logging.

• Design and administer team training and knowledge sharing, manage on boarding /off boarding and generate new business opportunities.

WellCare January 2016 - January 2017

Senior IT Security, Technology and Infrastructure Consultant

• Manage the process controls program: design and lead testing of SOX, IT, CLOUD, cyber security, financial and operational controls, third party security evaluation.

• Analyze data controls and create tests to ensure that they satisfy data privacy, data transfer and national regulatory requirements, and ascertain that test steps can be re-performed by internal audit and Big 4 auditors.

• Work with corporate senior management, technology sponsors, legal department, internal audit and Big 4 audit directors to facilitate information privacy and data transfer regulatory compliance, data transfer testing and design, audits, management reporting, controls design and testing and remediation of findings.

• Presentations to senior and middle management on corporate control structure and their departmental control responsibilities.

• Manage documentation of in-scope SOX databases, applications and systems.

• Report to corporate management on SOX issues, HIPAA, HI TRUST, and regulatory requirements and progress toward compliance.

• Manage the corporate responsibility for IT internal audits and external quarterly and annual SOX and attestation audits.

• HI TRUST controls design, testing, and implementations.

• HIPAA information privacy assessments.

• Coordinate the implementation of a GRC application, gather requirements, consult on SDLC, Oversee UAT, regulatory and governance activities with IT process groups: IT security, change controls, development, windows, unix, database.

• Update and analyze regulatory requirements, controls designs, data transfer protocols, processes, procedures and SOX documentation.

• Project manager for service account access and orphan account utilization controls.

Raymond James Financial March 2015 - November 2015

Business Information Security Manager

• Work with international subsidiaries in Canada and Europe to ensure compliance with corporate, national, provincial and international data transfer and regulatory requirements: Pipeda/Safe Harbor/GDPR/Privacy Shield.

• Evaluate major international, regional, provincial and national regulations regarding data privacy and data transfers.

• Lead monthly security committee meetings.

• Consult with CEO and CIO on data privacy requirements, data transfer requirements, application access and upgrades, patching, and International and Regional regulatory issues. Consult with SDLC projects as a Business Analyst.

• Lead PCI DSS upgrade and data compliance assessments for Raymond James Bank, AML Consulting.

Bank of America May 2014 - March 2015

Lead IT Auditor

• Lead and perform IT audits of applications that compile information for BASEL III requirements and AML consulting.

• Assess and test data controls, information privacy/protection and update documentation and walkthroughs.

• SOX coordination with Big 4 auditors for reliance on work for testing purposes.

Citibank June 2013 - May 2014

Regulatory Compliance Manager Third Party Relationships:

• Assess all of the third party, national and international, Regulated Financial Institutions to review their compliance with Citigroup; information protection, data privacy, cross border data transfers, international regional and national, technology, and regulatory requirements.

• Considering: OCC, FDIC, SEC, HIPAA, Federal Reserve, GLBA, international regulators and international national bank regulations.

• Industries: Banking, National Banks, Insurance, Credit Bureaus, Government Regulators, Holding Companies, Mortgage Companies, Clearing Houses, Hedge Funds, Software and Technology information exchange Platforms.

• Correspond with international sector heads and senior managers, business supplier relationship managers, worldwide, to discuss relationships and elicit information protection and data privacy controls.

• Discuss and assess: data leakage protection, data center, incident response, network architecture.

• Create and utilize a process to test, evaluate, assess and document the particulars of the relationships, control gaps and or compliance to decide if they should have their controls formally assessed or be allowed to remain “Out of Scope” of Citigroup assessments.

• Interact with international senior management to apprise them of the effect of the project upon the relationships within their respective sectors.

• Supplier spend analysis continuity of business compliance.

Bank of America December 2011 - June 2013

Manager Outside Counsel and Third Party Assessments:

• Perform and manage the operational, information controls, security, testing and assessment of critical international outside counsel law firms, and large corporate third party relationships.

• Manage assessments of bank service companies such as couriers, payment processors, document.

• Travel nationally to New York, Boston, Chicago, Miami, Los Angeles, Washington D. C. and other cities to meet with law firm partners and technology management to discuss and review their protection of bank customer information, considering information privacy, data transfer and bank secrecy requirements.

• Create reports of findings and discuss and monitor remediation of the findings with law firm partners and CIO’s and the bank legal line of business.

FDIC January 2009 - December 2011

Manager Regulatory Compliance

• Evaluate operations and internal controls of assigned bank branches and departments.

• Support bank evaluation, BSA/AML, SAR, bank privacy act, due diligence.

PricewaterhouseCoopers April 2003 - January 2009

Senior Manager Audit and Compliance

• Industry Specialist: Banks, Insurance, Healthcare.

• Financial reviews, IT controls assessment, SOX, risk assessments, client internal audit team management.

• Report writing and presentations client senior management.

• Oversight of client remediation efforts.

Education / Certification

University of California Los Angeles

JD Corporate Law – Contracts

University of Southern California

BA International Relations - Information Technology

University of Cambridge England

Certificate of International Business Study

• CISA Certification

Contact this candidate