Executive

SABRINA KURANI, MBCP

** ************ ********** ********,, ************ PPllaaiinnss,, NNeeww JJeerrsseeyy 007******* 997733..445522..22444477 ssaabbrriinnaa__kkuurraannii@@mmssnn..ccoomm

hhttttppss wwwwww..lliinnkkeeddiinn..ccoomm//iinn//ssaabbrriinnaa--kkuurraannii--mmbbccpp--33bb222299551111

~ 1 ~

~ RISK MANAGEMENT/SERVICE AND PRODUCT DELIVERY MANAGEMENT EXECUTIVE~ QUALIFICATIONS PROFILE

Growth-driven and competitive senior executive, armed with extensive experience in risk management, service delivery, product management, and strategic business development. Demonstrate strong capability in developing best-in-class operational programs and leading initiatives to effectively mitigate risk throughout the organization. Leverage expertise in optimizing operational efficiency, increasing productivity, and meeting pre-established goals. Excel at innovating strategies for diverse customers to address specific needs and requirements. Exemplify strong competency in building top-performing teams to achieve solid bottom-line results. Possess multilingual fluency in English, Hindi, and Sindhi. CORE COMPETENCIES

Risk and Control Self Assessments (RCSA) Policies and Procedures Development

Service and Product Delivery Management Innovation and Vendor Investments

Business Continuity and Product Life Cycle Management Operations Controls Oversight and Issue Management

Leadership and Staff Training Comprehensive Audit Reviews

Excellent Presentation and Decision Making Skills Continuous Process Improvement

Budget Implementation and Cost Control Outstanding Customer Service and Public Relations PROFESSIONAL EXPERIENCE

BANK OF AMERICA, NEW YORK, NY 2005–PRESENT

Senior Vice President Executive (Managing Director Level)/Chief Operating Officer (COO) Division Jun 2012–Present Global Technology & Operations (GT&O) Division–Risk Management/Product & Service Delivery Management Operational Risk Management: Diligently manage day-to-day operational aspects of the business focusing in identifying, assessing, and reducing operational risk within and across products, businesses, and countries in adherence to policy and regulatory standards. Ensure on time submission of accurate and appropriate reports of operational risks to senior management, regulators, and board of directors; chair various operating committees or governance forums. Carry out independent/emerging risk assessments; challenge entity ratings or Processes, Risks, and Controls (PRCs); and scenario analysis as appropriate. Maintain frequent interaction with Global Technology & Operations, Compliance, Risk, Audit teams to proactively manage, communicate, and mitigate operational risks; and make recommendations on corrective actions. Collaborate with in-business operational risk management on execution of operational risk policy requirements including development/governance of procedures and standards, quantifiable metrics and governance processes for measuring, scoring, and managing risks. Provide effective challenge for technology operational entities relating to Risk and Control Assessments

(RSCA) and Scenario Analysis, as appropriate. Interfaced with technology managers to identify key technology control indicators and maintain effective and efficient continuous control monitoring processes. Optimize operational efficiency by centralizing all facets of tracking, monitoring, reporting, and data management with action plans for issue closure of open issues across the enterprise. Function as Second Line of Defense to manage the company’s Enterprise-Level Third-Party Risk Management Framework from identification, assessment, mitigation through internal controls, reporting, quality assurance, validation, and escalation. Proactively lead enterprise-wide coordination and oversight of technology risk, cyber security, identity and access management, business continuity management, and technology from third party risk management relationships. Provide guidance and education to executive leadership within the organization by recommending technology and security investments which mitigate risks. Assume full responsibility in strengthening defenses, overseeing vendor risks, managing threats, influencing end-user behavior, and reducing risks and vulnerabilities in development of internal and client facing systems and products.

IT Service & Product Delivery Management: Oversee the delivery of technology to the business across products, services, and portfolios. Take charge of establishing policies, processes, and best practices designed to ensure consistently high service levels of performance. Serve as a liaison between enterprise and end-users, outside vendors, contractors, and consultants to define and establish service and support requirements. Lead all initiatives to create innovative technology roadmaps end-to-end

(E2E), which align to business projects, priorities, and investments, thus leading to the transformation and growth of the business toward fulfillment of its target metrics. Closely monitor metrics associated with customer feedback, improvement targets, and suggestions. Regularly interface with the product/project managers, business managers, and technology teams to ensure proper portfolio management and service/product delivery. Meet service level agreements and customer expectations through the development, communications, and periodic review of IT service levels supported by the business. Carry out vendors and 3rd party suppliers to ensure that services are delivered in accordance with expectations.

Spearheaded a Global Team for a multibillion-dollar division with $24.3M total GT&O division budget

Accurately measured cybersecurity maturity level of controls in five domains: including cyber risk oversight, threat intelligence and collaboration, cybersecurity controls, external dependency management, and cyber-incident management and resilience

Supported the Enterprise Privacy and Cross Border Data Movement Compliance Team, responsible for implementing the Company’s Cross Border Data Movement Compliance Coverage Model through execution of the Global Compliance Program across front line units and control functions; thus guaranteeing compliance with internal policies and applicable US and international laws, rules, and regulations governing cross-border data transfers

Pioneered the development of a Global Enterprise Spreadsheet Policy in partnership with the CFO Team due to a Regulatory Matter Requiring Attention (MRA) that identified gaps in the management of spreadsheets around security, controls, spreadsheet design, and Comprehensive Capital Asset Review (CCAR) SABRINA KURANI, MBCP

33 BBaattttllee RRiiddggee RRooaadd,, MMoorrrriiss PPllaaiinnss,, NNeeww JJeerrsseeyy 007******* 997733..445522..22444477 ssaabbrriinnaa__kkuurraannii@@mmssnn..ccoomm

hhttttppss wwwwww..lliinnkkeeddiinn..ccoomm//iinn//ssaabbrriinnaa--kkuurraannii--mmbbccpp--33bb222299551111

~ 2 ~

Played a vital role in defining and maintaining operational risk management framework components including: governance, policies, and standards aligned with regulations and best practices, process and risk and control libraries, risk scenarios, risk assessment methods, tools, and risk reporting and KRIs

Earned distinction for analyzing data across the enterprise to identify and drive the mitigation of risks

Demonstrated proficiency in providing regulatory interface on operational risk matters

Pivotal in defining, implementing, and maintaining a process, risk, and control library including the risk rating of the controls

Championed in developing an operational governance and meeting structure to facilitate proper communication, prioritization, and service/product delivery to insure the implementation and deployment of the Service/Product Delivery Management Model and Business Relationship Management focus

Initiated the development and implementation all operational service metrics, scorecards, and continuous improvement opportunities

Senior Vice President/Global Technology & Operations and Technology Infrastructure Division Apr 2010–Jun 2012 Provided oversight in delivering technology to the business across products, services, and portfolios while simultaneously handling all Third Party contracts associated with managed functional areas including overall strategy, financials, contract life cycle, and vendor relationship management. Carried out all facets of product planning, development, and deployment of new products and product enhancements. Excelled at managing new offerings and enhancements throughout the product life cycle. Fulfilled various duties, including defining the product vision, as well as gathering and prioritizing requirements. Maintained frequent interaction with the technology partners and key stakeholders to maintain profitable solutions and address diverse needs of clients. Created and managed metrics associated with customer feedback, improvement targets, and suggestions. Utilized quantitative and analytical skills to demonstrate benefit realization of initiative and projections of investment.

Functioned as the Health of the Plant Stability Program Manager

Completed the Sunrise Transformation in collaboration with the Domain Engineering and Operations teams (banks projects for pre-visioning of servers), which included hardware pre-provisioning; infrastructure deployment; and operating system configuration and life cycle management, along with streamlining of procedures

Headed all initiatives to drive the delivery and transition of new and existing IT services and definition/maintenance transition frameworks and processes including documentation, checklists, life cycles, and RACI models

Innovated and delivered products toward the fulfillment of operational objectives in collaboration with the engineering teams

Leveraged industry expertise in managing risks primarily in issue management (risk and audit)-tracking, remediation, and to closure; business continuity; reporting; and policies, procedures, and standards governance

Attained significant breakthrough in productivity, customer satisfaction, and continuous process improvements Vice President: Global Technology Infrastructure (GTI)/ Service Delivery and Business Continuity and Project Management Team Dec 2006–Apr 2010 Functioned as the primary point of contact for senior business partners responsible for infrastructure operations and support services

(IO&SS); customer and client communications; reporting; audit, risk, and business continuity; business and functional controls oversight; risk and control self-assessments (RCSAs); and other business initiatives. Played a vital role in collecting accurate data; tracking reports; and monitoring effectiveness of key risks and status of mitigation and action plans. Built profitable relationships with business partners to facilitate program adoption, streamline communications, and achieve global objectives.

Ensured proper portfolio management and service delivery in partnership with Product/Project Managers, Business Managers, and Technology Teams

Initiated the development of appropriate IT Risk management and business continuity management framework to ensure appropriate governance, risk appetite, policies, procedures, independent assessment, validation, metrics, reporting, and training are in place

Collaboratively worked with subject matter experts across the company to establish disaster recovery policies and procedures that include responses for pandemics, crisis management, external threats, and others

Led all initiatives to drive the delivery and transition of new and existing IT services and definition/maintenance transition frameworks and processes including documentation, checklists, life cycles, and RACI models

Achieved department productivity and data quality goals through the seamless development and implementation of IO&SS policies and practices for risk management

Innovated and delivered products to achieve target operational goals in conjunction with the engineering teams Assistant Vice President: Global Market Technology (GMT)

(Business Continuity and Project Management) Jun 2005–Dec 2006 Led the development and implementation of emergency response planning processes, including strategic process improvement and business continuity projects for emergency response planning automation and governance. Managed the entire project development life cycle, from initial concept and needs analysis, through deployment and optimization.

Developed project plans and worked with cross-functional team to support various initiatives

Achieved solid bottom-line results in productivity, customer satisfaction, and continuous process improvements

Spearheaded strategic emergency response planning initiatives, such as work area recovery plans, call trees, escalation processes, life safety, event management, pandemic plans, associate and senior leadership awareness, and Regional Support Team/Emergency Response Team (RST/ERT)

Successfully met long-term strategic goals for emergency response planning, through deployment of tools, automation, services, linkage to senior management Hoshin reporting, PMP, Six Sigma, program integration with business partners; while ensuring full integration of all process and linkage to best practices

Designed LDRPS recovery plans, as well as project plans, timelines, milestones, and schedules in collaboration with cross- functional team that supported multiple initiatives

Earned selection as the ENACT team initiator for Automated Call Tree System SABRINA KURANI, MBCP

33 BBaattttllee RRiiddggee RRooaadd,, MMoorrrriiss PPllaaiinnss,, NNeeww JJeerrsseeyy 007******* 997733..445522..22444477 ssaabbrriinnaa__kkuurraannii@@mmssnn..ccoomm

hhttttppss wwwwww..lliinnkkeeddiinn..ccoomm//iinn//ssaabbrriinnaa--kkuurraannii--mmbbccpp--33bb222299551111

~ 3 ~

EARLIER CAREER

ALLIANCE CAPITAL, SECAUCUS, NJ

Business Recovery Planning (BRP) Manager/Project Manager (Executive Level) Asset Management and Retirement Services–Alliance Global Investor Services (AGIS) Oct 2000–Jul 2005

Systematically managed daily and long-term planning of the Alliance Global Investor Services (AGIS) business recovery plan

Maintained disaster recovery intranet site, automated call tree processes, and updated all toll-free services database Project Manager (Executive Level)–Business Automation and Metrics Department Asset Management and Retirement Services–Alliance Global Investor Services (AGIS) Oct 2000–Jul 2005

Earned distinction as the global and domestic project manager for process improvement, automation, enterprise solutions, work flow system (Automated Work Distributor–AWD System), platform infrastructure, mainframe, web-based processing, and business continuity projects for mutual funds and retirement products

Led the automation of the web-based processing asset management platform for the mutual fund (retail), retirement

(401K Link and Simple), and college fund/529 businesses for investment allocations across all asset classes

Initiated the development of single and multiple portals and Voice Response Unit (VRU) for marketing

Gained recognition as the lead project manager for vendor transmission method change from an Server Name Indication

(SNI) link to an Internet Protocol (IP) link, as well as on Corporate Mainframe Elimination (front-end processor) initiative

UNITED HEALTHCARE, SOMERSET, NJ

Business/Systems Analyst

EBI MEDICAL SYSTEMS, INC., PARSIPPANY, NJ

Sales Analyst

WARNER LAMBERT/PARKE-DAVIS, MORRIS PLAINS, NJ

Intern/Business Planning Department

EDUCATION AND CREDENTIALS

BACHELOR OF SCIENCE IN MANAGEMENT WITH CONCENTRATION IN INFORMATION SYSTEMS: 1998

Fairleigh Dickinson University, Madison, NJ

Alpha Kappa Psi National Business Fraternity Asian Club Dean’s List Information Systems Audit and Controls Association (ISACA), New York, NY Certified in Risk and Information Systems Controls (CRISC): 2016 (Exam: In Progress) Cybersecurity Fundamentals Certificate: 2016 (Exam: In Progress) DRI The Institute for Continuity Management, New York, NY Licensed Masters Business Continuity Professional (MBCP): 2009 NETCOM Information and Technology, New York, NY: 2006 Project Management Professional Training (PMP/PMI): (Exam: In Progress) Program Management Professional (PgMP/PMI): (Exam: In Progress) Sysoft, Inc., New York, NY

Certified Internet Developer: 2000

Certified Webmaster and E-Commerce Architect: 2000 PROFESSIONAL DEVELOPMENT

Michigan Ross School of Business Executive Education, Ann Arbor, MI Operational Development Program: 2014

Columbia University – Graduate School of Business, New York, NY Bank of America Women’s Leadership Program: 2014

Bank of America, New York, NY

Six Sigma Green Belt Training: 2008

Learning Tree International, New York, NY

Information Technology Infrastructure Library (ITIL): 2006 PROFESSIONAL AFFILIATION

Leader: Women in Technology

TECHNICAL ACUMEN

Microsoft Office Suite Various Internal Applications for Risk Management

Contact this candidate