*

Rahul Goel New York/rahulgoelus@San Francisco, gmail.+1 com 201 • 675 LinkedIn 1208

Chief Information Security Officer

Accomplished and highly analytical professional with extensive experience in technology industry and cyber security strategy.

Strategic, dynamic, and result-oriented leader; excelling at increasing productivity and efficiency by providing training, leadership operational and levels resolving of management direction, security, issues related while guidance, and directing guiding to risk and daily mitigation. support diverse operations teams to Articulate cross-Areas with and functional focus policy communicator; of Expertise on implementation. departments. offering high-known Instrumental standard Adept for reinforcing at technical identifying, in providing strong services. researching, relationships strategic analyzing, vision with for all

• • • • Information Business Control Regulatory Automation Process Compliance Security Improvement & Management AI

• • • • Regulatory Problem Digital Data Analytics Banking Resolution Compliance Career Experience • • • • Operational Team IT Corporate Strategy Training Governance & Risk Execution & Management Leadership Director – Security Assurance, Uber, San Francisco, CA 2022 – Present Deliver program. governance, Established risk, and implemented compliance, and roadmap regulatory across commitments organization. by developing and rolling out Global Cyber Security

• Provided cyber security security organization. and compliance around tech stack by conceptualizing and delivering service delivery model for Director, KPMG, Meta Platforms Inc. (Novi Wallet), New York, NY 2018 – 2021 Operationalized Information Security Compliance program for Crypto-based wallet product, including technology and business diligence by robotics strategizing biometric decisions checks, and and data, in executing partnership performed emerging business ongoing with technologies, business, initiatives monitoring and technology, using AI. to new deliver technological and convenient, operations developments, teams. immediate, Improved and such effortless customer as centralized customer onboarding, ERP experience platforms, ran due

• Conceptualized operations, implementing compliance, controls and deployed to and ensure data various full protection/compliance regulatory Cyber/for crypto-compliance privacy based by developing initiatives wallet products (a US comprehensive and (Novi International Wallet). risk framework 40+), such and as

• Led data development breaches and and a 40% implementation increase in compliance of a comprehensive with industry cybersecurity regulations program, resulting in a 50% reduction in

• Specialized digital assets in by information designing, delivering, protection, and cyber implementing security, and technology-broad-based based technology security solutions. transformation, and securing Business Information Control Officer, JP Morgan Chase, New York, NY 2015 – 2018 Sustained Focus Risk Management program by creating teams of information risk managers. Led Technology Associate program regulatory such leveraged organization programs as Fedwire, within focused by and on company internal engaging ACH, JPMC, on Business Payment audits/including via with improving vendors processes MRA Credit selection, with Card, for transparency (RCSA)successful service SWIFT, training,, applications, delivery and results. of and Clearing/risk through placements Reviewed, related infrastructure, Settlement. a rigorous to under assessed, vendor approach. Managed third various utilization and parties, monitored control lines Developed and and of requirements user offered business. various and tools. executed expert payment Oversaw for guidance assessment all systems, vendors several to

• Provided managing services team overseeing to multiple technology lines of controls, businesses, cyber, while security, supporting and business ~50K resiliency end users programs. and ~700 applications by

• Advanced and applications, directed IT risk infrastructure, IT Risk, posture Controls, and third strengthened Cyber parties, Security, and controls user and tools. environment Business Resiliency by offering programs executive-(BCP) level for support business to leaders/processes, staff

• Enhanced risks information and enhance security security stability/and initiatives. controls, availability while of focusing the technology on domain environment risk, identity, by conceptualizing, and access management developing, to and reduce employing known

• Implemented defense risk support risk framework model across strategy the organization. and philosophy to support all business initiatives by establishing 2nd line of

• Optimized risk governance among 1st and 2nd lines of defense.

• Improved committee IT to risk review governance IT risk posture and created on regular transparency basis. in the leadership team by putting together a business control Vice President - IT Audit Director, Capital Markets/Asset Wealth Management 2012 – 2015 Planned, processes, reviews, communication internal audit pre/organized, including post operations, of implementations, risks and applications and performed while core leading audit and information and general issues, staff LANS/management controls, while WANS. systems presenting Reviewed IT technology SOX responsibilities Compliance, audit and audits, reports approved by SDLCs, while to hiring, written senior integrating telecommunications, training, management. internal audits and audit evaluating focused Directed reports project on staff. and to management key ensure monitored business clear

• Achieved and escalation business by establishing results and and analyzed maintaining audit activities partnerships on all with risk-senior related executives. matters, while ensuring timely assessment

• Directed ISO 17799/IT 27001, audit teams NIST, focusing ITIL, COSO/on information COBIT, GLBA, risk 21 policies, CFR, FFIEC, standards, PCI DSS, guidelines, Basel I&II, processes, and NYDFS. and metrics based on

• Prepared comprehensive risk-based and long-range program of audit coverage for assigned areas.

• Drove bank’s regulatory risk agenda and positioned as competent partner vis-à-vis regulatory authorities.

• Integrated and reviewed internal controls with financial and operational audit groups.

• Performed networks, and technical/routers. specialized audits of Additional infrastructure, Experience internet, intranet, firewalls, SAP, PeopleSoft configurations, Global Head Global Head of Technology/Head of Project of Information/Risk Operations Services Vice Operations President Risk (Manager)& Regulatory Risk - Education Lead, Deloitte, & Third Regulatory Compliance Audit Party Enterprise Risk Compliance, (Vice Director President)Risk ING Services, Clarion,, Merrill Baltimore, New Lynch, York, MD New NY York, NY Master of Business Administration, Baruch College - Zicklin School of Business, New York, US Certifications

Certified Certified Payment Certified in in the Card Risk Governance Technical Industry Information and Information ITIL Data of V3 Proficiencies Information Systems Certified Security Systems Auditor Standards Technology Controls (CISA) (PCI (CRISC) (DSS) CGEIT) Cloud (AWS, GCP AZURE) UNIX (Solaris, AIX, Linux) Distributed Client Server