MONA BAJPAI

PH: 973-***-**** EMAIL: ad21ym@r.postjobfree.com

Program/Product Owner implementing value driven processes/solutions to solve business needs. 21 years of experience in IT and Data Management

INDUSTRY EXPERIENCE

Total Relevant Experience: 21 years

Industries: Financial, Advisory, Pharmaceutical, Telecom, and Retail

•Major skills – Audit, PMO, Portfolio Management, Transformation/Change Management, Information Security, Regulatory, Governance, Compliance, IAM, Enterprise Data Governance, Program/Project Management

PMO EXPERIENCE

Managed technology teams and key business partners to build and rollout business processes and system implementations.

Managed development of visions, programs, roadmaps, scopes, requirements, project plans, allocations, presentations, status, and ensure delivery within time and budget.

Cost modelling for program financials - to track spending and identify budget risks and opportunities

Effective project control by monitoring and tracking progress and provide timely updates to the management

Effectively lead Product, Program and Project Management steering team meetings, to gain input, approvals, and decisions

Contributed in PMO artifact developments and process improvements business analysis

Managed IT vendors to ensure quality and timely delivery of services

Manage vendor contracts and resource estimates.

Experienced with 3 Types of PMO – Supportive, Controlling, and Directive

•Methodologies / Tools – Agile, Waterfall, PMBOK, ITIL, MS Project, Clarity, and SDLC

•Tools – Guardián, Archer, JIRA, GRWE, Clarity, Planview, and MS Project

IT SECURITY RISK - REGULATORY & GOVERNANCE

Data Governance - Implemented Data Masking, Data Retention, Data Destruction, Lineage, ADS and Data Lake firm wide

Identity and Access Management ; PAM and IAM

Managed in-house development of Information Security Governance Tool for access management, database, data masking, source code review, SSH keys, code comparison.

Lead implementation of NIST (National Institute of standard & Technology) 800-171 requirements for protecting data, for the purposes of meeting KPMG’s contractual requirements to the Department of Defense

Managed automation of Archer GRC Tool development - a unified process for managing the data

fferent security review stages, supported by a system implementation to in-take, track security reviews and to retain reviewed documents to support the increased demand for this service across the KPMG organization.

Managed design and implementation of enhanced security controls for managed workstations to reduce the risk in KPMG

Liaisons between Bank and external auditors for IT Security with, Monetary Authority of Singapore (MAS), Dodd-Frank and BaFin Germany (MASIT14, MASIT27, Technology Risk Management (TRM11), Federal Reporting Year (FR Y) 2011, 2012, 2013, 2014, 2015) regulation.

Management of Security Risk Assessments on Critical 6000 Applications’ Production Servers and Privileged Support Personnel’s Access Authentication to identify security access gaps for remediation.

Management of Global Operation and Technology (GO&T) risk and control issues. Provided guidance to owners for mitigating risks and bringing them to closure. Continuity of Business (COB) Audit for US, UK, Germany, and APAC.

LARGE TRANSFORMATION PROGRAMS:

Third Party Risk Management

Compliance Testing and Monitoring

Data Protection - Masking and Destruction

Access Management – Managed various Global Access Management Projects (IAM)

Federal Reporting – Legal Entity US program under the Intermediate Holding Company (Finance Bank).

Change Management – Simplified Change Management Process (Finance Bank).

•Small Business Platform – (SBP) Profitability Indicator (PI) program (Finance).

•4G technology Telecom/Wireless Implementation 3-billion-dollar budget (Telecom).

•Procurement of hardware and software including the installation of (Firewalls, load balancers, Web Server/ Application, router, switches) VLAN network connectivity, software installs, LDAP database etc. (Telecom).

PROFESSIONAL EXPERIENCE:

BNY Mellon (July 2022 – Current)

Sr.Program Manager/Sr. Project Manager Data Governance Program

Managed a third party (Oliver Wyman) to create Enterprise-wide Data Operating Model which adhered to policies and standards.

Managed program to align industry best practices, audit observations, gap analysis, remediations, action plans, in lieu of organizational strategies.

Lead Data Governance, Data Quality, and Architecture Audits (External and Internal)

Lead Master Data Management and ADS Audits (External and Internal) firm wide

Oversight Data Governance Program including managing Project Portfolio and collaborate with the Line of Businesses

Maintain MyCDO (Chief Data Office site) and Collibra for MDM (Master Data Management) and ADS certifications

Partner with the Finance team to guide projects from business case development to ongoing project management.

Ensure emerging risks are identified and highlighted to senior management. Prepare executive summaries, reports, and presentations summarizing findings and recommendations to Board and its Risk Committee.

Designed programs to increase awareness about IT policies and compliance requirements via training and communication.

Review KPI/KRIs to ascertain the state and effectiveness of current policies and procedures.

Implemented project methodologies including agile, scaled agile, scope/ requirements management, Kanban, planning, resource management, testing, etc.

For enterprise-wide, scaled, and complex projects provided direct support in defining approach, planning and mobilizing efforts.

Managed a complex stakeholder landscape within sensitive topics and aided the parties through the 3 D’s; discuss, debate and decide.

Prepared executive summaries, reports, and presentations summarizing findings and recommendations to Board and its Risk Committee

Brown Brothers Harriman (September 2019 – June 2022)

Program/Portfolio Manager Data Governance Program

Managed Data Governance Program - Implemented IAM, Data Masking, Data Retention and Data Destruction firm wide, as per the policies and standards

Managed IT Security Program - Implemented IBM OpenPages tool and on-boarded Third Party Risk Management and Compliance Testing & Monitioring

Provide assistance to the business to address technology based audit findings and issues

Ensuring full participation in Audit programs assisting business in identifying technology-based controls based on NIST and CJIS

Implement processes for reviewing organizational compliance and regulations, and provide guidance to all parties

Manage budget, roadmaps, schedules, and metrics on a regular basis (KPI/KRI)

Provide leadership and Change Management to govern the book of work, confirm adherence to all federated PMO guidelines and facilitate communication with program sponsors and cross-functional stakeholder groups

Point of contact for various security related activities within the central Technology Risk Mgmt and Information Security team

Developing RFI/RFP benefit/cost analysis

Experience creating and executing campaigns for employee education, awareness, and training team, as a part of Change Management

Handled Data Governance tools such as Informatica Exon, Alation, JIRA, and Collibra

Celgene, Summit East, NJ (August 2017 – September 2019)

Product Manager Global Security System

Responsible for managing project delivery and maintenance of various Projects on Security Systems

Implemented Third Party Risk Management Program to provide oversight of operational risk, Audit and Regulatory actions, controls and third-party risk management activities.

Implementing Access Management (Card Access System) Globally and IAM (Identity and Access Management IAM) including Change Management.

Implemented ServiceNow for IT Service Desk and Project Management Module as per Change Management policies

Implemented Visitor Management System globally.

Created RFI/RFP benefit/cost analysis.

All the above Projects are managed through Agile/Waterfall Project Management gateways.

KPMG Montvale, NJ (August 2015 – September 2017)

Program and Portfolio Manager KPMG Internal – Governance, Risk and Compliance (GRC) Regulatory

Responsible for project delivery, managing engineers, project managers and project coordinators for various IT security projects. These projects required balancing scope, budget, schedule, competing priorities, program risks, and executive communications. Specific accomplishment includes:

Managing NIST and DORA (National Institute of Standard and Technology) program and on-boarding application into SPLUNK for logging and monitoring

Managed migration of prem. applications to cloud.

Managing SRA (Security Review Automation) project, developing a new Archer platform

Managed Workstation Controls - security controls for managed workstations to reduce the overall risk exposure of the firm.

Managed Project Portfolio and Budget

CREDIT SUISSE, NYC, NY (August 2015 – September 2016)

Service Delivery Manager External – Regulatory Reporting

Governed overall book of work, confirmed adherence to all federated PMO guidelines and facilitated communication with program sponsors and cross-functional stakeholders.

Managed development and implementation of Legal Entity US program under the Intermediate Holding Company (IHC). It is an external gross payment reporting program to support Federal requirement for Federal Reporting Schedule C & D Year-2013, 2014, and 2015.

The above projects went through the project management gateways.

DEUTSCHE BANK, JERSEY CITY, NEW JERSEY (JUNE 2009 – MAY 2015)

Sr, Program Manager/Sr. Project Manager - Governance, Risk and Compliance

Program Manager IT Security Programs

•Managed development and implementation of Information Security Governance Tool for access management (IAM), database, data masking, source code review, SSH keys, code comparison with Project Management Best Practice Guidelines

Managed application consulting engagement and all key on-boarding deliverables of 6000 financial applications, to ensure that each application is successfully on-boarded in compliance with Information Security controls and toolsets like Guardian, GRWE etc.

Managed full-scale assessment for infrastructure and application security controls

Advised workable solutions for access/environment (IAM and PAM), segregation/separation, change control, monitoring, creating change request to implement solutions to be compliant with company IT Security policies, standards, guidelines, and procedures.

Defined appropriate risk levels and corrective actions.

Liaisons between Bank and external auditors for IT Security Risk to comply with regulatory bodies, Monetary Authority of Singapore (MAS), Dodd-Frank and BaFin (specifically MASIT14, MASIT27, Technology)

Management of Global Operation and Technology (GO&T) risk and control issues. Provided guidance to issue owners to mitigate risks and bring them to closure. Continuity of Business (COB) Audit for US, UK, Germany and APAC.

•Facilitated various process changes - Simplified Change Management Process, PMO Reporting, outlined standard & techniques, ensure methodology compliance and define roles and responsibilities for PMO

•Managed Project Portfolio and Budget for the GRC program.

•Reported on assessment outcomes, risk level and recommendations.

•Managed roadmaps, schedules, and metrics on a regular basis (KPI / KRI).

•Provided leadership to govern overall book of work, confirmed adherence to all federated PMO guidelines and facilitated communication with program sponsors and cross-functional stakeholder groups

The above projects went through the project management gateway.

AT&T TELECOM INDUSTRY, NEW JERSEY (FEB 2007 – AUG 2009)

Sr. Project Manager – Network Engineering

•PMO

oOutlined standard techniques, ensure methodology compliance and define roles and responsibilities.

oDeveloped products with risk mitigation-driven and integration approach.

oAssigned clear ownership of deliverables.

•Managed Customer Relation Management (CRM) and e-commerce programs.

•Determined goals, negotiated scope and priorities with management/business stakeholders.

Managed the following portfolios:

oData services platform for 4G technology over-the-air transmission using new SIM cards (Mobility project). Capacity expansion for increase in growth of technology and customers.

oMultimedia Messaging Services Center (MMSC) for 3 years.

oEnd-to-end solution integrating a range of devices, messaging platform and applications, and mobile network infrastructure (mobility project).

The above projects went through the project management gateway.

TOYS-R-US, NEW JERSEY (AUG 2002 – JAN 2007)

IT Advisor

Business Transformation, Management Directives, and IT Strategy.

My key portfolios were as follows:

oPMO

oEnterprise Datawarehouse Restructuring.

oEnterprise w/ Planning and Merchandizing Hyperion Solution.

oImaging Solutions.

oProduct Development.

oProcurement Solutions.

AWARD AND APPRECIATIONS:

Toys-R-Us – 2003 & 2004, President’s Award

EDUCATION:

Masters - Computer Science from Bhopal University, India

CERTIFICATION:

Certification - Oracle database, SQL, Teradata, Metadata from Oracle

CISM and PMP

Contact this candidate