CBCP with twenty- plus years of professional experience including Project Management positions in Operational Capacity, IT Security, Data Center Management, Incident Management, IT Auditor, and Business Resiliency Management.

Business Continuity

Disaster Recovery

Continuity of Operations Management

Incident Management

Alert Notification

Corporate Communications

Emergency Action Planning

Executive Crisis Management planning

Business Resiliency planning

Internal Audit (SOX 302/404 & SOC I/SOCII

Table Top Exercises and Live Exercises

Business Impact Analysis

Risk Management

Compliance, (ISO 22301, NIST)

RELEVANT PROJECT EXPERIENCE

Hyundai Corporation

Business Continuity and Disaster Recovery Architect Consultant Client: Hyundai Corporation – 07/11/2021 to 12/15/2023

A seasoned professional disaster recovery and business continuity consultant and executioner, with over twenty years of experience performing Business Capability Modeling (BCP), Risk Compliance Self-Assessments (RCSA), and continuity of business planning for major enterprises. My experience led me to specialize in Enterprise Resilience Business continuity and Disaster recovery providing companies with contingency recovery plans and compliance. I implement Plans and procedures that support continued non-interrupted service that meets clients Service Level Agreements and protects the company reputation and brand. I also led Recovery Plan testing for standalone and cloud-based application recovery with table top exercises, educational training and full system testing processes. Familiar with tools like RPX Resilience Platform, Fusion Risk Management, and LDRPS.

Develop, implement and maintained an organization-wide strategy around disaster recovery and business continuity

Develop and implement DR incident management practices enterprise wide and trained incident resources

Built and conducted business impact analyses, risk assessments and application impact analysis

Improved and analyze data and recommended process improvements that align with business continuity and disaster recovery industry standards

Presented monthly business continuity and disaster recovery dashboard meeting to management staff

Wrote exercise plans, Table Top Exercises plans and business resiliency workflows and took the initiative to conduct exercises

Communicated technical information in a clear and concise manner to both technical and non-technical resources.

Effectively managed numerous diverse projects and priorities simultaneously.

Establish, build and maintain effective customer-focused working relationships with employees, managers, consultants, vendors, contractors, and others encountered in the course of performing DR work

Build and developed, maintain and/or update standards and documentation using the latest information tool kits

Build business resiliency annual dashboard to identify Disaster Recovery, Business Continuity, BIA’s and training schedules.,.

Implemented 2-year Business Resiliency roadmap in addition to a crawl, walk, run strategy.

Implemented a business resiliency program model for business continuity and disaster recovery.

Valley Bank

Senior Resiliency Governance and Compliance Consultant –Sr. Resiliency Client: Valley Bank SME -01/2021 to 06/12/2021

Valley is one of the most trusted and respected banks in the industry. We have approximately $41 billion in assets and over 200 locations throughout New York, New Jersey, Florida and Alabama. Since 1927, the Bank has never produced a losing quarter. Even during the most challenging economic times, we have never stopped lending to our customers.

Project Management oversight of all Business Resiliency activities including DR and Vendor Testing.

Designed compliance and governance program for 11 IT and 8 business units.

Served as the TSG's Technology Governance Lead responsible for program governance framework, methodology and execution.

Presently acting as liaison to and manage technology relationships and risk relationships with both internal and external business units.

Worked with business continuity Catalyst administrator to automate tool and minimize manual reporting process.

Educated all IT Business functional owners of new standards, procedures, policies and evidence reporting.

Assisted in the development of 35 IT policies, procedures and standards for business continuity and disaster recovery program. Documents were prepared for Regulators, OCC and internal audit teams.

Prepared and facilitated all regulatory meeting and deliverables request.

Completed assessment for Catalyst Business Resiliency tool, which consisted of implementing documents for metric reporting.

Scheduled, tracked and reported all technology audit (internal & external), corporate risk and 3rd party regulatory required activities, evidence review and submission, TSG resource involvement and other aspects of managing from notification to completion.

Lead Valley's response efforts for all Technology Audit, Risk & Compliance related deliverables (these areas are highly focused on Business Resiliency (BR) -- Business Continuity (BC), Disaster Recovery (DR) & Crisis Management (CM).

Accomplishments

Identified several Governance/Compliance policies and addressed gaps for audits. Resulting in a full policy and procedure inventory review.

North Carolina State Employee’s Credit Union

Senior Disaster Recovery Tower Client: North Carolina State Employee’s Credit Union 01/2020 to 01/2021

SECU is a not-for-profit cooperative financial institution owned by and operated for the benefit of member-owners. SECU’s members share a common bond: employees of the State of North Carolina, public boards of education, and 7000+ employees. SECU was founded June 4, 1937 with 17 members and $437 in assets. Over the years, SECU has grown in services, membership, and assets. SECU now has over $40B in assets and serves over 2.4M members through more than 260 branch locations, more than 1,100 ATMs, 24/7 Member Services, a 24/7 voice response telephone service, an interactive website, and a mobile app.

•Presently assisting “C Levels” with implementation of COVID-19 ongoing support framework and working group coordination. This includes issue tracking, business case approval tracking and ongoing progress pandemic planning reporting.

•Responsible for driving the maturity of the business resiliency program as part of the corporate risk management policy.

Developed/implement business resiliency metric framework for organization strategic Business Continuity and Disaster Recovery program.

Facilitate all Disaster Recovery and Business Continuity best practices to leadership monthly.

Demonstrate and provide complex project leadership between the technology groups and business units.

•Work with Associates from the Business Groups, IT, Information Security, Internal Audit, executive management organizations to improve current IT and business continuity capabilities position.

•Defined Business Continuity strategy and seeks its approval at the highest level of the company.

•Implement the overall enterprise business continuity and disaster recovery strategy.

•Responsible for establishing/ maintaining the Disaster Recovery and Business Continuity policy (ISO27001 and ISO22301 based) and the overall program framework to deliver across the Resiliency Life Cycle: Business Impact Analysis, DR Readiness Assessment, BC/DR Strategy Design and preparation, BC/DR Plans, BC/DR Testing, Recovery, Training, and remediation oversight of identified gaps.

•Identify and develop learning opportunities related to IT and Business Continuity.

•Coordinate and mentor IT and business units on the creation and maintenance of business continuity plans.

•Provide direct communications between the Business Continuity Groups, Information Technology Operations, Technology Architecture, IT Operations, Application Development Management.

•Participate in appropriate business groups and development planning meetings and activities. Facilitate timely identification, escalation, resolution, and follow-up for all outstanding issues.

•Oversee the planning, coordination, and scheduling of IT and business continuity exercises to validate plans. Establish process to integrate key learning from ERO Exercise in the crafting of future plans.

•Ensure all stakeholders are present in the IT Project lifecycle and consult and advise systems owners on solutions and alternatives related to business resiliency.

•Facilitate evaluations and assessments of technologies related to cyber security, and business resiliency.

•Designed Cyber Security Play book for 15+ tools and metric reporting for cyber and incident events.

•Coordinate with the Internal Audit team periodic reviews and tests of established business continuity plans/disaster recovery procedures.

•Drive standard work and simplification through holistic approach which minimizes, and proactivity manages against disruptions.

•Create documentation to train personnel on business resiliency projects, exercises, procedures and plans.

Accomplishments

Implemented enterprise BC and DR program with an annual testing life cycle methodology and business resiliency roadmap. Lastly, I drove and designed a resource certification training program for over 15 business segments resulting in many resources preparing for their certification.

Arch Capital Financial Services

Manager - Global Disaster Recovery and Business Continuity worldwide Client: Arch Capital Services 11/2017 to 01/2020

Arch Capital Group Ltd., a Bermuda public limited liability company, writes insurance, reinsurance, and mortgage insurance on a worldwide basis. ACGL has a unique underwriting platform, experienced management team and strong capital base have enabled ACGL to establish a prominent presence in the global insurance, reinsurance, and mortgage insurance markets.

Managed the Global Business Resiliency Program 14 countries, establishing the Corporate Crisis and Continuity Management (C&CM) framework and develop of global program implementation.

Provided guidance, consultation, facilitate all global business resiliency decisions and advised divisional C levels on implementation and exercising globally - Business Resiliency plans.

Developed, coordinated, and conducted exercises including plan walk-throughs, simulations and table-top to live exercises. Drive continuous improvement through exercise results.

Governed the program leveraging our policies standards, processes, and procedures.

Ensured all global business Vendors resiliency programs meet company industry regulations, standards, and compliance requirements worldwide.

Developed and maintained policies, standards, procedures, guidelines and assist the Business continuity and Critical event Manager with developing and maintaining KPIs, KRIs and KCIs, Scorecard, and Executive Dashboard. Performance metrics; compile and deliver regular and ad-hoc reports and briefings to senior management, business and technology risk owners, and other audiences, as needed.

Provided a clear understanding of dependencies for business processes, business functions, applications, technology, and internal and external parties related to their business functions.

Identified opportunities for strategic improvement or mitigation of business interruption and other risks caused by business, regulatory, or industry-specific change initiatives.

Managed 35 offshore resources in addition to 19 US resources.

Accomplishments

Designed a Global Segment Business Resiliency Implementation model in China, Australia, Manila, Cebu, Canada, Dublin, Zurich, London, Denmark, Finland, Cyprus, Brazil, Ireland, and Dubai.

State of North Carolina

Director of Disaster Recovery and Business Continuity (Interim Consultant Client: State of North Carolina 02/2017 to 11/2017

North Carolina State Government is the state’s largest employer with approximately 130,000 employees. It is a large organization comprised of various agencies, branches, and universities, each providing an important public service.

Reported directly to the state of North Carolina Deputy CIO, Responsible for all Disaster Recovery, Business continuity, Data Center Compliance, Knowledge Transfer, Technical architectural designs and all testing and exercises.

Ensured change / revision / version control procedures are effective.

Facilitated CIO monthly meeting with over 25 CIOs on educational DR/BC awareness, cost effective best practices.

Managed the completion of risk assessments and compliance audits to monitor, risks related to business and technology initiatives; work with business and technology risk owners to document risk treatment plans as well as track and report progress on, or achievement of risk reduction activities.

Implemented enterprise-wide Business Resiliency Life Cycle Methodology.

Led BIAs and RAs with cross-functional business units.

Facilitated the review, development and administration of policies and procedures for BCP/DR, and others as requested, to implement Business Resiliency strategies.

Motivated and influenced senior management and other staff to maintain an overall Resiliency Program.

Accomplishments

Aligned Disaster Recovery/Business Continuity Best practices statewide for all agencies.

Conducted Risk Assessment for all Data Centers, resulting in Data Center Consolidation and multimillion-dollar cost savings to taxpayers

Public Consulting Group

Sr, Business Resiliency Program Manager 11-2013 to 01-2017

Privately held $350 Million consulting firm serving government clients in the Education, Health and Human Services arena. Over 4,000 employees in over 40 offices throughout the US, Canada and Europe.

Member of the Sr. Management team. Responsible for all Disaster Recovery, Business continuity, Data Center Compliance and all testing and exercises.

Implemented a sustainable business resiliency program globally across 6 business divisions and internal IT.

Developed processes, documentation, BC/DR Training tools, business resiliency plans and employee certification programs.

PCG now has a full business resiliency life cycle methodology in place.

Advised Sr. Management of all business resiliency goals and objectives weekly.

Managed a budget that meets the goals and objectives of the Business Resiliency Program as required by the board.

Managed a team and associated consultants in their duties to deliver BC/DR capabilities (lead / supervise / manage 9+ employees).

Responsible for BC/DR Internal Audit and regulatory compliance obligations.

Assesses the business continuity implications of proposed technological to the organizational changes, and coordinated any revisions to the existing IT continuity and recovery action plans.

Developed a Business Impact Analysis (BIA) to quantify and qualify potential impacts of events on the organization and its operations to prepare Recovery Time Objective (RTO) and Recovery Point Objective (RPO) that meet business needs and contractual obligations.

HCL America

Sr, Business Resiliency Project Manager 12-2012 to 10-2013

A Global Leader in IT Applications & Infrastructure Services Across Industries’ Technologies is an Innovative Technology & Outsourcing Company that provides ...32 Countries · $6.4BN Organization · 109,795

Led 6 key Enterprise application Disaster Recovery Testing programs for HCL clients within the U.S and abroad.

Managed application customer stakeholders relationships

Responsible for all application testing, remediation, and final reporting to Sr. Management.

Served as the Lead DR Analyst overseeing all aspects of the DR program to include: plan development and maintenance, testing, process improvement, business recovery centers, and risk management.

Defined and managed a distribution strategy to ensure that continuity and recovery action plans are properly secured, distributed, and made accessible under all disaster scenarios for the DR Teams.

In the event that a declaration is required, serves as liaison between IT management and departmental business continuity teams.

Rex Hospital/UNC Hospital

Business Continuity Consultant July 2012 to December 2012

Founded in 1894, UNC REX Healthcare (a member of UNC Health Care) is a private, not-for-profit health care system. For over 120 years, UNC REX has met the health care needs of our community by providing various services throughout Wake County. Rex Healthcare has multiple facilities located in Apex, Cary, Garner, Holly Springs, Knightdale, Wakefield, and Raleigh. Rex Hospital has over 5,400 staff members.

Assumed leadership role in developing, coordinating, and maintaining comprehensive Data Center recovery plans and a testing program, to ensure proper documentation and the ability to recover in the event of an unforeseen disruption to Rex Hospital and UNC health care system facilities, technology systems, and applications.

One of my many duties were to draft and publish incident management communications in collaboration with the present business continuity Team

Once plans were completed and signed off by management I conducted round table educational and awareness working sessions. This process resulted in the next steps for a table top exercise.

Developed best practices model and tools for project execution and management, with a self-service DR Model.

Ensure compliance with Sarbanes-Oxley (SOX)

Analyze big 4 compliance controls and provided recommended process improvements to Senior Management – note: some controls from big 4 were not properly designed.

Design, execute and document internal control procedures

Work with Business Unit Leaders on analyzing and implementing SOX 302/404 best practices

Big 4 Consultant & Fortune 500 IT Consultant

Sr Technical and Compliance Consultant Dec 1999 to June 2012

From 1999 to 2012 I worked as a freelance consultant for clients in the following industries, Banking and Finance, Manufacturing, Pharmaceutical, state and local government, Health Care, IT Consulting firms and the Big 4 Consulting firms. My roles varied depending on the project. SME in the following areas:

Business Continuity Consultant – Assisted several clients with implementing ant testing business continuity capabilities, in addition to remediating all exception.

SOX 302/404 Consultant – Assisted several clients with 302/404 controls review and audits.

IT Auditor – Worked with clients auditing security controls and access to programs and data.

Disaster Recovery and Data Center Security testing – conducted Data Center testing compliance ISO27001

Technical Architect – assisted clients with data center DR Plan’s designs and architectural reviews.

SOC I & SOC II Consultant – assisted clients with security controls audit and pre-audit review.

Risk Management Consultant – assisted clients with Business Impact Analysis resulting in GAP analysis,

Served as Sr. liaison between Sr. management and board members.

SunGard Planning Solutions

Sr Business Continuity Consultant/Project Manager Jan 1994 to December 1998

SunGard Availability Services is a provider of IT production and recovery services with annual revenues of approximately $1.4 billion and offices in 9 countries. The company uses its experience in recovery to design, build and run production environments that are more resilient and available.

Managed ERP SunGard implementation testing for fortune 500 clients & educated clients on Continuity Planning & Disaster Recovery strategies

Wrote123 DR plans and Business Continuity plans for manufacturing, health care, IT, Telecomm company and state\local government

Developed client tools to better assist clients understanding the administrative process of IT internal controls

Tested SunGard ERP software internal controls and business process functionality

Developed over 55 enterprise risk & fraud assessment reviews

Developed 34 Business impact analyses for fortune 500.

Managed all tier one business continuity exercises and made recommendations for exceptions

Conducted Data Center vulnerability analysis for external and internal Data Center assets.

Tested capacity management policies and procedures

EDUCATION

University of Texas in Austin

Master of Business Management – 2001

(12 hrs completed)

Voorhees College – Denmark, SC

Bachelor of Science, Computer Science - 1988

Denmark Technical College – Denmark, SC

A.A.S. Data Processing/Mathematics - 1986

Professional Affiliations

Certified Business Continuity Professional 2012

Advanced Business Impact Analysis Training 2014

Project Management Professional 2000

Advanced resiliency Training, Las Vegas, 2009

Advanced Business continuity resiliency & Disaster Recovery software training

SOX accelerator application tools - 2007; CISA & CIA candidate - 2006; State of North Carolina Honorary

NIST SME

Business Council Member – 2005; SOX 404 Testing, Remediation, RCM, Training – E&Y 2005; SOX 404

ISO27001 & ISO22301

DRI Conference member 1999 - 2015

DRJ Conference 2009 – 2016

BCI Conference 2015

FISMA Training 2013

SOC I and SOC II advanced Training by KPMG

Business Resiliency Tool Experience

Fusion

Recovery Planner RPX

LDRPS

Archer

KinsBridge

Mike E. Gagum

Certified Business Continuity Professional

Accomplishments

Implemented a global business resiliency program, compliance mentoring and education to 6 business divisions under budget. .

Managed and Mentored staff resulting in 8 of 9 employees obtaining CBCP.

Delivered excellent guidance to Sr. Management

Knowledge transfer completed. Internal resources are now trained to manage a sustainable business resiliency program.

Select the yellow dot to control the highlight’s pointer.

To delete select this shape and select delete

Contact this candidate