Siu Pang Lam

Pleasanton, CA ***** • 917-***-**** • adz6vj@r.postjobfree.com

SENIOR LEVEL GOVERANCE AND COMPLIANCE EXECUTIVE

Extensive experience within operations, risk & compliance and information technology. Well-developed business acumen, excellent leadership and communication skills with a proven history of success. Certified Information Systems Auditor (CISA); Certified Data Privacy Solutions Engineer (CDPSE); ITIL Foundation certified, Certified Professional Agile Product Ownership.

EXPERIENCE

BANK OF THE WEST – San Ramon / San Francisco, CA 2015 – Present

Senior Manager – Vice President (2021 – Present)

Develop, promote, maintain and manage vendor management program within the Regulatory Compliance, Privacy, Information Security, Insurance and Finance domains.

Accountable for performing reviews, analyzing program outcomes, providing insights and making recommendations for enhancement and changes as required.

Ensure effective and efficient execution of all program components, including change management & communications for any enhancements / changes and mitigating any risk.

Work collaboratively with internal and external stakeholders on the completion of due diligence reviews for onboarding and business monitoring of Bank Third Party Providers (TPP).

Re-engineer existing legacy processes within the Central Vendor Management teams resulting in more effective practices, cost saving and reduction of manual processes.

Managing expectation and relationships with Business Lines, Operational Risk, Compliance and Third Party Relationship Management and Internal / external Audit reviews and findings.

Controls and Governance Program Manager – Vice President (2018 – 2021)

Supervised the execution of centralized governance and compliance functions for Information Technology.

Managed Information Technology (IT) assessment control coverage for IT owned Third Party Providers (TPP) and IT risk exposure on offshore IT TPP.

Led Cybersecurity, Business Continuity, Compliance and Operational Risk assignments and corrective actions with Domain Subject Matter Experts in developing new and/or existing enterprise IT processes and controls.

Facilitated Compliance, Operational Risk and Permanent Control assessment programs and Risk Control Self-Assessment (RCSA) initiatives.

Execute quality assurance of final submission of inquiries and evidence to internal auditors and external regulators.

Compliance IT Program Manager – Vice President (2015 – 2018)

Responsible for developing and managing IT second line of defense compliance oversight program for Information Technology (IT) and Digital Channels Group (DCG). Managed the review, interpretation, and application of new and pending laws and regulations affecting the business practices.

Implemented policies, standards and procedures to IT and DCG and ensure alignment with the Bank’s Corporate Compliance program and privacy requirements under Gramm-Leach-Bliley Act (GLBA) and other privacy regulations.

Analyzed and monitored controls for existing or new processes and products including compliance related reviews with third party vendors or services providers.

Managed external audit and regulatory examinations, address findings and recommendations, and ensure proper and timely resolution by IT and DCG.

Point of contact and the Compliance Subject Matter Expert in the Third Party Providers on-boarding due diligence reviews for IT and DCG owned service/product providers.

KAISER PERMANENTE (KP) – Pleasanton, CA 2012 – 2015

Senior Security and Compliance Project Manager

Ensured appropriate processes, procedures and controls are adequately designed, implemented or remediated to meet audit and compliance expectations.

Managed compliance projects for Infrastructure Management Group including analytical, feasibility, business case and assessments to meet compliance requirements for HIPAA, PCI, and SOX including annual PCI and SOC certifications.

Managed large scale risk/security assessment studies and projects to remediate perceived risks and perform interviews, document design assessments, and walkthroughs of key controls.

UBS – Stamford, CT / San Francisco, CA 2006 – 2011

Operations Manager – Associate Director (2010 – 2011)

Created and implemented a Governance Framework providing structure and transparency for Process Excellence program for OTC Derivatives Operations in India, EMEA and North America.

Legal Entity Governance Manager – Associate Director (2008 – 2010)

Enforced internal governance policies and mandates for North America Legal Entities. Managed Board of Directors meetings, action plans and issues project initiatives across US Branch Offices.

Senior Regulatory and Compliance Analyst – Associate Director (2006 – 2008)

Oversight of Operations data to regulators. Developed and implemented practices across Operations to improve controls on Operations data on FOCUS, INSITE and Bluesheets reporting for the Broker Dealer.

LAVA TRADING INC. / Subsidiary of Citigroup – New York, NY 2005 – 2006

Risk Control Manager – Vice President

Accountable for information security and business continuity within Lava Trading Equities and Fixed Income teams. Managed internal processes, operational controls and compliance requirements.

INDEPENDENT CONSULTANT – New York, NY 2004 – 2005

Quality Assurance Coordinator, MORGAN STANLEY (2005 – 2005)

Managed testing initiatives for the 2005 BASEL II project. Accountable for test plan, testing scripts and User Acceptance Testing coordination with Firm Wide Regulatory Controllers.

Project Manager, KEEFE, BRUYETTE AND WOODS INC. (2004 –2005)

Managed the project’s life cycle within multiple areas of the firm including Compliance, Human Resources, Operations and Front Office Trading Desks.

CITIGROUP – New York, NY 2000 – 2004

IT Manager / Team Leader – Vice President (2004 – 2004)

Managed the CitiDirect for Securities (CDS) Team of developers, analysts and consultants responsible for the End-to-End development, support and monitoring of the CDS application and Data warehouse.

Compliance Manager – Vice President (2002 – 2004)

Formed and managed the Data Analysis Team within the Citigroup Investment Banking Division for data related inquiries from Senior Management, General Counsel and External Regulators including NYSE, Offices of Attorney General, and NASD.

Senior Auditor – Assistant Vice President (2000 – 2002)

Coordinated audit coverage of business use of technology within Global Securities Services and Corporate Investment & Banking operations.

EDUCATION

Bachelor’s Degree in Economics – University of Massachusetts at Amherst

Contact this candidate