Project Management It Security

KAREN WASSELL, MBA

**-** *********’s Bay Estate, St. Thomas, USVI • 917-***-**** • *******.*****@*****.***

SENIOR DIRECTOR: IT Security Governance & Project Management

Accomplished IT executive with strong portfolio of successes building and improving technology infrastructures.

Reputation for standardizing processes that allow for better measurement of performance.

Specialize in governance, risk/security policy, business continuity and compliance systems.

Financial Systems/Trading Architecture • Risk Management • Governance • Compliance • Security • P&L

Asset Management • Service Desk • Site Support • Capacity Planning • Change Management

Business Continuity • Operations • ITIL • Project Management • Customer Satisfaction

PROFESSIONAL EXPERIENCE

Isla Blue, St. Thomas, VI March 2024 - Present

Server

13 Restaurant, St. Thomas, VI January 2024 –March 2024

Bartender and Server

New Horizon Breakaway Tours, St. Thomas, VI October 2023-Present

Manager

Manage staff and inventory at Margaritaville and Elysian gift shops.

Shop for inventory and enter into online inventory system

Manage tour bookings

Custom filing for trips to BVI

Project Management as needed

CFM/Sangria’s, St. Thomas, VI May 2023-December 2023

Verizon/Experis, Basking Ridge NJ (Remote) April 2023

Vulnerability Management

Track all vulnerabilities through remediation.

Contract canceled due to policy change not allowing remote work from USVI

Ascot Group, New York, NY (Remote) January 2022-October 2022

Security Group Program Manager

Manage GRC Implementation. Vendor Management complete. Audit Management designed. Security Awareness Program revamped and in BAU.

Program/Project Management – Security Culture & Awareness, Risk Assessments, Vulnerability Management, IdAM, Risk Register, Audit Management, Operation Resilience

Prepare for SOC2 assessment.

Verizon/Experis, Basking Ridge NJ (Remote) January 2021 – July 2022

GTS Audit Coordinator

Manage IT Infrastructure and Security areas impacted by audits.

Manage remediation schedule of audits.

Track and analyze security risks of audits for CTO.

Recommend improvements to governance.

ThinkCentric, LIC, NY (Remote) June 2019 to November 2020

Director PMO Security, Backup to CEO

Manage consultants and PMO, Security Concentration

Mentor Security Consultants in GRC tools such as RSA Archer, Metric Stream, etc.

PNC/TekSystems (Remote) October 2018 to February 2019

Security Audit Issues Program Manager

Track all open IT audit issues with RSA Archer’s Audit Manager

Coordinate meetings for high-risk issues

Report and present weekly to Security Director

Analyze audit process, formulate improvements, and present to upper management.

KAREN WASSELL, MBA

JPMC / Pride One, NY, NY (Partial Remote) December 2017 to September 2018

Cyber Security Management Consultant, Authentication & Authorization

Program Manager of AuthN and AuthZ Application Unwind, including but not limited to:

oManage SiteMinder Pass-through Authentication to over 800 applications.

oStrategize on move to ADFS.

oEnhance security of Enterprise Entitlement Services

oSecurity Certificate Change

CLS, NY, NY February 2017 to July 2017

Consulting Director, IT Security Governance, Risk & Compliance

Plan and strategize for better structure and reporting of IT Security Division

Manage the automation of Application Risk Assessments, Vendor Management, Penetration Testing, Assets w/Vulnerabilities and Account Management in RSA Archer

Submit evidence and documentation to Internal Audit and FRBNY for past examinations.

Meet regularly with Risk and Compliance divisions on regulatory issues.

ThinkCentric., LIC, NY (Remote) September 2013 to March 2015

Director of Partnerships and Consulting & September 2016 to January 2017

Create a new partnership division with various tech vendors.

Manage PMO Governance, Security, Risk & Compliance Consulting for clients (enhance clients’ GRC tools, Logic Manager, Risk Connect, RSA Archer, BWise, etc.)

Manage P&L, HR and Strategic direction.

PrideOne/JPMorganChase, New York, NY (Partial Remote) March 2015 to August 2016

Senior PM Director & Risk Consultant, Cyber Security

Oversee phase 1 of $100 million Account Lifecycle Management project to certify all trading, credit & retirement applications, inventory, and accounts with pertinent data to alleviate operational risk, assure compliance and transition to a proper BAU process for bi-annual validation. Liaise with Stakeholders, PMs and Developers in all of Asset Management Division financial systems.

Analyze and prioritize external applications, manage penetration tests and risk finding remediation.

Work with Contingency, Risk and Security teams to modify vulnerability remediation policy of all external websites.

Member Internet Transformation team, Cyber Security Steering Committee and Cyber Governance Committee.

Secretary of the Risk Governance Council responsible for coordination of council plans, scheduling tasks, communicating with stakeholders, documentation, Risk Management Reports from RSA Archer, liaison with LOBs, and follow up with application development and infrastructure technical staff.

Significant regulatory reporting and audits

Depository Trust & Clearing Corp., New York, NY October 2010 to August 2013

Director, IT Architecture Governance and Standards Division

Manage staff that researched new technologies, set governance and standards for enterprise, and manage POCs. Perform all budget responsibilities for division.

Oversee review and approval of all financial application development initiatives, including but not limited to trading, credit, risk, and clearing for proper design, operational risk, security & operations.

Member Architecture Steering Committee, Security Architecture Team, Risk Council, FOSS Steering Committee, Co-chair Intranet Steering Council, Member of special Project and Service Transformation Team.

Prepare all IT transformation projects for ASC presentation then follow up for ROI Analysis

Compliance Liaison, BCP Coordinator, and Continuous Improvement Review Team

Oversee approval of all software and FOSS requests for clearing applications

Spearheaded Data Management/SharePoint implementation throughout enterprise to comply with record retention, Dodd Frank SOX and risk regulations. Successfully achieved goals of year-long project with limited budget and resources.

Oversee all Proof of Concept (POC) projects for enhancement of financial systems and approve all infrastructure projects for design, security and operations before Steering Committee.

KAREN WASSELL, MBA

Intermedia Group/Depository Trust & Clearing Corp., New York, NY December 2009 to October 2010

Project Management Process Director

Designed and Implemented Processes for the Project Management Office.

Designed first-ever governance process for project/transformation portfolio that brought developer, infrastructure, risk, security and compliance teams together for approval and budget development.

Architected/developed Engagement Request System

Co-Chaired the Engagement Project Pipeline Committee for project management of all projects.

Managed Workflow TIBCO and SharePoint POC projects

Integrated Application Development with CMMI stage gate, risk and security processes

Pertl & Alexander, New York, NY (Remote) May 2007 to August 2007 • July 2008 to Dec. 2009

Technology/Project Manager Consultant

Built out technology capabilities that enabled company to become leader in the textile consulting industry.

Managed and developed technology with emphasis on risk and security.

RFP & Project Management

Designed client, inventory and equipment databases for standardization of proposals and reporting.

Connections NY/Merrill Lynch, New York, NY September 2007 to March 2008

ITIL Project Manager Consultant

Charged with turning around Global Service Management team implementing ITIL methodologies to the infrastructure division for increased efficiency and decreased costs.

Developed and implemented governance model for approving new transformation initiatives for operational risk, budget, and team collaboration, estimated 30% savings.

Performed staff analysis resulting in 15% reduction.

Developed roles, processes and training for new/restructured service management positions -Change/Release/Problem Management, Service Desk, Site Support, Security, Operations, & Engineering

Siemens Business Services, NY, NY August 2005 to April 2007

Program Manager

Charged with turning around adversarial IT outsourcing relationship and contract for major insurance company and achieved profits over 40%. Close interaction with client CIO.

Wrote and negotiated operating level agreements with functional areas defining performance.

Managed and directed service delivery teams for technology support.

Transformed vision into technical infrastructure strategies.

Worked with businesses to redefine processes and reporting metrics (ITIL)

Implemented strict service levels with the delivery teams.

Analyzed each service tower and implemented changes to increase efficiencies, improve security, operational risk and productivity.

Designed trending reports to enable continuous improvement.

Managed P&L and increased profit margin by 40%

Dexia Credit Local, New York, NY December 2003 to July 2005

Vice President, Information Security and Business Continuity

Responsible for all administrative, financial, communication and support activities.

Designed and built a security, risk and BC department from ground up and implemented globally.

Brought company into regulatory compliance in a very short timeframe.

Created & implemented security, operational risk and continuity policies and procedures for offices globally.

Cultivated recovery team for risk assessments, BIAs, BCPs and test plans.

Worked with other divisions for Crisis Management Plan (HR, Facilities, etc.)

Implemented Access Control Standards, Incident Management Plan, Security Awareness & Education Program, Change Management Process, Vendor Compliance Standards and Software Licensing & Version Control Standards

Worked with Fed and State regulators on subsequent examinations.

Oversaw major disaster recovery plans & tests.

KAREN WASSELL, MBA

WestLB, AG, New York, NY May 2000 to November 2003

Associate Director Information Management

Built and piloted new division and introduced to home office.

Wrote information security and operational risk policy and procedures aligned with ISO 17799 & Basel II

Designed and implemented access request system saving three weeks in processing time to fulfill each request.

Chaired Compliance Team responsible for overseeing all internal and external audits, operational risk management, vendor relationships and projects, change management, software library, proprietary application version control and escrow, and document management.

Implemented continuity center for recovery of business-critical applications.

EDUCATION

MBA IT Management, Western Governor’s University, Salt Lake City, Utah

B.A. Business Management, DeSales University, Center Valley, PA

Completed Series 6 & 7 courses for complete understanding of trading environment.

Many technical courses in LANs/WANs, Firewalls, Network Infrastructure, etc.

DESIGNATIONS

ITIL Foundations 2006 by the Examination Institute for Information Sciences

CISSP 2001 by ISC . Recertified 2004 & 2007

Member PMI

Contact this candidate