Project Management Risk

Benjamin Siriboe

Phone: 713-***-**** Email: ***************@*****.***

Risk Management Project Management Lean Process Improvement Strategic Planning SUMMARY

• 18+ years of experience in Business Process Improvement, Risk Management and Project Management.

• Led and implemented Business Impact Analysis (BIA) to ensure a reliable way to identify what is critical versus non- critical to reduce the amount of time and resources to protect the less critical areas.

• Led and documented BIA assessment, including Recovery Time Objectives and Recovery Point Objective.

• Led and initiated process recovery project to identified sub-processes embedded in high-level processes within call center environment, clinical workshops, and financial operational activities to enhance system interface.

• Led risk assessment includes the development of heat maps, risk statements, controls, and mitigation strategies.

• Led and managed process improvements, business objectives, risk assessments, control, and compliance projects.

• Experience in understanding and documenting business objectives, identifying risks, link controls to risk, performing Risk, Control Self-Assessment (RCSA) and execute control testing.

• Well-versed in Penetration Testing, Incident Response, Access Management, Identity Management, Cyber Threat Intelligence, Digital Forensics, Database and Network Security Vulnerabilities.

• Extensive understanding of industry standards, policies, and frameworks – NIST-800-53/82, MITRE ATT&CK, CIS.

• Expertise with OCC, FDIC, KYC, HIPAA, PCI DSS, BSA/AML, Reg E, Y, X & Z and TILA RESPA Integrated Disclosure rule. EDUCATION

Master of Legal Studies (MLS)

Texas A&M University, Houston, TX – 2024

Concentrating on Risk and Compliance Management/Cybersecurity Law and Policy Master of Business Administration (MBA)

Keller Graduate School of Management, Houston, TX – 2012 Bachelor of Science in computer information systems (BS) Bloomfield College, Bloomfield, NJ – 2003

Associate degree in management information systems (AS) Dutchess Community College, Poughkeepsie, NY – 2001 CERTIFICATIONS

• Innovation Strategy Certification, Copenhagen Business School, Denmark, 2025

• Google Data Analytics Professional Certification, Google, Houston, TX – 2024

• Google Agile Project Management Professional Certification, Google, Houston, TX – 2024

• Google AI Essentials Certification, Google, Houston, TX– 2024

• Business Analysis and Process Management Certification, Coursera, San Antonio, TX - 2024

• Product Lifecycle Certification, Coursera, San Antonio, TX – 2024

• IBM Cybersecurity Analyst Professional Certification, Coursera, San Antonio, TX - 2022

• IBM AI Foundations Professional Certification, Coursera, San Antonio, TX - 2021

• Six Sigma Green Belt Certification (SSGB), Six Sigma Global Institution, San Antonio, TX - 2017

• Business Analyst and Project Management Certifications, JPMorgan Chase Technology University, Dallas, TX – 2011 SKILLS

Risk Management, Compliance Management, Project Management, Business Process Modelling and Notation (BPMN), Aris Platform, IT - SDLC, ITIL, UAT and IST, Change Management, Data Analysis, IGrafx BPM, Business Analysis, Operations Management, Generative AI, MetricStream – GRC, Excel, Word, PowerPoint, Visio, Project, SharePoint, Python, Minitab, Turbo-Risk, Road Map Development, ServiceNow Platform, DMAIC Methodology, LEAN/PDCA Methodologies, Salesforce Platform, SAP Signavio BPM, Value Stream Mapping, RCSA, Risk Assessment, Process Recovery, Risk Recovery – Issue Management, Control Development – Control Testing, Software Implementation - ERP, Jira/DevOps/Agile - Rally EXPERIENCE

BKS, Greater Houston, TX April 2024 – April 2025

Independent Consultant - BPMN/RCSA Expert

• Led and facilitated RCSA with First Line of Defense, Second Line of Defense, and the leadership.

• SAP Signavio demonstrations, design, configuration, software training, and implementation of best practices and new business solutions to support business operations.

• Create current maps in Visio, Aris, IGrafx and SAP Signavio, determine gaps and opportunities and engage key stakeholders to update workflow to desired states.

• Identify risks, write risk statements, document control description, execute control testing to mitigate risk.

• Identify the potential causes that could lead to the failure of the business objectives and determine solutions to solve the problems and mitigate the risk.

• Create histograms, 5Whys and fishbone diagrams to drill down operational activities until the root cause is uncovered.

• Led Process, Risk, Control Inventory (PRCI Initiative) to document business objectives, identifying risks, link controls to risk, performing Risk, Control Self-Assessment (RCSA) and execute control testing. USAA, San Antonio, TX March 2018 – April 2024

Business Strategy & Planning Director September 2020- April 2024

• Led and implemented Business Continuity Plans and Business Impact Analysis for Chief of Staff Stakeholders.

• Led and facilitated Risk Control Self-Assessment (RCSA) with Chief of Staff Stakeholders.

• Led and facilitated issues and action plans implementation with Chief of Staff Stakeholders.

• Led, facilitated, and documented risk statements and control descriptions with Chief of Staff Stakeholders.

• Identified and documented risk statements, control descriptions, issues, and action plans in Metric Stream.

• Collaborated with the Three Lines of Defenses to establish operational management, risk management, compliance management and internal audit models.

• Led and implemented change management initiative to consolidated processes, risks, and controls efforts.

• Led and managed manual processes and transition processes into automation for international stakeholders.

• Led process risk control inventory and RCSA initiatives for Board Operation stakeholders.

• Built up control development, control testing, issue management internal processes for Chief of Staff groups.

• Led and implemented lean methods, risk mitigated activities and project methodology with Chief of Staff groups.

• Led and motivated cross-functional team members in strategy and operational plan development.

• Led and determined risk surrounding Enterprise Event and the Corporate Real Estate operational activities.

• Led and implemented Responsible, Accountable, Consult, Informed-RACI Chart to identify TPRM roles and responsibilities supporting Enterprise Event and the Corporate Real Estate teams.

• Created and implemented job aid as supported evidence to mitigate risks within Chief of Staff’s operations.

• Led and implemented Key Performance Indicators - KPI for Board Operations and Enterprise Event teams. Process Engineer Lead, June 2019 – September 2020

• Created process maps using IGrafx and Visio tools to map current processes, risks, and controls.

• Served as a subject matter expert in process risks and controls and worked to improve processes.

• Identify risks, write risk statements, document control description, execute control testing to mitigate risk.

• Identified opportunities to improve and strengthen the issue and risk management.

• Led and managed process inventory, issue management, risk inventory and control discovery initiatives. Risk Analyst Lead, March 2018 – June 2019

• Identify risks, write risk statements, document control description, execute control testing to mitigate risk.

• Mapped process diagrams, identified issues, problems, risk, developed tools and executed controls.

• Worked with the Chief Legal Office and Attorneys to map over one hundred process maps.

• Mapped current state, identified opportunities for improvement and determined future state processes.

• Managed and led process improvement projects and risk and control items towards accomplishing action plans. UNITED HEALTH GROUP, San Antonio, TX January 2013 – March 2018 Senior Business Process Analyst

• Led process recovery initiative to identify sub-processes embedded within clinic operational activities.

• Recommended opportunities for improvement based on current state process maps.

• Mapped business processes from end to end to identify risk and issues for clinic daily operations.

• Visited clinics to shadow providers, nurse practitioners and medical staff to understand their current processes.

• Led and managed Business Impact Assessment and disaster recovery processes in clinic environment. JPMORGAN CHASE, Irving, TX July 2008 – January 2013 Senior Business Operational Risk Analyst

• Identify risks, write risk statements, document control description, execute control testing to mitigate risk.

• Led and facilitated RCSA with First Line of Defense, Second Line of Defense, and the leadership.

• Mapped processes and identified issues and risk and executed control development for Mortgage Operations.

• Provided day-to-day resolution of complex problems and the execution of critical applications support.

• Collaborated with management team to analyse the end-user technology requirements for management. IBM (Sedona), Houston, TX August 2007 – July 2008

Information Security Consultant (Contract)

• Conducted security assessments through vulnerability testing and risk analysis.

• Verified the security of third-party venders and collaborating with them to meet security requirements.

• Applied analytical and critical thinking skills to identify attacks and respond to security threats in the system.

• Presented reports and threat prevention solutions to senior executives and the leadership group.

• Identified opportunities and communicated potential solutions to internal and external stakeholders. SHELL (Computer Merchant), Houston, TX July 2006 – July 2007 Information Technology Consultant (Contract)

• Monitored system consoles for error lights and messages, network failures, and system security vulnerabilities.

• Monitored network traffic to detect potential threats and then respond to these threats promptly.

• Managed the negative effects of an attack or breach, from minimizing the impact to altering security controls.

• Aids in the prevention of crime through the collection, analysis, and reporting of data.

• Applied analytical and critical thinking skills to identify attacks and respond to security threats in the system. FIRST DATA, Houston, TX August 2004 – July 2006

Business Systems Analyst

• Managed and wrote requirements documents for both internal and external customers.

• Developed and implemented storyboard prototypes, including prototypes strengths and concerns.

• Identified current state and provided desired state solutions to stakeholders.

• Created opportunities to user stories into the backlog and help refine and prioritize features.

• Drove and engaged in feature and user stories grooming for Sprint planning activities and initiatives.

• Managed scrum team questions regarding the Sprint progress and address any blockers identified.

• Prioritized and evaluated requirements throughout the software development lifecycle to ensure business objectives and product vision and goal are being met and accomplished. PROJECTS

Risk Workshop

• Accomplished 85% risk identification and documented 75% risk statements and wrote 82% control description.

• Achieved coaching 95% of stakeholders to identify risk and assess risk on heat map. Data Accuracy and Validation

• Analyzed board book data to identified 85% errors embedded in board materials.

• Decreased 80% volume of board materials presented to Board of Directors. Regulatory Change Management

• Utilized EGRC tool to identify and document 84% of new law and change regulatory requirements.

• Improved transparency of regulatory requirements changes to key stakeholders. Process and Control Automation

• Identified 25% of manual process and 35% of manual controls and presented to key stakeholders.

• Led the facilitation of implemented 15% of process improvement and control automation. Process, Risk and Control Scalability

• Deep dive and mapped 100 diagrams, found 20% duplication, and scaled down to 80 potential process maps.

• Identified 75% of potential causes that could lead to the failure of the business objectives.

• Identified risks embedded in each process map, consolidated risks, and breakdown into 27% high, 15% medium and 48% low to ensure classification of risk levels.

Annual Member Meeting Initiative

• Enhanced processes to reduce 95% of incoming call volume to internal stakeholders.

• Streamlined 80% key processes and documented 95% of Standard Operation Procedures. Clinic End of Day Processes

• Increased clinic productivity by 75% and eliminated 85% of manual payment reporting processes.

• Reconciled about 100 million dollars within the year and identified 200 million in eligible savings from account payable.

Contact this candidate