Leading CyberSecurity & IT Risk team to manage the IT Risk Program for RBC Global Asset Management (GAM), overseeing Technology Risk Assessments, Application Security, Disaster Recovery & Business Continuity Management, Change Management, Vendor Due Diligence, Internal & External Audits and other Cybersecurity & IT Risk areas.

o Creating and Leading a brand-new 5-member global team of cybersecurity, privacy & compliance professionals o Designed, developed and deployed Global Cyber Security, Privacy & Compliance strategy in a multi-cloud environment o Preparing & Guiding the organization toward successful ISO 27001 compliance & certification o Responsible for leading the Cyber Security, Privacy & Compliance programs and related initiatives o Build & Manage a brand new Cyber Security, Compliance & Privacy team to achieve desired organizational goals o Developing an in-house cybersecurity & privacy awareness program and an ongoing phishing campaign, tracking & reporting on results o Interfacing with business stakeholders, External Auditors, & handling vendor & contract negotiations o Working with Dev Teams to integrate AppSec into existing CI/CD pipelines and processes using SAST & DAST tools o Guiding & mentoring Cyber Security team to develop Policies, SOPs, Plans, and managing Security budgets o Responsible for responding to client Security Questionnaires & Surveys against ISO 27001, NIST CSF, NIST 800-53, and HIPAA and also performing Third Party / Vendor Risk Management

Leading the Information Security team to ensure the protection of information and other assets by o Designing the organization's cyber security strategy, monitoring and reporting on progress o Defining and overseeing a corporate-wide information security protection strategy program for all computing environments, including interaction with all departments and external business partners o Conducting Security Threat & Risk Assessments and Privacy Impact Assessments as required o Introducing Shift Left methodology to the development team to ensure a proactive, early-stage security approach within the development lifecycle o Establishing and maintaining security policies and guidelines and ensuring compliance o Designing and managing Penetration Testing, Security Audits, Compliance Programs, Security Assessments, Third Party & Vendor Risk Management and providing recommendations to mitigate risks o Designing and developing Incident Response Strategy & Plan, conducting TableTop Exercises periodically o Ensuring PBC InfoSec team and other staff are trained on security policies, standards, guidelines and procedures o Raising corporate awareness of information security, establishing and maintaining a security awareness program

CISA, CISSP