Chinitra Graham
Details
Management Information Systems, General
The University of Memphis
Kyndryl
Vice President - IT and Cybersecurity Audit
Leads a robust global cyber security program focused on business risk tolerance by developing an information security strategy and roadmap. Spearheads day-to-day operations to include incident prevention, detection, and response. Oversees security operations to evaluate the cyber threat landscape to ensure security measures are implemented to drive down risks and mitigate cyber incidents or breaches.
• Managed penetration testing and vulnerability management practices to drive the proper remediation of vulnerabilities and monitored the integration of Multi-Factor Authentication to provide an added layer of security to user access.
• Managed the relationship with external vendors, threat intelligence providers to ensure and continually improve the quality and value of the services provided and decrease the University's cyber exposure Maintains current knowledge of federal and state information privacy and security laws, industry standards, and common frameworks such as NIST, ISO/IEC 27001, CIS
• Ensured that practices and policies were adequate to meet legal, regulatory, policy, standards, and security requirements and GDPR, CMMC, PCI, etc.
• Offered regular reporting on the cyber program to the President and executives to foster awareness and support of the strategic initiatives and inform them of the current risk/threat landscape.
• Developed and matured an incident response program to include the establishment of a cross-functional CIRT and incident response plan with applicable playbooks to enhance business involvement and response.
• Established key information security policies and practices to initiate compliance with NIST framework and CMMC and led security hardening initiatives, including deploying new ransomware rules and email hardening techniques.
2020 : 2022
University of Maryland Global Campus
Vice President Information Security
Stood up a new compliance team and Center of Excellence to anticipate, recognize and manage all facets of IT governance and security. Guided a global team of compliance, risk management, and security professionals. Collaborated with business leadership on technical strategies and solutions to ensure Laureate's strategic initiatives were met while maintaining compliance with applicable policies and regulations and mitigating risk exposure.
2018 : 2020
Laureate International Universities
Senior Director, IT
Optimized development and execution of a Global audit strategy. Managed large, complex, and evident enterprise technology assurance and advisory projects. Led reviews and audits of Discovery’s information technology, information security, compliance, and governance environment. Identified and evaluated the IT risk areas and ITGCs while consulting with SVP to develop an enterprise-wide risk assessment and audit plan.
2017 : 2018
Discovery Communications
Director IT Internal Audit
Offered strategic leadership to multiple clients with annual budgets of $300M+. Identified and implemented IT solutions to solve significant business issues and rectified unique performance requirements to improve overall operational results and security posture. Provided expert advisory services in numerous industries, including Financial Services, Media, Technology, and Public-Sector industries, compliance, risk management, FedRamp, SOX, internal controls, and internal audits.
2005 : 2017
Deloitte & Touche
Senior Manager
Skills
Accounting, Analysis, Audit, internal controls, testing of controls, Auditing, Business Analysis, Business Process, Business Process Automation, Business Process Improvement, CISA, COBIT, Consulting, Enterprise Risk Management, Federal Grants Management, Finance, Financial Analysis, Financial Reporting, Financial Risk Management, Financial statement audits or auditability assessments, Financial statement review and creation, Financial Statements, Governance, Information Security, Information Technology, Internal Audit, Internal Control Implementation, Internal Controls, IT Audit, IT Compliance, IT Controls, IT Strategy, Leadership, Management, Management Consulting, Managerial Finance, Microsoft Excel, Microsoft Office, OMB A-123 or SOX 404, Process Auditing, Process Automation, Process Improvement, Program Management, Project Management, Public Sector Financial Management, Remediation, Risk Assessment, Risk Management, Sarbanes-Oxley Act, SSAE 16, Strategic Planning, Strategy
About
Greetings! I am a passionate Information Security Executive championing teams to optimize cybersecurity functions' development, support, and administration to streamline company-wide success. I bring a demonstrated ability to mentor, influence, and partner with engineering teams to deliver scalable, robust solutions and develop Agile security architecture and guiding principles to support information technology initiatives.
I am a detailed, collaborative, and deadline-minded change agent that prioritizes transparent communication with stakeholders and utilizes strategic relationship-building to streamline success. Throughout my career, I have prided myself on providing strategic leadership on privacy and cybersecurity while collaborating with partners in legal, compliance, IT, and the global teams to proactively address risks, recommend solutions, and ensure compliance with regulations unique to each business across our divisions.
I bring polished experience leading organization-wide initiatives, influencing senior-level leadership and critical stakeholders effectively across the organization and within complex contexts, alongside expertise in strategy and strategic planning, organization design, and development.
Additionally, the ability to grow, develop, and sustain strong teams and develop and communicate a vision that inspires and motivates staff, drives organizational change and builds capabilities that effectively balance the needs for continuously exploiting capabilities to optimize operational efficiency with delivering innovative and agile IT solutions to enable the university to explore technology-enabled opportunities.
Cyber Security | Risk Management | IT Infrastructure | Governance | Strategic Planning | Budgeting & Forecasting | Resource Management | Executive Comms | Identity & Access Management | Software Development Lifecycle | Change Management | AWS/Azure | Application Security | Operating Systems | Data Protection | Encryption | GRC | Enterprise Architecture | Penetration Testing | Vulnerability Assessment | Disaster Recovery | Business Continuity | ITIL | Intrusion Detection
Profile Photo
