Profiles search

Denise A.

Cybersecurity, Data Protection & Privacy | Risk Management | SVP- Tier 1 Bank | Director- Prof Services | BISO | Law Degree- Financial Regulation & Compliance | Digital Application Security | Game Changer & Patent Holder
Atlanta, GA, United States

Details

Experience: On extended contract to Truist - Providing senior level management and strategic direction for Cyber to Digital Channels & Innovation (web & mobile business.) Primary cyber advisor for Application Security. Managed and coordinated the implementation of Application Security for Core Banking and Brokerage Applications. Agile environment. Assessment/remediation of compliance to Security Policy & Controls Frameworks for Digital Applications.

Working knowledge of NIST Cyber frameworks, NYDFS, SHIELD, CCPA and GDPR. GRC processes and procedures. Working knowledge of SEC Guidance for Cybersecurity, SEC Reg S-P, S-ID, FFIEC, OCC, and FTC guidance, disclosure requirements. Application Security - OWASP, SAST/DAST, Assessment / Remediation, Zero Trust Model, EO 14028

2020 : Present

Truist

Corp Information Security Officer | Digital Banking and Innovation

An Engagement Leader for Capgemini - Insights & Data, which provides business insights and data-driven intelligence for Financial Services. Providing Program Management and Professional Services for Data Security, Privacy, and Technology Risk Management.

2019 : 2020

Capgemini

Director

Responsible for creating strategic programs in Operational Risk Management for Informational Security controls; Defining internal controls for Operational Risk Management for security; and managing risk validation for critical information security controls, enterprise wide.

3 Lines of Defense model | COBIT | NIST CSF | NIST RMF | NIST 800 series | ISO27xxxx

2019 : 2019

Early Warning®

Sr Operational Risk Manager

A Senior Information Security Leader in the Bank’s Data Warehousing and Analytics division, providing thought leadership and security engineering expertise for the strategic and tactical direction of Information Security controls deployed for the Enterprise Data Warehouse : one of the largest Teradata / Hadoop environments in the United States. Responsible for compliance of security controls to cyber policy and regulatory requirements.

Awarded 2 US Patents for work in the Identity & Access Management (IdAM) field.

Custom Design, Coding and Implementation of Security Solutions for Data Warehouse Authentication Models.

Security Framework Design and Implementation | Security Engineering | Risk Management | Assessment and Remediation | PCI-DSS | Audit & Compliance | Data Privacy | Security Focused Teams | Security POCs | 3rd Party Vendor Risk Management | Policy Development

Control-SA | Oracle Identity Manager | Sailpoint

2008 : 2018

Bank of America

SVP - Security Engineering Data Analytics

AlexonIT is a company delivering game-changing software solutions and world class consulting for today's business. AlexonIT delivers the solution from inception to market, resulting in maximizing profits while minimizing cost, and mitigating risk.

2005 : 2013

AlexonIT Inc.

Partner : Information Security Principal
Company: Truist

About

25+ yrs Cybersecurity and Privacy from US/EU, specializing in Financial Regulation & Compliance. US Law School Educated. Former SVP for a top 10 global bank leading the Big Data InfoSec pgm and Director for Data Security/Privacy at leading Professional Services Co.



Specializes in Cybersecurity, Data Privacy, Tech Risk Management, Financial Regulation & Compliance,, Third-Party Risk, Security Engineering & Application Security, both in leadership & Professional Services positions, applying expertise to Banking, Card Processing, Fintech and non-financial industry.



A visionary leader & lateral thinker with a passion for results, facilitating the translation of conceptual ideas to game changing, risk mitigating strategic cybersecurity & Privacy solutions.



Technical Program/Project Management experience for cross-organizational projects in diverse geographic locations/time zones.



LAWS, COMPLIANCE & FRAMEWORKS

NY DFS/SHIELD | EU GDPR | CCPA & Emerging Privacy Regs | GLBA | Sarbanes-Oxley (SOX) | FFIEC | FCPA

SEC Guidance for Cybersecurity, SEC Reg S-P, S-ID, OCIE | Cybersecurity Disclosure Reqs. | UDAP

NIST CSF | NIST RMF | ISO27001 | NIST-800 Series | FedRAMP | COBIT | OWASP/SANS25 | PCI-DSS



CORE COMPETENCIES

Financial Privacy & Cybersecurity | Governance Risk & Compliance | Third-Party Risk

Cybersecurity Frameworks | Technology Risk Frameworks | Control Frameworks

3 Lines of Defense | Cyber Breach Response | Assessment & Remediation

Identify & Access Management | Program & Project Management | Agile | Waterfall | Policy & Standards

Security Engineering | Application Security | Privilege Management | Legal Research



TECHNOLOGY - SECURITY TOOLS

Protegrity | Voltage | SecuPi | BigID | Big Data-Teradata & Hadoop Stack | Mainframe RACF SME

Archer | Keylight | Control-SA | SailPoint | Oracle Identity Mgr | RBAC/ABAC