Profiles search

Suely Mello, MBA, M. Jur., CISSP

Cyber Security, Risk and Compliance Leader in global environments: Americas, Europe, Asia. Passion for technology and solving problems. Expert in motivating and developing teams.
Houston, TX, United States

Details

Education: Master of Jurisprudence

Law, Risk, Compliance and Enterprise Risk Management

Loyola University Chicago

2017 : 2019

Executive Master of Business Administration (MBA)

Integrative Management

Michigan State University - The Eli Broad School of Business

2014 : 2016

Postgraduate Degree

Software Architecture, Data Science and Cyber Security

Pontifícia Universidade Católica do Paraná

2021 : 2022

Master in Jurisprudence, Business Compliance

Law

Loyola University Chicago School of Law

2017 : 2019

Cybersecurity for Managers : a Playbook



MIT Sloan Executive Education

2020 :
Experience: Leads the customer response program for the Cyber Security, Risk & Compliance organization. Current responsibilities :

– Responsible for providing responses to customer risk assessments and influencing changes in product and enterprise security, triggered by customer requirements. Provided responses in support of over $7.7 billion in contracts in 2021.

– Leads a team of cybersecurity risk analysts and developers in the transformation and operations of the customer cyber security response program for the GRC organization. This strategic initiative included deployment of solutions for automation of the customer response program, improving the security and resiliency experience for our customers and providing a consistent approach in responding to questionnaires.

– Leads the program for review of Privacy Transfer Impact Assessments and deviations for IT Security Requirements on contracts with technology vendors, to ensure that company’s suppliers are equally focused and contractually obligated to protect customer assets and data.

– Provides opinions on matters related to government agencies’ requests for information and monitors executive orders that potentially affect the business and customers, such as ones triggered by NERC CIP regulations for the energy sector or the presidential Executive Order on improving the nation’s cybersecurity focused on supply chain attacks.

– Liaise with IT, business and sales executive leadership, legal, vendor risk management, engineering and product management teams to implement solutions for customer and vendor risk assurance and improve the cybersecurity posture for the company.

– Research industry certifications, such as NIST CSF, IEC 62443, SOC2 and ISO 27001, to be used as frameworks for internal cybersecurity processes and the feasibility study for obtaining formal industry certifications. Support activities to obtain CMMC certification. Led process to obtain UK Cyber Essentials certification.

2020 : Present

Baker Hughes

Sr Staff Customer Risk Advisor - Cybersecurity, Risk and Compliance

– Provided strategic compliance guidance to all Bosch North America businesses in 100+ locations with 35,000 employees.

– Launched compliance awareness programs, including technical compliance workshops and compliance campaigns.

– Policy development and implementation; training oversight for Code of Conduct, Anti-Corruption, Anti-trust and Product

Development Policies that included the development of procedures and training materials and presenting to various audiences.

– Third party due diligence program oversight, assessing regulatory risk and government-sanctioned parties.

– Performed risk assessments that drove process improvements and impacted results to the organization.

– Advisor for technical, commercial and financial compliance, keeping abreast of current regulatory environments through

continuous research of regulations such as ITAR, EPA, CARB, GDPR, and others.

– Oversaw the hotline reporting and investigation systems.

– Led teams of in-house investigators, external investigation firms and external counsel on complex investigations that cost up to

hundreds of thousands of dollars, but that avoided escalating sustained losses in the millions. Recommended corrective actions.

– Developed analytics and KPIs to determine the compliance program effectiveness and ultimately affect key business decisions.

– Managed, developed and coached a direct report Compliance Analyst.

2018 : 2020

Robert Bosch GmbH

Compliance Manager North America

Investigated allegations of wrongdoing and fraud with focus on Mexico and South America. Worked cases involving corruption and kickbacks, conflicts of interest, overbilling, loss of intellectual property and other information, misappropriation of company funds, workplace and product safety and other violations of company policy. Using three languages on a daily basis.

2016 : 2018

General Motors

Lead Investigator

Led internal audit teams on complex global engagements on Governance, Risk and Compliance (GRC), SAP implementation, Project / Portfolio management, SDLC frameworks and software development projects. Included audit project management, training, work paper review and team performance evaluations.

Coached, mentored and trained internal audit staff.

Proposed and implemented improvements in audit process efficiency.

Led the process for selection of IT development projects for the annual IT audit plan.

Audit projects in 2014 : IT Asset Management, IT Security Comparison across GM businesses (GM, GM Financial, Global Connected Consumer), GM EnABLE (Agile software development) framework, and

led the IT portion of the post-implementation audits performed in relation to the ignition switch recalls of 2014.

2014 : 2016

General Motors

Lead IT Auditor

Develop audit plans. Perform audit tests. Evaluate test results, identifying root cause of problems and developing recommendations. Write interim communications to senior management. Identify information processing and technology risks, evaluate controls and make recommendations for improvement in processes and controls. Evaluate hardware and software platforms, network infrastructure, IT strategy, policies and management practices.

Last audits performed : South America SAP Upgrade (as Lead Auditor), Systems Delivery Management (as Lead Auditor), IT Planning and Governance (as Lead Auditor), SAP implementation audit, IT Server Virtualization, Data Loss Prevention, Business Process Outsourcing, User Access Management for the Enterprise Data Warehouse.

Currently leading the GM Financial IT Governance Audit.

2012 : 2014

General Motors

Senior IT Auditor
Company: Baker Hughes
Years of Experience: 21
Spoken Language: Chinese, English, French, Italian, Portuguese, Spanish

Skills

Business Intelligence, Business Process, Business Process Audit, COBIT, Communication, Compliance Management, Compliance Program Management, Cross-cultural Communication Skills, Cultural Intelligence, Cybersecurity, Databases, Data Privacy, Disaster Recovery, ERP, Executive Leadership, Foreign Languages, Governance, Information Security, Information Technology, Internal Audit, Internal Controls, IT Audit, IT Compliance, ITIL, IT Management, IT Outsourcing, IT Service Management, IT Strategy, Leadership, Management, Network Administration, Networking, Network Security, Operating Systems, Oracle, PMP, Policies & Procedures, Privacy Compliance, Process Improvement, Program Management, Project Management, Project Portfolio Management, Regulatory Compliance, Risk Management, SAP Audit, Sarbanes-Oxley Act, SDLC, Security, Standards Compliance, Unix

About

Seasoned cyber security, risk and compliance professional with International Experience: Europe, South America, Asia, USA.

Project Management, Audit, Ethics & Compliance, IT Operations, Cybersecurity and Fraud Investigations.

CCEP, CFE, CISSP, CIA, CCSA, AWS and CRMA certifications.

US, Brazilian and Italian Citizenship.

Willing to travel both domestically and internationally.

Executive MBA from Michigan State University.

Master of Jurisprudence in Business Law & Compliance from Loyola University Chicago.



Available for public speaking opportunities on use of technology and data analysis in audit and compliance.



Languages:

• Portuguese (native)

• Fluent English and Spanish.

• Italian and French Functional.

• Mandarin Intermediate.



Published Material:

• “Multiple Configurations in MS-DOS 6”, issue # 143-XIV, Micro Sistemas Magazine (Brazil), October 1994.

• “Games for Children in Visual Basic”, issue # 150-XIV, Micro Sistemas Magazine (Brazil), June 1995.

• Introduction to the ORACLE Database, issues # 158, 159 and 160, Micro Sistemas Magazine (Brazil).

• Developed manuals for various companies, including the official course materials for ITECI (Brazil): “UNIX Shell Programming”, “SCO UNIX Administration” and “AIX Administration”.



Accreditations and Certificates:

• CFE (Certified Fraud Examiner).

• CISSP (Certified Information Systems Security Professional).

• CRMA (Certification in Risk Management Assurance).

• CIA (Certified Internal Auditor).

• CCSA (Certification in Control Self-Assessment).

• AWS Certified Cloud Practitioner.

• MCP (Microsoft Certified Professional).

• Certificate of Proficiency in English, University of Michigan, USA.

• HSK (Certificate of Chinese Proficiency) Level 4.



Specialties: Cybersecurity, Audit, IT Compliance, IT Governance, RDBMS (Relational Database Management Systems), Network and Desktop Support, Cobit, SOX testing, Control Self-Assessment, Project Management, Audit Management, Compliance Programs Implementation, Compliance and Audit data analytics.