Senior Risk and Compliance Project manager

Capco

1. Senior Risk and Compliance Project manager at Capco
2. Jul 2020 – July 2023
3. • Overseeing the management and execution of multiple GRC (Operational Risk) projects, ensuring alignment with organizational objectives and regulatory requirements across business lines.
4. • Collaborate with the Product Manager and Business and Technology partners to develop Program Charter, objectives, and value proposition roadmaps in alignment with organizational goals while managing risk and ensuring regulatory and policy compliance.
5. • Developed risk control strategies and action plans to mitigate identified risks and strengthen internal controls.
6. • Develop a clear roadmap for achieving program objectives, including resource allocation, milestones, and timelines.
7. • Define roles, responsibilities, and communication protocols for stakeholders at different levels.
8. • Implement a rigorous credit risk assessment process to evaluate the creditworthiness of borrowers and counterparties. In addition, develop credit scoring models, rating methodologies, and decision-making criteria.
9. • Monitor the overall health of the credit portfolio, identifying trends and potential areas of concern while defining and enforcing credit underwriting standards that align with regulatory requirements and industry best practices.
10. • Ensure consistency and accuracy in assessing credit applications, and Leverage data analytics to identify emerging credit risks, trends, and opportunities for process improvement.
11. • Implemented robust monitoring and reporting mechanisms to track risk metrics, Key Risk Indicators (KRIs), and Key Performance Indicators (KPIs) to proactively identify emerging risks and ensure timely mitigation.
12. • Established compliance monitoring processes, utilizing key control indicators (KCIs) to proactively identify emerging risks and ensure timely mitigation.
13. • Collaborated closely with Front Line (FL) and Independent Risk Management (IRM) teams and Operational Risk Business Oversight (ORBO) to ensure alignment between risk management and compliance activities.
14. • Conducted regular compliance audits to assess the organization's adherence Risk Management Framework (RMF), Governance and Oversight Framework, and applicable regulations, including SOX, PCI DSS, GLBA, GDPR, NYDFS, and CCPA/CPRA.
15. • Develop a comprehensive data governance strategy aligned with the organization's goals and industry best practices.
16. • Establish a robust data governance framework that includes policies, standards, processes, and guidelines for data management and stewardship.
17. • Create a clear roadmap for implementing data governance initiatives, including prioritized projects, milestones, and timelines while ensuring alignment with business objectives and regulatory requirements.
18. • Implement data quality assessment processes to measure and improve the accuracy, completeness, consistency, and timeliness of data.
19. • Define data classification levels based on sensitivity and business impact.
20. • Collaborate with security teams to establish data access controls and encryption standards.
21. • Develop change management plans to facilitate the adoption of data governance practices across the organization. - Address resistance and cultural challenges to ensure successful implementation.
22. • Develop and implement a data governance maturity model to track the organization's progress and evolution in data governance practices.
23. • Conducted comprehensive risk assessments (quantitative & qualitative) and designed control frameworks to mitigate operational risks and Implemented the NIST Cybersecurity Framework (CSF) to enhance the organization's cybersecurity posture, conducting risk assessments and driving continuous improvement.
24. • Prepared detailed risk reports and presentations for executive leadership, highlighting key risk areas, trends, and recommended mitigation strategies.
25. • Led cross-functional projects in the implementation of Risk Control Self-Assessment (RCSA) methodology with a focus on Conduct Risk, Financial Crimes Risk, Technology Risk, Information Security Risk, Data Management Risk, Change Management Risk, and Information Management Risk.
26. • Extensive experience in conducting risk assessments, developing control measures, and monitoring compliance indicators.
27. • Maintaining a partnership with the company’s operations and other business units that deal with audit risk issues.
28. • Fostered a culture of continuous improvement, mentoring and coaching team members, and implementing best practices to enhance project management capabilities.
29. • Identifying and capturing project dependencies and interdependencies and managing them throughout the lifecycle as outlined in the dependencies and interdependencies plan
30. • Develop and maintain project management methodologies that encompass both Waterfall and Agile practices (Confluence).
31. • Led periodic risk assessments and automated control testing leveraging ServiceNow Integrated Risk Management product suite to ensure ongoing compliance.
32. • Use MS Project to maintain an overall view of the project portfolio and its progress.

University of Bridgeport

Biomed Eng