Information security and privacy professional, experienced with establishing effective data governance strategies, leading effective organizational change management, and creating and managing information security risk and compliance management programs. Experienced with software tools for information security and privacy management, including integrating privacy management with RSA Archer, led the development of next-generation privacy self-attestation software with Nymity, and experienced in the process of building risk and compliance frameworks through rule rationalization. Internal and external experience with entire risk assessment process, including developing risk assessment framework, conducting risk assessment process, and managing risk remediation or mitigation.