Profiles search

Bria Desai

Information Security, Risk Management, Governance, Risk & Compliance, IT auditor SOC2, SOX, PCI DSS, NIST, GDPR (CISSP)
Tampa, FL, United States

Details

Experience: Investment Banking & Finance Corp. September-2023- Current

• Responsible for sharing regulatory and compliance requirements with business.

• Partner with internal audit team on walkthroughs, provide evidence, and close any gaps.

• Review and remediate audit findings and provide statuses of the audit findings resolutions to business leaders.

• Assist in documenting compensating controls, risk acceptance, remediation, avoidance, and transfer.

• Collaborate on IT policies and standards.

• Communicate Information Security risk posture to management.

2023 : Present

Investment Banking and Finance

Information Security

2020 : 2023

Kryterion, Inc.

Information Security & Compliance Manager

• Served as Subject Matter Expert to IT governance and FRB Regulatory compliance.

• Documented IT risk assessments, control gaps and gap remediation plans.

• Work with technical teams and control owners to implement internal audit findings, risk assessment, regulatory compliance practices and SOX deficiencies.

• Managed reviews and created IT Security policies, standards, procedures, and guidelines and kept them current.

• Collaborated with representatives from the internal audit, external audit firms, Finance and IT

to review, test, and provide evidence for IT controls.

• Supervised and managed SOX, SOC & various internal audits. Provided guidance based on NIST, COBIT, PCI, & GDPR compliance frameworks.

• Made recommendations and lead process changes and improvements to meet regulatory compliance.

2018 : 2019

Western Alliance Bank

IT Audit, Risks, Governance, and Compliance

2017 : 2018

Brakebush Brothers, Inc.

Sr. Project Manager

2016 : 2017

Mobile Mini Solutions

SAP Business Analyst
Company: Investment Banking and Finance

About

• 20+ years of experience in a combination of risk management, information security, and IT, all with 9+ years in a senior leadership role.

• Breadth of experience in developing and implementing digital security and governance programs covering Confidentiality, Integrity & Accountability.

• Adapt at protecting information assets such as data, networks, applications, and people with clear understandings of security goals and risk management objectives.



Fast track management style with implementing cutting edge technologies. Effective collaboration with executive management trans-culturally throughout Europe, Asia Pacific, and the Americas.



I thrive in ambiguity and enjoy creating simple, logical, compelling narratives to bring teams and partners on the journey towards meaningful change.



I received my Masters of Computer Science and began my career as a IT professional at Oracle corporation. Since, then I have broadened depth and breadth of my leadership capabilities and technical experiences. I have lived and worked across the U.S.



Core Competencies:



--Cyber Security and risk mitigation (CISSP - Certified)

-- Cyber Security and regulatory compliance

-- Security policies for information security governance

-- Risk identification and analysis

-- Risk & vulnerability management

--SOC2, SOX, & PCI DSS Audits with internal and external auditors

--IT strategy & Execution

-- COBIT-5, NIST, CIS, GDPR

--Leadership in highly complex matrix environments, both direct and virtual

--Process improvement and facilitation of organizational transformations

--Strong analytical skills with business acumen in supply chain, & manufacturing

--Lean/Process Improvement

--Consulting