Profiles search

Mark Henrichsen

Senior Information Security Manager at American Express
Salt Lake City, UT, United States

Details

Education: Bachelor of Arts - BA

Music

Brigham Young University
Experience: • Responsible for Technolgy Risk Reporting and Technology Policies & Standards teams

• Author of information security program annual reports and summary presentations for boards of directors, for multiple years across multiple legal entities.

• Support cybersecurity and technology risk responses to US and international regulatory exam and internal audit requests.

2023 : Present

American Express

Senior Information Security Manager

Assist the Bank Information Security Officer in coordinating between enterprise information security and American Express National Bank (USA).

2019 : 2023

American Express

Deputy Bank Information Security Officer / Information Security Manager

Responsible for coordinating between the enterprise information security functions and the business in Latin America & Caribbean, including American Express Bank Mexico as a temporary work assignment.

2020 : 2021

American Express

Acting Director, Bank Information Security Officer : Latin America & Caribbean

Operations Issues and Risk Manager in US Deposits business unit of Marcus by Goldman Sachs. Coordinated risk control assessments and issues resolution planning. Consolidated and reported issues to management, across all functions and lines of defense.

• Reduced the number of past due items and issue age at closure by driving awareness, ownership and accountability through Business Controls Meeting agenda and dashboards.

• Created a new process for Technology and Operations “business self-identified issues” that produced consistent documentation and facilitated item tracking through closure.

• Improved Compliance QC (Quality Control) metrics more than other Marcus business units.

• Coordinated termination of relationship with third party contact center supplier, including network and telephony disconnects as well as secure migration of 1TB of call metadata.

• Designed and executed new procedures to eliminate noted gaps in Operations.

• Doubled the available seats and improved productivity potential by providing new strategy for future disaster recovery planning.

2017 : 2019

Goldman Sachs

Vice President, Savings Operations / Business Controls

Information security leader responsible for supplier risk management, role and entitlement management, data loss prevention (DLP) and incident escalation for GS Bank USA.

• Audited and documented employee account migration from GECapitalBank.com to GSBank.com within a critical two-week transition window.

• Onboarded key bank systems to Goldman Sachs tools for role and entitlement approvals, within 90 days of acquisition, ensuring Sarbanes Oxley (SOX) and IT Controls compliance.

• Ensured continuous controls through transition from GE Capital to Goldman Sachs by defining data loss prevention (DLP) configuration requirements and validating successful integration with firmwide incident response escalation process.

• Analyzed DLP incident escalations and identified process improvements to prevent future recurrences of similar issues.

• Co-Captain of gold medal Trivia Mania team for Salt Lake County Corporate Games.

2016 : 2017

Goldman Sachs

Vice President, Technology Risk
Company: American Express
Years of Experience: 26
Spoken Language: English, Spanish

Skills

Business Process Improvement, CISA, Cross-functional Team Leadership, Financial Analysis, Information Risk Management, Information Security, Information Technology, IT Management, IT Strategy, Leadership, Management, Operational Risk Management, Process Improvement, Program Management, Project Management, RCSA (Risk / Control Self-Assessment), Records Retention Management, Risk Management, Sarbanes-Oxley Act, Security, Six Sigma, Strategy, Troubleshooting, Vendor Management

About

Accomplished Risk Manager with more than 20 years’ experience in Technology and Operations with Fortune 100 finance companies. Detail-oriented understanding of business requirements and processes, with knowledge of the underlying technology systems. Effective at increasing risk awareness and instilling ownership among business and supplier leadership teams. Other relevant skills include:



• Information Security

• Supplier Risk Management

• Enterprise and Operational Risk

• Audit and Control Assessment

• Governance and Compliance

• Document and Records Management