Profiles search
Richard Garcia
Manager, Information Security Governance and Risk
Glendale Heights, IL, United States
Details
Experience:
2022 : Present
Equity Residential
Manager, Information Security Governance and Risk
2018 : 2022
Grainger
IT Security Consultant
2018 : 2022
Grainger
Information Technology Security Analyst
2017 : 2018
TEKsystems
IT Security Specialist
Technology Risk Senior Specialist
• As a senior risk specialist and part of a cross functional international team, I assisted with the creation and implementation of a governance process that included items such as 3rd party connection analysis, lifecycle management, recertification and risk assessments. I was responsible for implementing the governance remediation in the United States to provide a business case for a global implementation. I also was in charge of validating and analyzing all connections coming into the bank infrastructure. Created several procedures and processes to properly handle demise of unused connections based on NIST cyber standards
• As part of a second line of defense, I documented risks within the organization that if left without remediation could prove financially disruptive to the bank. Provided this information to the first line of defense to follow up and assist with the remediation
• BAU activities included actions such as assisting first line of defense in defining their information risk appetite, maintaining on-going visibility of key initiatives and helping to prioritize oversight according to risk. Increasing the understanding of information risks within the bank by explaining these in plain/business terms and helping to ensure that these are kept within their risk appetite by recommending mitigating actions. Assisted with reviewing external and internal audit findings, business risk reviews and any other related KRIs to establish risk themes and provide advice on remediation
2014 : 2017
HSBC
Technology Risk Senior Specialist
Equity Residential
Manager, Information Security Governance and Risk
2018 : 2022
Grainger
IT Security Consultant
2018 : 2022
Grainger
Information Technology Security Analyst
2017 : 2018
TEKsystems
IT Security Specialist
Technology Risk Senior Specialist
• As a senior risk specialist and part of a cross functional international team, I assisted with the creation and implementation of a governance process that included items such as 3rd party connection analysis, lifecycle management, recertification and risk assessments. I was responsible for implementing the governance remediation in the United States to provide a business case for a global implementation. I also was in charge of validating and analyzing all connections coming into the bank infrastructure. Created several procedures and processes to properly handle demise of unused connections based on NIST cyber standards
• As part of a second line of defense, I documented risks within the organization that if left without remediation could prove financially disruptive to the bank. Provided this information to the first line of defense to follow up and assist with the remediation
• BAU activities included actions such as assisting first line of defense in defining their information risk appetite, maintaining on-going visibility of key initiatives and helping to prioritize oversight according to risk. Increasing the understanding of information risks within the bank by explaining these in plain/business terms and helping to ensure that these are kept within their risk appetite by recommending mitigating actions. Assisted with reviewing external and internal audit findings, business risk reviews and any other related KRIs to establish risk themes and provide advice on remediation
2014 : 2017
HSBC
Technology Risk Senior Specialist
Company:
Equity Residential
Spoken Language:
English, Spanish
About
A Senior Technology Risk Specialist with extensive experience in providing oversight at a global, regional and country level. Knowledgeable of the latest risk management tools and the processes for implementing. A team player and subject matter expert with a commitment to quality and risk avoidance.
Profile Photo
