Freddie Mac
2 trillion dollar financial services company focusing on mortgage services
Senior Director, Governance, Risk and Compliance

Information Security Governance: Developed self service audit portal that linked key services provided by group, developed supporting process documentation, created controls and documentation portal and implemented optimization initiatives to improve service delivery.

Information Security Standards: Led the creation of an information security policies and standards program that aligned with internationally recognized best practices. Built policies and standards working collaboratively with business units, IT and other key groups to develop organizationally aligned requirements. Creating training plans, communications plans and processes to support long term maintenance of standards.

Information Security Controls: Developed processes to identify control thresholds, testing procedures and reporting for information security controls. The metrics were then reported to executive management and business units.

Information Security Metrics: Revamped all information security metrics reported to executive leadership, removing focus on activities completed to actionable, executive level information that directly led to more informed risk decisions.

Enterprise Risk Assessment: Led effort to evaluate information security risk across organization using ISO 27001 aligned standards to set baseline for organization and identify key risks.