Master of Business Administration in Information Systems -
Georgia State University
Atlanta, GA05.1997
Brian Robison,MBA
GRC Lead and Financial Services IT Risk & Controls Expert
Westport,CT
Summary
I bring a unique combination of technical, financial services, and regulatory expertise gained from Big 4, and over 20 years of experience in IT risk and controls. I work collaboratively with cross-functional technology groups to establish governance, with the goal of reducing audit findings and optimizing resources. My key strengths lie in defining strategic objectives, operationalizing security controls, and effectively communicating policy and regulatory requirements to stakeholders. I excel in proactively addressing controls that are at risk of non-compliance and am proficient in applying control frameworks such as NIST and ISO to implement efficient controls and assess their effectiveness in reducing risk, with a focus on continual improvement.
Framework Expertise
- NIST CSF
- NIST 800-53
- ISO 27001
- FFIEC
- GLBA
- CobIT
- Data Privacy
Skills
- Regulatory Expertise
- Enterprise Risk Management
- Compliance Monitoring
- Corporate Governance
- Privacy Regulations
- Information Security
- Risk Management
- Compliance Reviews
- Compliance Reporting
- Risk Analysis
- Policy Development
- Policy Enforcement
Accomplishments
· Led team of 10 in developing the GRC application and executive reports.
· Achieved 100% on-time implementation of 50+ remediation action plans per year.
· Resolved control design issues with automated solutions resulting in resource optimization.
· Improved compliance by managing RCSAs and KPIs.
· Analyzed exception trends in ServiceNow to develop new risk management policies.
· Supervised a team of 5 staff members in fulfilling evidence requests for regulatory requirements.
· Achieved strategic goals through managing enterprise Cybersecurity programs.
· Rolled out clear guidance in standardizing security processes for merged companies.
Certification
- Certified Information Systems Auditor, CISA cert# 1189077
- Certified Information Systems Security Professional, CISSP cert# 437680
- AWS Certified Cloud Practitioner (CLF)
- OneTrust Platform - GDPR Data Privacy Management
Education
Bachelor of Arts in Liberal Arts -
Emory University
Atlanta, GA05.1992
Overview
26
26
years of professional experience
4
4
Certifications
Work History
GRC Lead
S&P Global
03.2020 - 01.2024
- Provided expert guidance on regulatory requirements, ensuring that clients maintained full compliance with industry standards.
- Established strong relationships with stakeholders to support successful execution of GRC initiatives.
- Supported the integration of GRC tools within client environments, streamlining workflows and enhancing overall efficiency.
- Enhanced GRC program effectiveness by conducting comprehensive risk assessments and recommending mitigation strategies.
Information Security Officer
First Abu Dhabi Bank
Washington, DC
11.2018 - 03.2020
- Developed the risk assessment process based on NIST's Cyber Security Framework
- Identified key administrative and technical controls in mitigating security risks relevant to business and IT operations and the overall threat landscape
- Evaluated the effectiveness of the Information Security Program in meeting the acceptable risk level and in complying with data privacy laws such as GLBA.
IT Risk Officer
S&P Global
New York, NY
02.2018 - 10.2018
- Supervised onboarding and security provisioning processes of an 800+ outsourced team
- Reported compliance status on the completion of required training and background checks
- Reviewed logical access to ensure role-based appropriateness and identified users with privileged access to monitor periodic securities trading activities.
IT Senior Manager
Accume Partners
New York, NY
03.2015 - 01.2018
- Performed IT assurance and consulting projects within the banking and insurance industries
- In charge of maintaining the quality of work papers, assigning, and scheduling staff resources, and performing IT controls and application testing.
IT Internal Auditor
IT Audit Contractor
New York, NY
01.2010 - 02.2015
- Performed IT consulting projects within the manufacturing, telecom, insurance/ reinsurance, and financial services industries
- Experience included working at General Electric (GE) reviewing systems in treasury operations to comply with the company's new designation as a Systemically Important Financial Institution (SIFI)
- Non-banking clients included Jefferies, Hain-Celestial, First Federal Bank, ATMI, and Wilton Re.
Owner
Environmental Risk Services
Westport, CT
11.2007 - 12.2009
- Started company, from developing an initial business plan and client base to detailing services and managing full P&L
- Assessed health risks of environmental dangers and designed remediation plans according to industry standards
- Documented scope and work performed to process claims payout according to compliance.
IT Risk and Assurance Manager
PricewaterhouseCoopers
New York, NY
10.1997 - 10.2007
- Managed all aspects of systems reviews and business processes for Fortune 500 financial service and insurance companies
- Implemented quality review efforts and evaluated the effectiveness of internal controls at the corporate and business unit levels
- Consulted on control design and remediation plans to mitigate issues raised.
Timeline
GRC Lead
S&P Global
03.2020 - 01.2024
Information Security Officer
First Abu Dhabi Bank
11.2018 - 03.2020
IT Risk Officer
S&P Global
02.2018 - 10.2018
IT Senior Manager
Accume Partners
03.2015 - 01.2018
IT Internal Auditor
IT Audit Contractor
01.2010 - 02.2015
Owner
Environmental Risk Services
11.2007 - 12.2009
IT Risk and Assurance Manager
PricewaterhouseCoopers
10.1997 - 10.2007
Master of Business Administration in Information Systems -
Georgia State University
Bachelor of Arts in Liberal Arts -
Emory University
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Similar Profiles
Kartik ChoubeyKartik Choubey
Senior Software Developer at S&P GlobalSenior Software Developer at S&P Global
Jyanashree KochJyanashree Koch
Junior Research Analyst at S&P GlobalJunior Research Analyst at S&P Global
SusindraKrishnaa NatarajanSusindraKrishnaa Natarajan
Senior Software Development Engineer in Test at S&P GlobalSenior Software Development Engineer in Test at S&P Global
Ekhsan SatarEkhsan Satar
Account Manager at S&P GlobalAccount Manager at S&P Global
Andrew WillisAndrew Willis
Undergraduate Research Assistant at Saddoris LabUndergraduate Research Assistant at Saddoris Lab