Summary
Overview
Work History
Education
Skills
Websites
References
Timeline
Generic

Gregory Baker

McKinney

Summary

Accomplished Operational Risk Officer with extensive experience at Wells Fargo, focusing on cybersecurity and information security. Proven expertise in developing robust risk mitigation strategies and governance frameworks, complemented by strong analytical skills. Successfully enhanced risk reporting and compliance processes, contributing to a more resilient enterprise risk management environment. Career goals include further advancing organizational cybersecurity initiatives and fostering a culture of proactive risk management.

Overview

21
21
years of professional experience

Work History

Operational Risk Officer

Wells Fargo
McKinney
07.2021 - Current
  • Review and approved all Information Security Risk Enterprise Key Risk Indicators (KRI), Operational Risk Key Risk Indicator (ORKRI), and Risk Appetite Measure (RAM).
  • Conducted Information Security Risk Type Review and Challenge of Front Line quarterly Enterprise Risk Identification Assessment (ERIA).
  • Conduct Independent Overall Risk Assessment (IORA) for the Information Security Risk Type.
  • Contributed to assessing information security risks through the RCSA framework.
  • Offer critical evaluations that aid in refining response strategies for the bank's cyber defense exercises.
  • Provided feedback on self-identified audit issues.
  • Completed analysis and assessment of Operational Risk Events within a 3-day SLA specific to Information Security Risk.
  • Designed and maintained monitoring routines for Front Line Information Security Domains.
  • Evaluated the effectiveness of existing risk control measures through periodic reviews of key performance indicators.

Global Risk and Compliance Specialist

Bank of America
06.2011 - 07.2021
  • Managed PRC (Process, Risks, and Controls) Metrics Inventory
  • Responsible for updating and maintaining the Global Technology & Operations (GT&O) System of Record (ORCIT) to ensure compliance with LRR and to maintain an accurate record of PRC details along with metric and reporting alignments for GIS
  • Responsible for writing POCE (Process Overall Control Effectiveness) ratings for PRC to ensure GIS remained in compliance with bank standards and policies
  • This includes ensuring each process is rated by control and metric performance, as well as identifying any operational loss
  • Often reviewed with Process owners as applicable to capture full scope of process
  • Lead RCSA for GIS by collaborating with and challenging each process and control owner to identify performance gaps within their space
  • Assisted in the creation of new processes and controls to close those identified gaps
  • Developed a monthly 'Metrics Performance Report' in which the data was utilized in an overall Process Health Dashboard and was distributed to the executive management team
  • Fulfilled requests from Audit and Issue Management
  • Ensured that all gaps were clearly explained
  • Documented 'Go to Green' plans (action plans) and all applicable timeliness
  • Built and Maintained GIS SharePoint site (allows for the reporting of risks and issues by GIS associates)
  • - Responsible for maintaining permissions for all teams and SharePoint sites within my organization
  • Built and Maintained Risk Governance Intake site (allows for the reporting of changes to Processes, Risks, and Controls through this site which alerts the team when a change is needed)

Specialist-Info Security Engineer

Bank of America
06.2011 - 06.2011
  • Managed Book of Work (PRC) for Cyber Security Operations (CSO) which encompasses Cyber Security Assessments, Cyber Threat Monitoring & Response, Cyber Threat Recovery, Enterprise Data Loss Prevention and Network & Application Security
  • Investigated and validated Control Relevancy across CSO, ensure Controls were mapped to specific and relevant cyber threats
  • Mapped Control cost and tools used across CSO
  • Ensured limited gaps within the Cyber Security Framework within the bank (Control Gap Analysis)
  • Aligned Industry Cost to Controls and eliminated spending waste by reallocating current or existing resources
  • Ensured Control atmosphere aligned to the NIST framework
  • Designed and executed a Centralized Engagement Strategy to incorporate all GIS assessments into a single point of contact for the LOB
  • Built all internal SharePoint websites for all CSO teams
  • Automated the bank's Enhanced Remediation Process (ERP) across the enterprise
  • This allowed the LOBs to add exceptions via web interface portal and generate reports of their specific exceptions
  • Automated reporting and analytics from this tool to the Senior Leadership Team
  • Managed Application Development Security Framework (ADSF) Assessments for all ECIO/GIS/TI Lines of Business ensuring all scheduled assessments were completed and any findings were remediated
  • Managed Ethical PHISHing campaigns across LOBs to identify gaps in training & awareness
  • Drove Internal audit issues to close, which included development of milestones to ensure audit issues were closed on time
  • Assisted in identifying and closing of issues and gaps within Cyber Security Operations' processes

Information Technology Project Manager

Maverick Mortgage
Frisco
03.2004 - 05.2007
  • Analyzed customer requirements and developed detailed specifications for software applications.
  • Conducted periodic inspections of job sites for quality and progress.
  • Monitored resource utilization across multiple projects to optimize resource allocation decisions.
  • Secured continuous project scope alignment with business objectives and made modifications to enhance effectiveness toward intended result.
  • Forecasted, scheduled and monitored project timelines, personnel performance, and cost efficiency.
  • Managed daily activities of cross-functional teams to ensure successful completion of tasks within timeline.
  • Built and established strong partnerships with teams, vendors and contractors.

Education

Tarrant County College

High School -

The Colony High School

Skills

  • Risk reporting
  • Cybersecurity risk
  • Information security
  • Governance, risk, and compliance
  • Operational risk
  • Incident management
  • Key risk indicators
  • Third-party risk
  • Enterprise risk management
  • Risk mitigation strategies
  • Metric Development
  • Risk Analysis
  • Security metrics and reporting
  • Information risk management

References

References available upon request.

Timeline

Operational Risk Officer

Wells Fargo
07.2021 - Current

Global Risk and Compliance Specialist

Bank of America
06.2011 - 07.2021

Specialist-Info Security Engineer

Bank of America
06.2011 - 06.2011

Information Technology Project Manager

Maverick Mortgage
03.2004 - 05.2007

Tarrant County College

High School -

The Colony High School

Similar Profiles

  • PATRICIA M. SCHERER

    PATRICIA M. SCHERERPATRICIA M. SCHERER

    Regional Bank Private Banker II at Wells Fargo Bank / Wells Fargo AdvisorsRegional Bank Private Banker II at Wells Fargo Bank / Wells Fargo Advisors

  • Andrew S. Hollenbach

    Andrew S. HollenbachAndrew S. Hollenbach

    Collateral Valuation Analysis at Wells Fargo Home Mortgage and Wells Fargo Bank NACollateral Valuation Analysis at Wells Fargo Home Mortgage and Wells Fargo Bank NA

  • Laxmikanth Chittampally

    Laxmikanth ChittampallyLaxmikanth Chittampally

    Senior Operational Processor at Wells Fargo India Solution PVT Ltd, Wells FargoSenior Operational Processor at Wells Fargo India Solution PVT Ltd, Wells Fargo

  • Mayank Oberoi

    Mayank OberoiMayank Oberoi

    Financial Accounting Associate/ Alteryx SME at Wells Fargo International Solutions Private LTD (Wells Fargo)Financial Accounting Associate/ Alteryx SME at Wells Fargo International Solutions Private LTD (Wells Fargo)

  • Ethan Nash

    Ethan NashEthan Nash

    Performance Mechanic at Maverick Motors DFWPerformance Mechanic at Maverick Motors DFW

CREATE PROFILE
Gregory Baker