JOSHUA WOOD
Sr. Risk & Control Manager
ST. AUGUSTINE,FL
Summary
Data driven and results driven pragmatic leader with demonstrated experience across enterprise level InfoSec and Risk & Control spaces. Deep expertise in developing solid strategies and delivering results within complex and multifaceted organizations, while acting as a change agent. Ability to engage with stakeholders at all levels and expertly articulate complex Risks succinctly. Champions diverse culture and world class talent bench with unwavering ethics. Deeply compassionate and drives a culture of excellence where courage and innovation are celebrated.
Overview
1
1
Language
3
3
Certificates
4
4
years of post-secondary education
11
11
years of professional experience
Work History
SVP, Safety and Soundness Manager
Citi
Jacksonville, FL
04.2018 - Current
- Lead large and diverse team spanning across multiple disciplines and across geographies; both virtually and in person.
- Developed and implemented new global Security strategies and policies in collaboration with executive partners across multiple organizations.
- Spearheaded build-out of a cross-functional team to address growing 3rd party code risk along with established recurring weekly steerCo to govern and track progress.
- Key partner in developing response to multiple OCC requests and MRA partnering with stakeholders from all levels, resulting in creation of new Digital Development Standards.
- Extensive experience in driving security and risk mitigation practices throughout the Agile lifecycle and shift left methodologies.
- Operates as principal lead for all organizations Audit and Risk and control activities
Vulnerability Assessments, Manager
Citi
Jacksonville, FL
05.2013 - 04.2018
- Led and supported 20+ person team; accountable for performance, training and development, and morale.
- Drove VA compliance against 140+ application for 6 Organizations and 15 LoBs resulting in 98% on time testing, 25% reduction in associated Costs, and 94% on time remediation.
- Collaborated with business leadership to identify new and innovative approaches to application and infrastructure security; driving down common finding recurrence.
- On boarded and designed customized workflow management tool, specialized for VA space recognizing huge improvements in efficiency and accuracy across team.
- Lead working group responsible for designing new Agile focused release VA approach; seeing almost immediate positive return against critical Consumer Banking applications globally.
- Responsible for the coordination of VA audit reports including the resolution of open audit issues.
- Deployed a risk based approach to VA testing, focusing the team on solution-ing security based on risks.
- Demonstrated leadership and executive communication abilities.
- Controlled costs and optimized spending against VA via restructuring of testing for labor, shared technology, and streamlining test cases.
Vulnerability Assessment Program Manager
Citi
Jacksonville, FL
10.2012 - 05.2013
- Standardized VA process for all Brands and Third-party sites, bringing them into alignment with broader VA approach used within Global Consumer.
- Successfully lead multiple large-scale projects with competing resources and deliverables with a 100% on time delivery.
- Designed stable and scalable VA structure for all Third-Party sites, solving for persistent resource, scheduling, and funding hurdles.
- Redesigned and updated several VA process documents and created embedded process checklists to simplify and streamline tasks.
- Assumed responsibility of all Vulnerability assessments for the NAM critical Banking and Cards applications leading to increased testing accuracy and reducing testing timelines by 20%.
- Scheduled and drove staff meetings to discuss new ideas and update participants on VA Program details and testing milestones.
- Performed VA program research and analyzed historical data to develop cost estimates and budgets.
Sr. Information Assurance (Security) Analyst
KSH Solutions
Jacksonville, FL
10.2011 - 10.2012
- Performed expansive network vulnerability scanning, maintaining defense in depth strategies across 300+ server and 4500+ user DoD medical enterprise network.
- Analyzed network security and vulnerability scans and provided in-depth reports to senior site leadership; detailing recommended remediation and risk mitigation solutions.
- Proactively implemented sophisticated network security measures to prevent intrusion following in-depth, cross-border, analysis.
- Authored all command IA documentation to include SOP’s, TT&P’s, and CoOP/BCP documents.
- Lead trainer for all new analysts focusing on security concepts, defense in depth strategies, vulnerability analysis, and effective remediation techniques.
- Performed and coordinated all DIACAP/DITSCAP scanning, analysis, and reporting for command, delivering quarterly executive reports.
- Recipient of the Captain Joan Dooling Award for Information Security Professional Excellence in 2012 at NHJAX.
Sr. Technical Site Lead/System Manager
Science Applications International Corp, SAIC, NH Jacksonville
Jacksonville, FL
07.2010 - 11.2011
- Operated as team lead and Systems Manager for the Composite Health Care System (CHCS) and AHLTA E.H.R.
- Supporting 6th largest DoD Medical Treatment facility.
- Implemented stronger data back-up/disaster recovery procedures, NAS restructuring, and more normalized database following catastrophic system failure.
- Collaborated with Subject matter experts to re-write and update older SOP’s for DoD’s Composite Health Care System and AHLTA HER – Later rolled out through whole DoD.
- Designed and wrote technical site response procedures and informational binder for JCAHO, IG, AAAC, and CAP inspections focusing on CHCS and AHLTA recovery.
- Facilitated, as Principle engineer, the major infrastructure upgrade for site E.H.R.
- And medical records system to include project management, equipment installation, and personnel management.
Education
Bachelors of Applied Sciences - Information Systems Security
ITT Technical Institute
03.2009 - 01.2013
Skills
Policy and procedure development/adherence
undefinedAffiliations
Charity Organizations: MS Society, Jacksonville Chapter Member – 2015 - Present
Certification
CISSP
Timeline
CRISC
05-2019
SVP, Safety and Soundness Manager
Citi
04.2018 - Current
CISM
04-2018
CISSP
02-2017
Vulnerability Assessments, Manager
Citi
05.2013 - 04.2018
Vulnerability Assessment Program Manager
Citi
10.2012 - 05.2013
Sr. Information Assurance (Security) Analyst
KSH Solutions
10.2011 - 10.2012
Sr. Technical Site Lead/System Manager
Science Applications International Corp, SAIC, NH Jacksonville
07.2010 - 11.2011
Bachelors of Applied Sciences - Information Systems Security
ITT Technical Institute
03.2009 - 01.2013
Similar Profiles
Navneeth DilipNavneeth Dilip
KYC Analyst at CitiKYC Analyst at Citi
Ranjani KasinathanRanjani Kasinathan
Assistant Vice President at CitiAssistant Vice President at Citi
Nabharaj ShresthaNabharaj Shrestha
Technology Lead at CitiTechnology Lead at Citi
Larrentz ManoraLarrentz Manora
Assistant Vice President - Costco Product Manager at CitiAssistant Vice President - Costco Product Manager at Citi
Nicole DeMicheleNicole DeMichele
Medical Assistant at Island DoctorsMedical Assistant at Island Doctors