Manisha Valicha
Palatine,IL
Summary
Seasoned Governance, Risk and Compliance professional with 15 years of experience in shaping and leading comprehensive risk management and compliance strategies. Proven track record in developing and implementing robust governance frameworks, mitigating risks, and ensuring regulatory compliance across diverse industries. Expertise in leveraging security frameworks and industry best practices to enhance organizational resilience and safeguard critical assets. Proficient in leading cross-functional teams, driving strategic initiatives, and delivering actionable insights to support informed decision-making and achieve organizational objectives.
Overview
18
18
years of professional experience
1
1
Certification
Work History
IT Audit Director – Information Security & Infrastructure
CIBC Bank USA
06.2021 - Current
- Develop comprehensive audit universe aligned with leading technology frameworks, compliance regulations and industry best practices to provide enhanced audit coverage to identify, evaluate and mitigate operational, technology, data and information security risks across CIBC US Region.
- Oversee diverse portfolio of 20-25 audit and advisory engagements across key areas, including Technology Infrastructure, Cybersecurity, Technology Operations, and Operational Resilience. Ensure thorough and effective coverage of risks and controls to support comprehensive risk management and enhance organizational resilience.
- Lead and mentor large teams in diligently tracking and executing comprehensive issue validations including complex regulatory issue validations while cultivating a culture of rigorous and constructive challenge to ensure the highest standards of quality and effectiveness.
- Assess Global audit coverage, deficiencies to provide insights on the coverage of US-specific risks and impact.
- Provide subject matter expertise and NIST consultation to business audit teams to facilitate comprehensive coverage of NIST controls in business audits that resulted in identifying 30% more NIST compliance issues across CIBC Cybersecurity processes.
- Deliver quarterly updates on Technology audits and deficiency remediation to the audit committee, board, and regulators (FRB, FDIC, OCC), and provide support for periodic regulatory examinations.
- Communicate, negotiate, and resolve conflicts across functions and management levels and foster strong relationships, and often recognized as a trusted advisor and business partner to promote strong risk culture.
- Proactively monitor emerging risks that stem from change initiatives within CIBC, changes in compliance and regulatory requirements, to assess impact on CIBCs risk landscape and adjust audit plan coverage as needed for US and Global audits impacting US.
- Effectively manage technology audit portfolio resources, including daily oversight, mentoring for career development, and addressing skill gaps by hiring skilled professionals and supplementing with external resources as needed.
Compliance Manager – Corporate Risk Management
Discover Financial Services
03.2021 - 06.2021
- Reviewed over 50 business processes including but not limited to Loan, Deposit, Card Operations, Payments and Financial Management, Information Security to identify and effectively challenge management on missing monitoring controls to meet all regulatory and compliance requirements that included consumer and security compliance requirements (BSA/AML, FHA, MLA, Regulation B, C E, G, CC, DD, GG, Z, SCRA, FFIEC, SOX, GLBA, GDPR, PCI DSS, CCPA)
- Effectively challenge to identify and establish preventative and detective automated monitoring controls in to meet Discover’s goals of achieving Operational excellence to create an error-free customer experience while meeting regulatory and compliance requirements.
IT Audit Manager – Cybersecurity & Infrastructure
Discover Financial Services
10.2010 - 02.2021
- Led and developed audit work programs to execute technology audits to cover broad range of Cybersecurity risks across traditional (On Prem Databases, Applications, Operating Systems, Network) and Cloud Infrastructure (AWS) in accordance with security and privacy compliance regulations (FFIEC, PCI DSS, GLBA, GDPR, CCPA, SOX), control frameworks (NIST, COBIT) and industry benchmarks (CIS, CSA)
- Provided thought leadership and strategic direction for developing new risk and compliance assessment programs to identify risks exposure and corrective actions prior to implementation of new and emerging technology implementations.
- Managed 2-4 resources assigned to audits and department projects, provided coaching and continuous performance feedback to staff to support continued talent development and career growth
- Maintained strong and effective communication on results of audits, compliance reviews, advisory engagements, issue validations while effectively building strong relationships cross-functionally through effective communication with audit and business management
- Identified opportunities to utilize data analytics to improve quality and efficiencies in performing risk and compliance technology audits
- Led and participated in department strategic imperatives by presenting innovative ideas to develop, bring efficiencies and standardize audit methodology
- Assist in developing robust Technology Audit Universe through annual and continuous risk assessments, evaluation of emerging risks and factor changes in compliance and regulations
- Promote risk-aware culture, effective risk and compliance management practices by adhering to required Internal Audit standards.
IT Governance Consultant
AMBC Inc. (Client: Littlefuse)
10.2009 - 04.2010
- Collaborated with Chief Information Officer and the Director of IT Operations to assist in developing and enhancing the IT Governance framework using COBIT and NIST standards and industry best practices.
- Partnered with IT senior leadership to develop and update IT policies and procedures for Change Management, Incident Management, Business Continuity & Disaster Recovery, and Data Center Operations, ensuring alignment with FFIEC guidance.
- Mapped over 100+ key controls to existing policies and procedures, identified control gaps and updated risk and control repository for all IT processes.
Sarbanes Oxley (SOX) Analyst
Career Education Corporation
04.2006 - 09.2007
- Conducted SOX compliance assessments for Financial, Operational and Technology processes to assess effectiveness of controls, accuracy of financial records, and efficiency of operations
- Provided recommendations to Senior Leadership for developing remediation and corrective action plans for gaps identified during testing
- Independently reviewed and documented CEC Finance and Accounting Internal Controls using Risk Control Matrix for compliance with Sarbanes-Oxley Law
- Reviewed, updated process narratives and developed process flows within 3 months by conducting walkthroughs for 30+ processes such as Accounts Receivable, Accounts Payable, Payroll, Taxation, Budgeting, Strategic Planning, Acquisition Due Diligence, Procurement, IT operations and security, Talent Management (HR) that resulted in identifying significant control gaps.
Education
Master of Commerce -
Indira Gandhi National Open University
Delhi, IndiaPost Graduate Diploma - International Business Operations
Indira Gandhi National Open University
Delhi, IndiaBachelor of Commerce - Financial Accounting & Auditing
University of Mumbai
Mumbai, IndiaSkills
Technical Skills:
- Risk Assessment and Management
- Regulatory Compliance (PCI, GDPR, SOX, FFIEC, FRB, FINRA)
- Cybersecurity Assessments (CSA, NIST, CIS, ISO)
- Issue Management and Validation
- IT Systems, Applications, Infrastructure Management & Security
Soft Skills:
- Strategic Direction & Decision Making
- Strong Communication, Negotiation & Conflict Resolution
- Critical & Analytical Thinking
- Coaching & Mentoring
- Professional Skepticism
Educationandcertifications
- Certified Data Privacy Solutions Engineer (CDPSE), 10/2020
- Certified Information Security Auditor (CISA), 03/2016
- Certified Public Accountant (CPA), 11/2016
- Master of Commerce, Indira Gandhi National Open University, 06/2009
- Post-Graduate Diploma, International Business Operations, Indira Gandhi National Open University, 06/2008
- Bachelor of Commerce (Financial Accounting & Auditing), University of Mumbai, 04/1998
Accomplishments
Cybersecurity Remediation Program: Led a large team to validate complex regulatory issues, ensuring effective remediation of high-risk Cybersecurity processes, including Data Loss Prevention and Cloud Configuration, resulting in robust regulatory compliance.
Discover’s AWS Cloud Assessment: Assessed management’s AWS cloud implementations, providing a comprehensive risk and control inventory and a strategic roadmap for ongoing Cloud security risk management.
Digital Wallets Platform: Directed the pre-implementation review of Discover's Digital Wallets, including Apple Pay and Samsung Pay, leading to a compliant, secure, and scalable digital payment platform.
Enhanced Data Analytics Utilization: Created use cases that increased the application of Data Analytics by 20% across audits and projects.
CIBC Leadership: Recognized as an emerging leader within a year and selected for CIBC's McMaster Leadership Development Program by Executive Leadership.
Discover Award: Received the President’s Plate Award for outstanding leadership in developing and enhancing the Internal Audit Training Program.
Certification
- CPA - Certified Public Accountant
- CISA - Certified Information Systems Auditor
- CDPSE - Certified Data Privacy Solutions Engineer
Timeline
IT Audit Director – Information Security & Infrastructure
CIBC Bank USA
06.2021 - Current
Compliance Manager – Corporate Risk Management
Discover Financial Services
03.2021 - 06.2021
IT Audit Manager – Cybersecurity & Infrastructure
Discover Financial Services
10.2010 - 02.2021
IT Governance Consultant
AMBC Inc. (Client: Littlefuse)
10.2009 - 04.2010
Sarbanes Oxley (SOX) Analyst
Career Education Corporation
04.2006 - 09.2007
Master of Commerce -
Indira Gandhi National Open University
Post Graduate Diploma - International Business Operations
Indira Gandhi National Open University
Bachelor of Commerce - Financial Accounting & Auditing
University of Mumbai
Similar Profiles
MICHAEL OLSONMICHAEL OLSON
Team Lead - Specialty Finance at CIBC Bank USATeam Lead - Specialty Finance at CIBC Bank USA
Celeste VasquezCeleste Vasquez
Commercial Account Specialist at CIBC BANK USACommercial Account Specialist at CIBC BANK USA
GAURI DESHMUKHGAURI DESHMUKH
Customer Service Representative at CIBC BankCustomer Service Representative at CIBC Bank
Trinity StadeTrinity Stade
Art Educator at Deerfield School District 109Art Educator at Deerfield School District 109
Daniel LangguthDaniel Langguth
Guest Service Representative at Churchill DownsGuest Service Representative at Churchill Downs