Summary
Overview
Work History
Education
Skills
Affiliations
Certification
Home - Number
Mobile - Number
Timeline
Generic

Ramona V. Walker

Union

Summary

Seasoned Cyber and Information Security Officer with over 25 years in Technology and Financial Services Risk Management. Specializes in regulatory compliance, risk management frameworks, strategic planning, and program governance. Expertise in implementing tailored risk mitigation solutions and analyzing technical issues to inform business decisions. Strong collaborator and independent contributor, effectively communicating complex concepts to diverse stakeholders.

Overview

13
13
years of professional experience
1
1
Certification

Work History

VP, Operational Risk Manager, Business Controls Manager, Technology & Cyber Risk

WELLS FARGO
, New York,
2017 - 2025
  • Leveraged industry frameworks to identify risks, evaluate impacts, and implement effective mitigation strategies.
  • Developed metrics and testing methodologies to ensure compliance with data privacy regulations, including CCPA and GDPR.
  • Engaged with technology and cybersecurity teams to ensure robust information security controls were maintained.
  • Collaborated with stakeholders to conduct root cause analysis, recommending controls and executing corrective action plans.
  • Governed compliance remediation progress, achieving a 71% reduction in policy exceptions within 90 days.
  • Established Technology Policy Exceptions Review Committee to guide managers on compliance requirements and remediation processes.
  • Served as central contact for audits and risk control self-assessments, providing timely documentation and corrective action plans that enhanced risk mitigation efforts.
  • Executed data analysis and reporting for audit engagements, ensuring quality deliverables and effective control testing.

VP, Group Information Security Officer, Enterprise Strategy, Divested & Citi Holdings

CITI
New York, NY
06.2013 - 06.2017
  • Served as the primary contact for Citi Holdings CEO and CFO on information security matters, delivering subject matter expertise on IS requirements' impacts on business operations through executive-level metrics reporting in MS PowerPoint.
  • Partnered with Information Security teams supporting sector-specific Citi Holdings businesses and collaborated with Operations & Technology (O&T) organizations, including Mergers, Acquisitions and Divestitures (MA&D), to ensure operational risk control and compliance during divestiture activities.
  • Delivered training and raised awareness on IAM Segregation of Duties (SoD), malware, phishing, and other cyber threats impacting planned divested businesses, embedding IS risk mitigation routines into daily operations.

Enterprise Governance Committees Sector Representative

CITI
, New York,
06.2006 - 06.2017
  • Provided leadership to business sectors as the central point of contact and served as the voting committee member for various Information Security Governance programs, such as: Data Protection (DP), Identity and Access Management (IAM), Third Party Information Security Risk Assessments (TPISA), Information Security Risk Assessment (ISRA), and Security Incident Reporting (SIRT).
  • Collaborated with Data Protection committee members to identify and implement security tools and controls, including leading global roll-out of Symantec’s VONTU Content Monitoring solution to prevent data leakage within enterprise risk tolerance.
  • Created and implemented the enterprise IAM Manager Review Quality Assurance questionnaire that facilitated efficient controls testing and addressed audit concerns. The success of the questionnaire as a testing tool became the company standard in validating effective performance execution of IAM and Segregation of Duties (SoD) requirements.
  • Partnered with LOB Representatives to manage annual Gramm-Leach-Bliley Act (GLBA) deliverables, ensuring compliance attestation for the firm.
  • Worked with a dedicated Application Vulnerability Management team to develop the Information Security Review Process (ISRP) to document, validate and certify controls implementation at each stage of the SDLC process to ensure remediation of potential vulnerabilities and/or control weaknesses prior to deployment.
  • Applied COBIT, ISO 27000, NIST, and FFIEC frameworks to guide enterprise program execution, enabling LOBs to meet regulatory, legal, and compliance requirements.

VP, Business Information Security Officer, Corporate Center Global Functions

CITI
New York, NY
06.2008 - 06.2013
  • Managed the annual Gramm-Leach-Bliley (GLBA) attestation process for Corporate Center Businesses, provided Subject Matter Expert (SME) and guidance, coordinated all activities and tracking and recorded all deliverables in Citi’s Regulatory database accessible by the OCC and FRB.
  • Led the Corporate Center Information Security Audit preparation for achievement of the ISO 27001 Certification.
  • Launched Segregation of Duties (SoD) pilot project to identify and remediate toxic combinations in business processes and applications, enhancing fraud risk mitigation.
  • Coordinated Information Technology Policy Council’s (ITPC) operations, delivering annual updates to Citi Information Security Standards (CISS) and related policies to meet industry, legal, and regulatory requirements.
  • Collaborated with sector senior business management to establish and monitor compliance reports for senior management, utilizing Excel tracking reports and PowerPoint presentations.

VP, Business Information Security Officer, Global Consumer International

CITI
New York , NY
06.2006 - 06.2008
  • Guided Consumer businesses, including Cards, Retail Bank, and Operations & Technology (O&T), to fulfill Citi’s IS and PCI DSS requirements, ensuring compliance and security.
  • Led the identification of risks and embedded regulatory, PCI DSS, and Citi’s mandatory IS control requirements resulting in successful risk remediation in the businesses daily operations.
  • Performed Information Security due diligence for the CitiGold application for compliance with all Citi risk management requirements enabling a successful and timely global launch with no security incidents to-date.
  • Executed Data Protection Content Monitoring roll-out with enterprise Data Protection Governance team, leading remediation of 3,000 Global Consumer content monitoring incidents to mitigate data leakage risk.

VP, Senior Technical Manager, ITRMO Program Business Interface

CITI
New York, NY
06.2004 - 06.2006
  • Coordinated external regulatory examinations, acting as primary liaison between Senior Information Security managers and external auditors to ensure Citi's compliance with NIST, FFIEC, GLBA requirements, achieving first satisfactory rating in 'Information Security' for the Enterprise.
  • Developed formal interaction model and regulatory review process documentation for agency reviews (OCC, OTS, FRB, etc.) across Citi sectors, enhancing transparency and consistency throughout reviews’ lifecycle.
  • Conducted Information Security assessments across various businesses to identify key functions, processes, and workflows.

Education

Master of Business Administration - General Management

TUCK SCHOOL of BUSINESS at DARTMOUTH COLLEGE
Hanover, NH

Bachelor of Business Administration - Management Information Systems

PACE UNIVERSITY, LUBIN SCHOOL of BUSINESS
New York, NY

Skills

  • Root cause analysis
  • Proficient analytical skills
  • Competent in adapting to new technologies and applications
  • Technology adaptation
  • Exceptional organizational acumen
  • Effective collaborator
  • Excellent communicator
  • Self-directed
  • Self-motivated

Affiliations

  • GBRW – Global Board Ready Women
  • ISACA – New Jersey Chapter

Certification

  • CISM (Certified Information Security Manager)
  • CRISC (Certified in Risk and Information Systems Controls)

Home - Number

(908) 688-5807

Mobile - Number

(646) 821-7991

Timeline

VP, Group Information Security Officer, Enterprise Strategy, Divested & Citi Holdings

CITI
06.2013 - 06.2017

VP, Business Information Security Officer, Corporate Center Global Functions

CITI
06.2008 - 06.2013

Enterprise Governance Committees Sector Representative

CITI
06.2006 - 06.2017

VP, Business Information Security Officer, Global Consumer International

CITI
06.2006 - 06.2008

VP, Senior Technical Manager, ITRMO Program Business Interface

CITI
06.2004 - 06.2006

Master of Business Administration - General Management

TUCK SCHOOL of BUSINESS at DARTMOUTH COLLEGE

Bachelor of Business Administration - Management Information Systems

PACE UNIVERSITY, LUBIN SCHOOL of BUSINESS

VP, Operational Risk Manager, Business Controls Manager, Technology & Cyber Risk

WELLS FARGO
2017 - 2025

Similar Profiles

  • Lesedi ToussaintLesedi Toussaint

    VP, Risk and Controls Officer - Enterprise Technology & Cyber Security at CitiVP, Risk and Controls Officer - Enterprise Technology & Cyber Security at Citi

  • Cheryl CashionCheryl Cashion

    Manager, Business Controls & Risk Management at Santander Consumer USAManager, Business Controls & Risk Management at Santander Consumer USA

  • Alyssa BlanchardAlyssa Blanchard

    Business Risk and Controls Advisor Lead (Bank Risk Advisor) at USAABusiness Risk and Controls Advisor Lead (Bank Risk Advisor) at USAA

  • JUANITA LINGJUANITA LING

    OPERATIONAL RISK & CONTROLS SENIOR SPECIALIST at Computershare/Specialized Loan Servicing (SLS)OPERATIONAL RISK & CONTROLS SENIOR SPECIALIST at Computershare/Specialized Loan Servicing (SLS)

CREATE PROFILE
Ramona V. Walker