Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Robert Saghafi

San Diego,CA

Summary

Information Security and Cyber Risk Leader with 17+ years of experience leading enterprise security strategy and transformation across data, cloud, and AI in highly regulated environments. Proven track record building and scaling information security programs, defining secure architectures, and aligning cybersecurity initiatives with business and regulatory objectives. Trusted advisor to executive leadership, delivering measurable risk reduction, operational efficiency, and secure innovation at scale.

Overview

2027
2027
years of professional experience
1
1
Certification

Work History

Principal – AI Security & Governance Engineering

AERIS Intelligent Systems
San Diego, CA
08.2025 - Current
  • Direct design and implementation of client's enterprise-wide AI security and governance program for agentic AI and LLM systems, enabling secure cloud-native deployment aligned with NIST AI RMF and other standards such as ISO42001.
  • Defined secure AI architecture patterns and DevSecOps-integrated controls, improving deployment consistency and reducing overall AI implementation security risks by 25%.
  • Lead cross-functional teams across engineering, data, and security to implement monitoring and threat detection frameworks, reducing operational AI risk by 30%.
  • Advised executive leadership on AI strategy, risk posture, and regulatory alignment, influencing enterprise adoption of secure AI capabilities.

VP & Sr. Manager – Data Protection Governance

Northern Trust
Chicago, IL (Remote)
07.2023 - 08.2025
  • Led the data protection enablement for the enterprise rollout of generative AI capabilities across 30K+ users, establishing governance, monitoring, and risk controls for secure adoption.
  • Defined enterprise AI security strategy and roadmap across hybrid and multi-cloud environments, aligning with regulatory and business objectives.
  • Implemented Zero Trust and automated control frameworks, improving detection capabilities by 20% and achieving full closure of critical data protection gaps.
  • Developed KPI/KRI metrics and executive dashboards, enhancing visibility into AI risk posture and control effectiveness.
  • Advised executive leadership and governance committees, driving enterprise-wide AI, cloud, and data security initiatives

VP & Sr. Manager – Security Architecture

Northern Trust
Chicago, IL (Remote)
01.2022 - 07.2023
  • Directed enterprise Zero Trust and security architecture strategy across cloud, on-prem, and AI/ML platforms.
  • Designed threat modeling and control frameworks, reducing data breach risk by 20% through automation and segmentation.
  • Established enterprise security standards and governance models aligned with regulatory and compliance requirements.
  • Partnered with cross-functional teams to embed security controls across technology lifecycles.

Sensitive Data Management Advisor Lead

USAA
San Antonio, TX (Remote)
12.2019 - 01.2022
  • Led enterprise data protection initiatives across 50K+ assets, reducing data risk by 40% through classification, encryption, and DLP strategies.
  • Implemented DSPM, CASB, and cloud security controls to support secure data and AI-driven analytics.
  • Delivered executive-level reporting and advisory across security, legal, and compliance stakeholders.

Business Systems Consultant V (Lead)

Wells Fargo
San Antonio, TX
04.2016 - 12.2019
  • Led implementation of extended BMC Remedy GRC platform to the IT4IT organization, improving the complete and timely management of identified issues and problems by 60%, audit readiness by as much as 80%, and satisfactory Risk and Controls Self Assessment (RCSA) results.
  • Developed KPIs, KRIs, and executive dashboards to track control effectiveness and risk posture.
  • Partnered across business and technology teams to align governance, compliance, and security initiatives.

Sr. Systems Analyst & Implementation Consultant

International Medical Corporation (IMC)
Los Angeles, CA
08.2015 - 03.2016
  • Implemented enterprise email security and data protection solutions, aligning technical controls with business and compliance requirements.
  • Led system configuration, deployment, and policy development, improving security posture for 1.5K+ users.
  • Coordinated cross-functional teams to deliver secure infrastructure solutions, ensuring operational stability and compliance.

Earlier Career Snapshot

2008-2015
2008 - 2015
  • Business Systems Consultant V – Wells Fargo, Los Angeles, CA | 2014 – 2015
  • Business Analyst – Information Security GRC – Richfield Technology (IBM), Los Angeles, CA | 2010 – 2014
  • Business Unit Risk Analyst – Technology Operations Emirates National Bank of Dubai, Dubai, UAE | 2008 – 2010

Education

Master of Science - (MSc) Cybersecurity & Information Assurance

Western Governors University Texas
Austin, TX
12-2017

Bachelor of Science - (BSc) Aviation Sciences

Everglades University
Boca Raton, FL
02-2006

Skills

  • Enterprise Information Security Leadership
  • Cyber Risk Management & Governance
  • Cloud Security & Zero Trust Architecture
  • Data Protection & Privacy Engineering
  • Security Architecture & Secure System Design
  • Regulatory Compliance & Audit (FFIEC, NIST, ISO, GDPR, SOC2, PCI-DSS, ITGC/SOX)
  • Security Program Transformation & Modernization
  • Executive Advisory & Stakeholder Engagement

Certification

  • Certified Information Security Manager (CISM)
  • Certificate of Cloud Security Knowledge (CCSK)
  • Certificate of Competency in Zero Trust (CCZT)
  • Trusted AI Safety Expert (TAISE)
  • Oracle Cloud Infrastructure 2025 Certified Generative AI Professional

Timeline

Principal – AI Security & Governance Engineering

AERIS Intelligent Systems
08.2025 - Current

VP & Sr. Manager – Data Protection Governance

Northern Trust
07.2023 - 08.2025

VP & Sr. Manager – Security Architecture

Northern Trust
01.2022 - 07.2023

Sensitive Data Management Advisor Lead

USAA
12.2019 - 01.2022

Business Systems Consultant V (Lead)

Wells Fargo
04.2016 - 12.2019

Sr. Systems Analyst & Implementation Consultant

International Medical Corporation (IMC)
08.2015 - 03.2016

Earlier Career Snapshot

2008-2015
2008 - 2015

Master of Science - (MSc) Cybersecurity & Information Assurance

Western Governors University Texas

Bachelor of Science - (BSc) Aviation Sciences

Everglades University