Summary
Overview
Work History
Education
Skills
Accomplishments
Websites
Certification
Timeline
Generic

Sandra Lewis

Denton,Texas

Summary

Strategic and technically adept Cybersecurity and Compliance Program Manager with 20+ years of experience driving enterprise IT, risk, and regulatory programs across leading financial institutions. Proven success managing multi-million-dollar cyber, AML, and GRC initiatives at Truist, BMO, and Bank of America. Combines deep knowledge of regulatory frameworks (SOX, COBIT, OCC) with hands-on expertise in cybersecurity, agile delivery, and data-driven governance. Recognized for bridging the gap between technical and business teams to deliver risk-reducing, audit-ready solutions in highly regulated environments.

Overview

12
12
years of professional experience
1
1
Certification

Work History

Senior Project Manager – SOX/GRC

Truist Bank
Charlotte, NC
06.2023 - 06.2025
  • Oversaw Cyber GRC program execution, IT control lifecycle, quarterly certifications, and remediation monitoring.
  • Managed Archer-based risk documentation and collaborated with Big Four vendors on regulatory readiness, issue management, and control testing.
  • Directed technical remediation through full project lifecycle using PMLC9, Azure DevOps, SharePoint and Clarity SaaS.
  • Delivered stakeholder communications, weekly status reporting, Monthly financials reporting, governance meeting and approvals, dashboards (Power BI, Tableau), and process flow documentation.
  • Completed deployment readiness, and communication plans for internal teams and external clients. Completing training sessions, office hours, internal emails, Policy and procedure updates and corporate communications.

Senior Project Manager – Financial Crimes Unit (FCU)

Bank of Montreal (BMO)
Remote
11.2022 - 05.2023
  • Managed OCC remediation projects for API and container inventory governance and SNOW integration with AWS API Gateway.
  • Oversaw application lifecycle compliance for API/CD1 migrations and completed GRCE Windows 2021 upgrades with IBM teams.
  • Produced executive status reports, resource plans, and governance deliverables across Cyber, SDLC, and PDLC domains.

Global Information Security Project Manager

Bank of America
Charlotte, NC
03.2021 - 09.2022
  • Managed cyber risk programs focused on Identity Access Management, threat vulnerability, and compliance remediation.
  • Delivered global infrastructure deployments, content inspection (B2B/API), and ensured audit-readiness across U.S., EMEA, and APAC.
  • Managed enterprise release schedules, permits, and ServiceNow integrations.

Scrum Master / Program Manager

Bank of America
Charlotte, NC
03.2018 - 03.2021
  • Spearheaded agile execution of enterprise compliance and cybersecurity programs, coordinating with Product Owners and scrum delivery teams.
  • Implemented SAFE PI planning, Jira, and Rally for feature tracking and backlog management.
  • Directed programs involving document management platforms and regulatory tools (iOriginate, iFulfill, DCRS).

Scrum Master (Various Roles)

Bank of America
Charlotte, NC
08.2016 - 09.2017
  • Delivered AML, regulatory, and infrastructure projects using Agile methodology and Scrum best practices.
  • Led budgeting, forecasting, QA coordination, and financial reporting for technical projects.
  • Drove deployment readiness in PRISM and managed risk/control documentation via SharePoint and Nexus.

Scrum Master (Various Roles)

Bank of America
Charlotte, NC
09.2013 - 08.2016
  • Delivered AML, regulatory, and infrastructure projects using Agile methodology and Scrum best practices.
  • Led budgeting, forecasting, QA coordination, and financial reporting for technical projects.
  • Supported the development team in understanding user stories, acceptance criteria and definition of done.

Education

Associate Degree - Management Information Systems

Oklahoma State University

Skills

  • Azure DevOps
  • Project management
  • Regulatory compliance
  • Stakeholder communication
  • JIRA
  • Rally
  • Clarity (on-prem & SaaS)
  • MS Project
  • Archer GRC
  • Power BI
  • Tableau
  • SQL
  • HTML
  • Teradata
  • Hadoop
  • Data Warehousing
  • PRISM
  • PPRT
  • PCM
  • Service now
  • Nexus
  • IFulfill
  • Discovery
  • SDLC
  • PDLC
  • SOX
  • COBIT
  • COSO
  • SAFE
  • Six Sigma
  • Risk assessment
  • Task prioritization
  • Scrum master
  • Team leadership

Accomplishments

  • Delivered critical SOX/GRC initiatives at Truist by managing IT control certifications, remediation plans, and cross-functional collaboration with EY, KPMG, and Deloitte.
  • Led OCC-mandated remediation at BMO’s Financial Crimes Unit, managing API and container lifecycle controls and integrating with ServiceNow and AWS.
  • Directed global cyber risk projects at Bank of America, including Identity & Access Management, threat vulnerability programs, and regulatory compliance reporting.
  • Successfully managed $32M+ programs with cross-functional teams of 50+ resources across engineering, risk, compliance, and audit groups.
  • Enhanced enterprise control frameworks using Archer, Clarity, Azure DevOps, Power BI, and Tableau across multiple global banking institutions.

Certification

  • Certified Scrum Master (CSM), Scrum Study, #604699
  • SAFe Agile Program Execution, Completed
  • Sarbanes-Oxley (SOX), AML Compliance, Six Sigma, Structured Development Methodology (SDM)

Timeline

Senior Project Manager – SOX/GRC

Truist Bank
06.2023 - 06.2025

Senior Project Manager – Financial Crimes Unit (FCU)

Bank of Montreal (BMO)
11.2022 - 05.2023

Global Information Security Project Manager

Bank of America
03.2021 - 09.2022

Scrum Master / Program Manager

Bank of America
03.2018 - 03.2021

Scrum Master (Various Roles)

Bank of America
08.2016 - 09.2017

Scrum Master (Various Roles)

Bank of America
09.2013 - 08.2016

Associate Degree - Management Information Systems

Oklahoma State University

Similar Profiles

CREATE PROFILE
Sandra Lewis