Susanna Carbone
Staten Island,NY
Summary
Accomplished Technology Portfolio, Program and Project Manager with expertise in technology, cybersecurity, and risk management. Demonstrated success in delivering high-profile business-critical system integration and architecture migration projects within the financial industry. Proficient in software design and development, with a thorough understanding of full project and software development life cycles. Adept at defining strategic direction and providing cutting-edge, consistent, efficient, and cost-effective technology solutions that meet client needs. Skilled in leading senior management governance committees, building credibility, and fostering relationships with business users, peers, and executives through promoting collaboration between cross-functional teams.
Overview
32
32
years of professional experience
Work History
VP of Cybersecurity / Governance, Risk & Controls
Moody's Corporation
07.2022 - 08.2024
- Managed identification, assessment, and resolution of critical technology and cybersecurity issues, reducing business disruption
- Coordinated quarterly Risk and Control Self-Assessments (RCSA) across 20 Cybersecurity domains to identify and mitigate IT and cybersecurity risks
- Established a monthly Cybersecurity Risk Committee forum, provided risk metrics for improved risk monitoring
- Increased overall risk transparency and enabled better executive decision-making
- Prepared and presented detailed risk reports to IT senior management and stakeholders, highlighted critical risks and recommended mitigating risk strategies
- Established and automated a unified exception management process within ServiceNow to ensure consistent risk assessment, approval, tracking, and remediation of cybersecurity exceptions
- Consolidated 13 exception processes into a single streamlined process
- Oversaw a Cybersecurity Council tasked with evaluating the risk of cybersecurity exceptions and ensuring adherence to regulatory mandates and internal guidelines
- Served as the primary contact within Cybersecurity for the Enterprise Risk Management (ERM), Internal Audit, Internal Controls, and IT Compliance teams
- Led annual IT SOX testing activities and coordinated responses to internal and external audit findings to ensure regulatory SOX compliance
AVP of Cybersecurity / Identity and Access Management, IT Audit & Risk Management
Moody's Corporation
01.2020 - 06.2022
- Responsible for design and testing of SOX-ITGC Access Controls
- Automated Segregation of Duties (SoD) and Developer Access to Production IT SOX controls across 12 business applications using SailPoint platform. Reduced manual workload by 60%
- Designed and implemented a new Service Account password change process within Service Now, resulting in strengthened cybersecurity posture timely adherence to Moody's password management policy
- Collaborated with the Enterprise Risk Management team to design and implement the IBM OpenPages GRC platform, leading the migration of the Cybersecurity risk register and achieving a 50% reduction in open issues
- Liaised with internal and external IT Audit teams to support the annual IT SOX audit activities
AVP of Project Management / Portfolio Governance & Strategic Planning
Moody's Corporation
03.2018 - 12.2019
- Managed the Portfolio Governance and Reporting function, encompassing program management of Portfolio Reporting, Demand Management, Annual Planning, Enterprise Technology Acquisition process (ETAP) and Capital Credit Letters IT processes
- Led annual Portfolio Planning for the Moody's IT book of work
- Facilitated demand review sessions, conducted impact assessments and collected effort estimates
- Facilitated demand prioritization session with senior leadership
- Conducted quarterly IT Portfolio status reviews and communicated monthly updates on the book of work status to senior management and business stakeholders
- Managed monthly ETAP Steering Committee Meetings and updates to the technology acquisition roadmap
- Developed a comprehensive Operational Planning and Demand Intake process, seamlessly integrated with technology acquisition forecasting and the creation and upkeep of the Release Calendar, effectively minimizing redundancy
- Incorporated the ETAP evaluation framework into the RFP process, standardizing both the RFP questionnaire and the Software Scorecard
- Automated the submission of Capital Credit Letters through ServiceNow, resulting in enhanced data quality and ensuring compliance with SOX and accounting policies
Sr. Project Manager / Planning and Governance
Moody's Corporation
03.2013 - 03.2018
- Developed and implemented processes to improve project management, streamline operations, and guarantee adherence to regulatory standards
- Supported strategic planning and reporting
- Collaborated with Infrastructure and IT Risk teams to develop a new demand intake process, ensuring consistent assessment, prioritization, and operationalization of projects
- Delivered enhancements to the Vendor Resource Management System, automating vendor resource processing
- Provided project management oversight, facilitated stakeholder discussions, ensured PDLC adherence, and coordinated with Release Management
- Managed the collection and consolidation of roadmap updates for Board of Directors presentations
- Prepared materials for the Strategic Alignment Committee and IT Executive Council reviews of the IT portfolio
- Compiled IT Project Portfolio metrics, including project success criteria and delivery metrics
- Supported Portfolio and Operational Planning, oversaw weekly portfolio reporting, and conducted project manager training
Software Development Manager / Document Management and Ratings Systems
Moody's Corporation
09.2010 - 03.2013
- Managed all aspects of application development and L3 production support for the business-critical Ratings Operations and document management systems
- Successfully managed complex project plans and resolved technical issues, demonstrating strong analytical reasoning and problem-solving skills
- Successfully delivered the Corporate Finance Bond Covenant project, coordinating across multiple teams to ensure its timely implementation
- Managed quarterly maintenance releases, integrating essential components from the Dodd-Frank Act while staying focused amidst organizational changes
- As a member of a task force focused on enhancing performance and throughput of a legacy rating system, achieved 80% improvement
- Mentored junior team members
Portal Application Support Manager
NYC Department of Information Technology and Telecommunications (DoITT)
03.2009 - 09.2010
- Managed a team of application support and WebLogic engineers responsible for New York City's public facing and intranet portals
- Oversaw deployment of new applications, enhancements, and bug fixes to the official New York City website NYC.gov and to citywide intranet sites across all environments
- Collaborated with PMO, Solution Architecture and QA teams to determine project timelines and identify team tasks
- Managed the change control process and reviewed all change requests for potential impact to the internet and intranet environments
- Coordinated and directed initial assessment, communication, and resolution of production incidents for 70+ public facing internet applications
- Interfaced with technical infrastructure teams including Unix SAs, DBAs, Network Support and IT Security for maintenance and incident resolution activities
- Improved team productivity and stability of supported sites via evenly distributing workload, cross-training of team members and enforcing change management process
- Implemented process improvements based on industry standards and best practices, including creation of SOPs and communication guides for recurring activities, permit to operate process, and standardization and automation of application deployments
- Led multi-team troubleshooting effort and root cause analysis for all urgent and for high priority production incidents and drove them to resolution
- Effectively managed communication of progress and presented findings to the senior executives and business owners
- Coordinated activities across 10 technical infrastructure teams to implement memory upgrades, Sun Solaris OS Patch upgrade and a Google Search Appliances upgrade in all environments
- Reviewed, approved, assigned and coordinated across teams 700+ deployments to all controlled environments
Technical Project Manager, VP, Private Bank
JPMorgan Chase
01.2007 - 12.2008
- Effectively managed all aspects of several concurrent strategic initiatives in the Client Services domain from project charter to delivery in the PMO environment
- Partnered with business experts to determine project scope, define business requirements and coordinate resources
- Conducted regular status, technical and stakeholder meetings and presented weekly executive level progress reports
- Managed risks and issues, proposed and implemented mitigation strategies and managed scope creep to assure successful project delivery
- Coordinated system integration and user acceptance testing, and supported internal end-user training and coaching
- Reengineered Client and Account Address maintenance workflow process and successfully migrated it to the new strategic Portal/service-oriented architecture using Java /J2EE, IBM WebSphere, IBM Process Server and Sybase database
- Achieved savings of nearly $100,000 per year in operating costs through automation to the Enterprise accounting platform
- Provided project leadership across business lines and organizational units such as Front Office Relationship Managers, Client Service and Operations business sponsors, Client Experience, Technology, and QA, utilizing PMI best practices
- Enhanced user experience and streamlined workflows across distributed back-end systems while adapting a new Fiduciary business operating model resulting from Trust Accounting platform consolidation
- Analyzed business requirements, created wireframes and authored detailed functional specifications
- Achieved consistent client experience and limited client exposure risk by providing a single point of data entry and reducing the need for manual re-keying
Technical Advisor/Project Manager, VP, Private Bank
JPMorgan Chase
01.2006 - 12.2007
- As a trusted technical advisor to senior business and technology executives, developed recommendations to drive technology strategies and directions
- Gathered, validated and analyzed program level business requirements and developed recommendations related to IT efficiency & effectiveness
- Ensured that the implementation of initiatives was consistent with IT strategy and standards
- Estimated efforts for various system integration & technology initiatives to drive out future years budgets and assessed feasibility of proposed technical solutions
- Participated in selection of IBM Global Business Services as a provider of technology strategy consultants for the Client Services and Operations application platform review utilizing workflow reengineering methodology, and oversaw subsequent vendor engagement
- As Technical Client Liaison, participated in user interviews to capture current system state, identified automation opportunities and assessed potential for service-oriented architecture (SOA)
- Presented findings to senior business and technology management to get buy in
- Conducted application impact analysis for Trust Accounting platform consolidation project in support of Bank One merger
- Partnered with Treasury & Securities Services to reverse-engineer Funds Transfer functionality and incorporate it into the existing digital imaging software resulting in savings of over $1 million per year in operating costs
Application Development Manager, VP, Private Bank
JPMorgan Chase
12.2004 - 01.2006
- Led redesign and implementation of the business critical Intranet Client Service website including interfaces for Account Opening, Client and Account maintenance, Funds Transfer and Cash Management reports using Java technologies, WebSphere and Sybase in a distributed system environment
- Managed $1.2 million in direct technology expenses
- Directed all phases of system development and implementation from analysis and design to level 3 post-implementation support and BAU
- Effectively managed a globally distributed team of 20+ developers, including on-shore, off-shore, and vendor consultants to ensure on-time project delivery
- Increased business productivity by eliminating outdated processes, introducing process efficiencies and improving overall application response time
- Increased application resiliency and achieved 99.9% application up-time
- Significantly reduced cost and complexity of future deployments by reducing the number of deployment sites from 13 to 1
- Conducted design and code reviews to reduce complexity, ensure reusability and simplify application maintenance
- Partnered with business sponsors to perform business and technical needs re-assessment which resulted in nearly 25% project scope reduction
- Leveraged existing work to reduce project expenses and ensure on-budget delivery
- Worked closely with Performance & Scalability team to implement website tuning and assure production readiness by conducting concurrent load, cluster failover and disaster recovery tests
- Partnered with Global Technology Infrastructure Team to procure, configure, test and fine-tune new Sun Solaris servers
- Approved Software License and Maintenance agreements, Professional Services and Statements of Work and managed day-to-day vendor engagement
- Improved team dynamic and retained talent through coaching and recognition of professional achievement
Team Lead - Sr. Application Developer, Associate, Private Bank
JPMorgan Chase
01.2001 - 12.2004
- Led a team of application developers in implementation of several bank-wide Accounting Platform consolidation projects in support of the Chase Manhattan / JPMorgan merger including AMTrust to OmniTrust migration
- Mentored junior team members in user interface design, object-oriented programming and software frameworks
- Designed and developed the proof-of-concept prototype for the web-based account inquiry and maintenance system utilizing WebSphere Application Server, JSP, EJB and servlets with Sybase database
- Selected by management to oversee design and implementation of the Client Services website based on outstanding performance as a Team Lead and in-depth knowledge of department operations
Sr. Application Developer, Associate, Private Bank
JPMorgan Chase
09.1998 - 01.2001
- Designed and implemented various application performance and user productivity improvements for the 3-tier Account Maintenance and Cash Management system using Visual Smalltalk Enterprise, C++ and Sybase database
- Provided level-3 production support in partnership with Global Infrastructure team
- Re-engineered and implemented business critical Funds Transfer subsystem
- Increased number of transactions per day to 700+, up from 130
- Implemented a response time initiative which resulted in a 75% application performance improvement
- Provided significant cost saving by reducing vendor dependency and enabling the team to bring all development in-house
Sr. Programmer Analyst
Federal Reserve Bank of New York
01.1993 - 12.1998
- Participated in analysis, design and implementation of on-line financial services application suite using Visual Smalltalk Enterprise and Tensegrity database since conception
- Conducted demonstrations, user interviews and gathered business requirements
- Served as a main contact for the Software Quality Assurance support
- Mentored and managed junior staff members
- Analyzed, designed, coded and tested business components and user interface for Funds Transfer and ACH applications
- Developed major components of the application framework using Object-Oriented Technology & Design
- Prototyped system design, conducted usability testing and participated in creation of GUI Design Standards for the entire system
Education
B.S. - Computer and Information Science
Brooklyn College
Brooklyn, NYSkills
- Project Management
- Portfolio management
- IT Strategy & Governance
- Metrics reporting, issue management, status reports
- Cross-functional team leadership
- Executive-level support
- Innovation management
- Negotiation
- Resource Allocation
- Problem-solving abilities
- Team collaboration
- Budgeting and cost control
- Strategic Partnerships
- Strategic business planning
- Knowledge of SOX-IT General Controls, ISO / IEC 27001, ITIL, COBIT, and NIST
- Effective organizational, time management and interpersonal skills
- Analytical mindset with creative and innovative problem-solving skills
- Ability to adapt to change and embrace ambiguity
- Excellent verbal & written communication skills
- Proficient with Microsoft Office suite (strong in Microsoft Project, PowerPoint and Excel)
- IT Governance, Risk & Controls and IT Audit
- Identity & Access Management (IAM)
- Business Process Reengineering and process improvement
- People Management & Development
- Vendor & Offshore Resource Management
- Risk Management, Risk Impact Assessment, Risk Advisory Services
- Visio
- MS SharePoint
- JavaScript, HTML, XML, Smalltalk, SQL
- SailPoint
- ServiceNow
- IBM OpenPages
Professional Courses
- Project Management for IT professionals
- Time Management
- Effective Business Writing
- Hands-On Website development
- Design Patterns
- Graphical User Interface Design
- Usability Testing
Languages
Russian
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Timeline
VP of Cybersecurity / Governance, Risk & Controls
Moody's Corporation
07.2022 - 08.2024
AVP of Cybersecurity / Identity and Access Management, IT Audit & Risk Management
Moody's Corporation
01.2020 - 06.2022
AVP of Project Management / Portfolio Governance & Strategic Planning
Moody's Corporation
03.2018 - 12.2019
Sr. Project Manager / Planning and Governance
Moody's Corporation
03.2013 - 03.2018
Software Development Manager / Document Management and Ratings Systems
Moody's Corporation
09.2010 - 03.2013
Portal Application Support Manager
NYC Department of Information Technology and Telecommunications (DoITT)
03.2009 - 09.2010
Technical Project Manager, VP, Private Bank
JPMorgan Chase
01.2007 - 12.2008
Technical Advisor/Project Manager, VP, Private Bank
JPMorgan Chase
01.2006 - 12.2007
Application Development Manager, VP, Private Bank
JPMorgan Chase
12.2004 - 01.2006
Team Lead - Sr. Application Developer, Associate, Private Bank
JPMorgan Chase
01.2001 - 12.2004
Sr. Application Developer, Associate, Private Bank
JPMorgan Chase
09.1998 - 01.2001
Sr. Programmer Analyst
Federal Reserve Bank of New York
01.1993 - 12.1998
B.S. - Computer and Information Science
Brooklyn College
Similar Profiles
Alexandre Lozada EcheniqueAlexandre Lozada Echenique
Senior Financial Analyst at Moody's CorporationSenior Financial Analyst at Moody's Corporation
Jay GoswamiJay Goswami
Business Analyst - LMS at Moody's CorporationBusiness Analyst - LMS at Moody's Corporation
Alexandre Lozada EcheniqueAlexandre Lozada Echenique
Senior Financial Analyst at Moody's CorporationSenior Financial Analyst at Moody's Corporation
Brandi ChildsBrandi Childs
Pelvic Floor Physical Therapist at JAG Physical TherapyPelvic Floor Physical Therapist at JAG Physical Therapy
Janine BellucciJanine Bellucci
Bartender/Server at Kettle BlackBartender/Server at Kettle Black