Philadelphia, Pennsylvania, United States
I'm a compliance and risk professional with 7+ years of experience building and running governance programs at enterprise technology companies. At SAP America, I own the IT compliance program across 100+ services — designing the risk frameworks, governance workflows, and reporting infrastructure that keep security posture visible to senior leadership. A big part of that work over the last two years has been building SAP's AI governance program from scratch: establishing the cross-functional review process across data privacy, works council, and risk workstreams to ensure AI deployments align with emerging regulatory requirements, including the EU AI Act. Before SAP, I spent three years at Deloitte Consulting leading technology transformations for Pennsylvania's Health and Human Services programs — which gave me an early grounding in regulatory-constrained delivery and sensitive data environments. My focus now is on AI governance and compliance — specifically how traditional GRC frameworks need to evolve for AI products, where the regulatory questions around data flows, model risk, and audit trails are genuinely new territory. I'm currently pursuing my HCISPP certification and working to deepen my applied knowledge of the NIST AI RMF and EU AI Act.
Currently leading IT governance and compliance program operations across SAP's service portfolio, with a focus on embedding compliance controls into product and infrastructure processes. Building a service governance dashboard using AI tooling to automate compliance reporting and surface infrastructure risk in real time — bringing programmatic visibility to governance data that previously required manual aggregation. Also managing SAP's Business Continuity Management program across 30+ critical services, including maturity assessments, scoring, and improvement roadmap delivery.
• Built AI governance into SAP's IT compliance program by establishing the cross-functional approval process spanning data privacy, works council, and risk work streams — ensuring AI initiatives aligned with emerging regulatory requirements including the EU AI Act while maintaining full audit traceability across all use cases. • Owned the enterprise compliance monitoring program across 108 services — architecting the automated scoring engine and governance workflows in MS Power Apps that produced a 25% average improvement in service health scores and became the single source of truth for compliance posture. • Designed real-time Power BI dashboards surfacing non-compliant services to 10 senior managers — eliminating manual reporting and cutting escalation time from quarterly to real-time. • Managed SAP's internal risk process against NIST CSF and ISO/IEC 27001 controls, giving leadership continuous visibility into enterprise risk and driving measurable reduction in the critical risk backlog each quarter. • Reviewed 100+ architecture design documents — assessing data flow boundaries, infrastructure scope, and security requirements against internal policies and regulatory standards before stakeholder sign-off. • Embedded a compliance review track into the quarterly release cycle across 10 product teams — running regulatory and security disposition checks in Azure DevOps before each sprint release to resolve risk exceptions pre-deployment. • Led recurring compliance awareness training across 108 services, translating NIST and ISO framework requirements into actionable guidance for service owners and architects.
• Led end-to-end delivery of technology transformation projects for Human Services agencies at federal, state, and local government level — coordinating cross-functional teams from development through go-live across multiple quarterly releases. • Managed stakeholder validation sessions to confirm that system requirements met client regulatory and operational standards before sign-off on each release.
• Delivered systems integration projects for Pennsylvania's Health and Human Services programs — supporting benefits delivery applications that handled sensitive health and social services data under state and federal regulatory requirements. • Managed the full release cycle from requirements definition through go-live, including estimation, scope definition, and walkthrough sessions to validate business requirements against client standards. • Coordinated cross-functional delivery across developer and testing teams on 2 concurrent client projects, aligning work to individual skill profiles and maintaining scope throughout.
• Researched to create a white paper on Hybrid Agile Systems Development Methodology (SDM) in Mobile Application development • Understood the framework, methodology, activities and artifacts for delivering IS to client using best practices of both Agile and Waterfall • Worked closely with the Functional, Design, Development and Testing teams to understand new techniques
PEPP Learning Assistant (PLA) for an after-school mentoring/tutoring program in Reading School District. Provided academic assistance (tutoring, homework help, etc.), acting as a role model, creating a lesson plan and presenting a lesson.
Successfully completed internship titled “RADAR (13557) – Data Profiler” with Testing Service Line in Larsen & Toubro Infotech Ltd. Developed an application which can extract data from Oracle database and can be viewed in spreadsheet format. • Performed data profiling using Java, Oracle & SQL Server to develop framework • Developed Regex Screen and customized UI using Java Swing, Java Database Connectivity (JDBC)