Andrew Dwyer

DeFi and Digital Asset Tokenization Security Architect

Cincinnati, Ohio, United States

About

Experience

  • U.S. Bank (8 yrs 1 mo)
    • DeFi and Digital Asset Tokenization Security Architect
      Jun 2026 - Present · 2 mos

      Partner with innovation, business and technology teams to help secure design and engineering aspects for digital asset tokenization ecosystem (depository agent, transfer agent and custodian) during execution, settlement, and servicing of digital assets and tokens using DeFi Financial Ecosystem, DEXs (Decentralized Exchanges), and Cross-Chain bridges for U.S. Bank, customers, custodians and third parties. Formulate Information Security requirements, controls and guardrails for securing Digital Asset and Token Agents on dApps  for authentication, authorization and access controls for stakeholders (managers, transfer agents, custodians, and fund administrators).

    • Risk Manager - IT Asset Management
      Oct 2023 - Jun 2026 · 2 yrs 9 mos

      Support the enterprise business partners to maintain an agile, well-controlled environment for overall IT Asset Management by continually refining IT taxonomies, defining sources of records, and normalizing IT Asset data attributes across the enterprise. • Act as a trusted advisor to the aligned Program Leaders and their direct reports. • Consult on strategic initiatives that are defined by the product area owner; ensure risks are appropriately documented, reported, and escalated. • Provide advisory and implementation support in the development of management responses to manage associated risk. • Identify and implement process improvements across risk and compliance programs. • Use data analysis to help aligned Program leaders develop a more proactive and anticipatory approach to risk management. • Provide leadership on how to effectively achieve and sustain compliance with regulatory, industry and contractual obligations, as well as information security policies and practices. • Serve as a functional liaison between the Business Line and second and third lines of defense.

    • Crypto Assets / Blockchain Risk Management
      Oct 2021 - Oct 2023 · 2 yrs 1 mo

      Specifically responsible for identifying and mitigating risks associated with Digital Assets (e.g. cryptocurrency, tokenized assets, stablecoin) and the underlying technology infrastructure and protocols (e.g. distributed ledger, blockchain, cryptography) at an enterprise level across the bank. Developed standards related to digital wallets (HD, seed phrase, Multi-sig, etc...) and risk frameworks for distributed ledgers / blockchain on-boarding (consensus mechanism review, smart contract auditing). Research rules, regulations, laws, and guidance applicable to specific digital asset management processes to identify relevant authority and develop enterprise-level digital asset management frameworks and policies establishing requirements for managing operational risks. Analysis and reporting to management on SAB-121 to understand technical requirements that result in capital charges for custody of crypto assets. Partner with other Enterprise Fraud and Payments Risk Management and Operational Risk Management risk managers to advise business lines on risk mitigation activities to support knowledge sharing related to Crypto Asset technologies to update their business processes for new technology risk.

  • IT Audit Manager at TriHealth
    Mar 2017 - Jul 2018 · 1 yr 5 mos

    Works with the Director Internal Audit to develop and execute a comprehensive, risk-based audit program focused on 1) adequacy and propriety of internal and operational controls, 2) assessment of efficiency and effectiveness of processes and systems and 3) identification of performance improvement and best practice opportunities. Responsible for identification/evaluation of the organization's technology risk areas; providing input to the internal audit plan; conducting independent, objective IT audits in accordance with IIA standards; ensuring effective communication to Management of results/recommendations to assist in achievement of business objectives; and serving as a resource to the audit team during execution of IT procedures on operational, financial or integrated audits.

  • Sr. Operational Risk Analyst at Vantiv
    Dec 2016 - Mar 2017 · 4 mos

    Assist with leading the development, execution, and maintenance of the programs and activities related to management of critical operational risks. Review Operational Risk as part of the Enterprise Risk Management department with emphasis on Technology Risk and Controls. Facilitate risk reporting while developing appropriate Risk and Performance indicators. Work with process owners within business functions critical to day to day operations to document key processes and quickly recognize controls and gaps along with ability to quantify risks associated with gaps. Review new projects and initiatives to help with the identification of emerging risks, potential impact on existing risks and controls and act as an advisor on risk mitigation strategies.

  • Senior IT Auditor at Federal Reserve Bank of Cleveland
    Nov 2013 - Oct 2016 · 3 yrs

    Evaluate governance and risks to determine the effectiveness and efficiency of controls for the Bank and Federal Reserve's environment. Lead System and local audit projects having the goal of improving the efficiency and effectiveness of Bank operations and the Audit function.

  • Senior Auditor, IS at Federal Reserve Bank of San Francisco
    Jul 2011 - Nov 2013 · 2 yrs 5 mos

    • Lead & execute IT audits of Federal Reserve IT systems and infrastructure, both for the Bank of San Francisco, and reviews of information technology owned and managed for the FRB system as a whole. • Audit liaison to the FRB system efforts to upgrade the applications and infrastructure overseen by the Board of Governors.