Arcadia, California, United States
I'm not a traditional auditor who learned technology. I'm a cybersecurity professional who learned audit. That distinction has shaped my entire career, and it's why I think about risk differently than most people in this space. Over 20 years I've built and led audit and enterprise risk functions for financial institutions navigating growth, regulatory complexity, and technology transformation. My career spans the full arc from hands-on cybersecurity and IT audit to Chief Risk Officer and Chief Audit Executive roles across community banking, fintech, and financial services. That technical foundation means I can engage credibly with engineering and product teams on cloud infrastructure, API integrity, and automated controls while maintaining the governance rigor that regulators and boards expect. What I've delivered: 30% reduction in audit cycle times through AI-enabled workflows and continuous monitoring, 60% increase in team productivity, $6M in recovered revenue, and 100% of critical and significant regulatory findings closed within three months. I've built audit functions from scratch, eliminated multi-million-dollar co-sourcing dependencies, and stood up BSA/AML and enterprise risk frameworks aligned to FDIC, FRB, OCC, and FinCEN expectations. I'm focused on opportunities where audit and risk leadership can be a strategic enabler, particularly in high-growth fintech, digital banking, and organizations at the intersection of innovation and regulatory accountability. CISSP | CISA
I established the enterprise risk management function from inception for this Los Angeles-based community bank, building the risk appetite framework, key risk indicators, and Board-level reporting structure from the ground up. I spearheaded the integration of AI across risk operations, enhancing fraud detection, transaction surveillance, and credit risk analytics while developing the governance framework for responsible AI adoption. I also designed and implemented the enterprise-wide governance, risk, and compliance architecture, including policies, committee structures, and escalation protocols that strengthened regulatory posture across all three lines of defense. Key contributions: • Built the ERM function, risk appetite framework, and KRI reporting from scratch • Led AI integration across fraud detection, transaction monitoring, and credit risk • Designed GRC architecture across all three lines of defense • Earned Audit Committee and Board approval for the enterprise risk framework
I provide risk-based internal audit and enterprise risk consulting to community banks and fintech-adjacent institutions navigating growth, regulatory complexity, and governance transformation. My engagements focus on building audit functions from scratch: developing the audit universe, designing risk assessments, and implementing continuous monitoring frameworks aligned to OCC, FDIC, and partner bank expectations. I also design BSA/AML quality assurance programs covering policy development, transaction monitoring validation, and SAR/CTR filing review to ensure FinCEN compliance. I advise executive leadership and Board committees on audit function build-outs, regulatory remediation strategies, and governance modernization for institutions undergoing charter transitions or rapid scaling. Key areas of focus: • Risk-based internal audit program design and execution • BSA/AML quality assurance and compliance program development • Board and Audit Committee advisory • Regulatory examination readiness and remediation strategy • Continuous monitoring and data-driven assurance frameworks
I led the internal audit function for this $20B+ publicly traded bank (HOPE bancorp), overseeing a team executing 40+ annual engagements across IT, operations, BSA/AML, lending, and finance. I achieved 100% audit plan completion with consistent on-time delivery to the Audit Committee every year. I was recruited specifically to lead remediation of cybersecurity examination findings, closing 100% of MRIAs within three months by partnering with IT, compliance, and business leadership to implement structural improvements. I provided weekly status reporting directly to the Board throughout the remediation. I increased team productivity by 60% through restructuring staff assignments, implementing a competency-based development program, and deploying automation for recurring test procedures. I also recovered $6M in revenue by identifying systematic billing discrepancies through targeted forensic audit procedures and partnering with finance to implement permanent controls. Key contributions: • Built and led a team executing 40+ audits annually across all risk domains • Closed 100% of cybersecurity MRIAs within three months of appointment • Increased team productivity by 60% through restructuring and automation • Recovered $6M in revenue through forensic audit procedures • Championed sustainable remediation by embedding issue tracking into business roadmaps
I led the internal audit function across the Bank, managing a comprehensive audit program spanning IT general controls, operational audits, compliance, BSA/AML, lending, and financial audits. I oversaw SOX 404 testing across both IT and business process controls and delivered zero MRIAs across all examination cycles during my tenure. I established the risk assessment methodology and audit universe from scratch, creating a repeatable, risk-ranked framework that prioritized audit resources toward the highest-impact areas including core banking systems, lending operations, BSA/AML compliance, digital channels, and third-party integrations. I partnered closely with information security, compliance, and business leadership to assess and strengthen controls around vulnerability management, access governance, incident response, and regulatory compliance, ensuring alignment with FFIEC and OCC examination expectations. Key contributions: • Led the full-scope audit function across IT, operations, compliance, BSA/AML, lending, and finance with zero material weaknesses • Built the risk assessment methodology and full audit universe from scratch • Managed SOX 404 testing across IT general controls and business process controls • Partnered cross-functionally with InfoSec, compliance, and business leadership on risk and controls
I built the IT audit function from the ground up for this publicly traded fintech company, developing the audit universe, risk assessment framework, and multi-year audit plan that provided full regulatory and SOX coverage from inception. I reduced audit cycle time by 30% by redesigning the engagement methodology to integrate data analytics, automated testing, and risk-focused scoping. This enabled the team to deliver significantly more audits with the same headcount while improving coverage quality. I eliminated $3M in annual co-sourced audit spend by recruiting and developing an in-house team with the technical depth to execute IT general controls, application controls, and cybersecurity audits without external reliance. Key contributions: • Built the entire IT audit function from scratch for a public fintech • Reduced audit cycle time by 30% through methodology redesign and data analytics • Eliminated $3M in annual co-sourcing costs by building an in-house team • Delivered full regulatory and SOX audit coverage from day one