Charlie is a Director in KPMG’s Governance, Technology Risk, and Compliance organization with over 20 years of experience in both US and UK. He is recognized as a savvy leader with strengths in implementing new technologies, leading risk and vulnerability assessments, defining security controls, leading SOX ITGC audits, and advising process / control improvements. He has substantial experience working on high profile projects sponsored by the “C-Suite” both internally and as an external advisor. His industry experience encompasses the technology, aviation, life sciences, and industrial sectors among others.
Professional and Industry experience
- Security Strategy Risk & Compliance – Led the Cyber Risk Management and Vulnerability offering for clients globally. Implemented state-of-the-art Security design to help automate monitoring and protection of SAP applications, including zero-day threats. Managed a team of 17 senior security consultants in various disciplines and industries. Invited to present at multiple business conference sessions, including the 2019 Secure SAP Data Executive Luncheon in Hong Kong and 2018 World Intelligence Congress in Tianjin.
- Global Security & GRC Leadership – Led a high-profile Security and Compliance audit in Europe based on a mandate from the Federal Trade Commission (FTC). Led a cybersecurity audit on the SAP landscape and provided client with a remediation plan. Established an enterprise-wide cybersecurity program for the client. Led an ISO 27002 assessment, conducted security workshops and developed a remediation plans as well as a 5-year Security Roadmap based on ISO framework.
- SOX Internal Reporting & Cyber Assessment – As director of a major public utility company, reported to the Corporate Controller and Chief Accounting Officer on internal SOX Program status, ITGC’s, Entity Level controls and Cybersecurity posture. Effectively led and managed a team of 6 consultants and 3 employees. Aligned with business, gained executive approval, and oversaw execution of projects (Business Intelligence Integration Reporting, SOX Control Rationalization, and IAM Replacement). Identified savings of $500K per year by automating ITGC testing and SAP monitoring.
- SOX Internal Audit – Led the local internal audit team of a major telecommunications company. Responsible for managing and leading engagements, including audit planning, staffing, scoping, product deliverable review, & evaluation of staff performance after completion of the audit. Responsible for identifying issues and drawing conclusions about the adequacy and effectiveness of ICFR. Responsible for presenting audit reports and recommendations to senior management. Performed test work on System Security, User Access, SDLC, Disaster Recovery, Data Center, and Tape/Storage Management.
- Application & Network Engineering – As an engineer in the enterprise services group of a major telecommunications company, performed the CISCO IPT/ VoIP and Alcatel PCX 4400 Install / Configuration at clients. Conducted IPT Network Assessments for customers to help resolve networking issues. Responsible for supporting Call Center Solutions - utilizing Genesys 6.5 HA Model for clients. Involved in writing test scripts and testing system integration, performance, regression/load testing.