Natalia S.

Experience

• 

  MONTLICK & ASSOCIATES, Attorneys at Law

  Jan 2009 - Jan 2011

  Legal Assistant
• 

  InComm

  Jan 2013 - Jan 2014

  Information Technology Intern
• 

  InComm

  Jun 2014 - Dec 2015

  Information Technology Problem Management Analyst

  Assumed a full-time position within a newly established role; tasked with defining the problem management process and ensuring seamless execution across operational teams. Guided root cause investigations and coordinated initiatives for implementing corrective and preventative measures.➣ Strengthened incident detection of chronic and major issues through meticulous trend analysis.➣ Fostered heightened collaboration between technical and business units by orchestrating weekly analysis and remediation touchpoint meetings aimed to identify and enact permanent solutions.➣ Ran incident management activities, providing hands-on support in resolving priority one and two incidents in partnership with the service desk while adhering to strict ticket management processes.➣ Generated root cause analysis (RCA) reports, catering to stakeholders and external customer communications. Show less

• 

  InComm

  Sept 2016 - Jul 2019

  Promoted to coordinate and lead high-profile compliance and security projects organization-wide.➣ Led the planning, requirements gathering, and development of the Vulnerability Management Program and the automation implementation of the ServiceNow vulnerability response module. ➣ Partnered with executive leadership, enterprise risk, and information security teams to gather business requirements and execute the implementation of the McAfee DLP e-mail criteria for a new acquisition.➣ Created and presented intricate dashboards with weekly metrics and status updates for senior leadership. Show less Integral member of a five-person compliance team. Worked with executive and department leaders to assess short and long-term security compliance needs. Provided hands-on mentoring and onboarding of new hires and interns.➣ Established and cultivated productive working relationships with multiple internal business units to evaluate, draft, and recommend improvements to company policies, standards, and procedures.➣ Drove the Enterprise Policy Management Program’s development, adoption, and governance within the GRC ServiceNow module.➣ Constructed and led security engagement activities for 500 employees for Security Awareness Week.➣ Joined forces with information security, risk management, technology, and executive leadership to ensure continuous progress on vulnerability management remediation and penetration testing.➣ Assisted compliance program managers with regulatory and project audits, coordinating requests, collecting samples, tracking issues, and formulating remediation plans. Show less

  • Program Manager, Security & Compliance

    Jun 2019 - Jul 2019

  • Compliance Project Manager

    May 2018 - Jun 2019

  • Compliance Specialist

    Sept 2016 - May 2018
• 

  IHG Hotels & Resorts

  Jul 2019 - now

  Promoted to assume a newly created role to direct and lead ServiceNow’s platform direction, practices, and procedures at IHG. In charge of defining the platform’s strategic direction and ensure it aligns with the company’s vision, roadmap, and governance. Supervises a team leading hiring, training, and development.➣ Instituted a platform governance framework, boosting operational efficiency, transparency, and accountability by clearly defining roles and responsibilities within the governance structure.➣ Formed a ServiceNow Executive Steering Committee to foster cross-functional collaboration, transparency, and accountability, and drive the ServiceNow-first strategy.➣ Formalized the engagement and demand process, resulting in improved communication between stakeholders and ServiceNow teams and achieving a 60% increase in ServiceNow utilization.➣ Led efforts to rebuild and strengthen the partnership with ServiceNow as a strategic vendor, restoring trust and confidence and improving support responsiveness and proactive vendor engagement. ➣ Contributed to the enterprise platform renewal process, overseeing the evaluation, negotiation, and development of the executive business case for the renewal agreement➣ Led the development of the platform's direction to align with business strategy, roadmap, and user experience.➣ Established an engagement framework to identify and evaluate stakeholder ideas, concept proof of values, and create a platform technological roadmap.➣ Partnered in recommending, assessing, and evaluating new features in the platform with ServiceNow releases and their suitability and applicability in the current environment. Show less Supervised a four-person team with accountability for 15 additional personnel globally, including offshore resources. Defined strategies, budgets, and initiatives for corporate and hotel security, security policy, and ServiceNow GRC programs. Engaged with IHG and technology resources to assess corporate technology, processes, and overall security.➣ Saved $450,000 from scaling down the PCI SAQ program for SAQ completion rates at the hotels.➣ Consolidated the global infosec policies from 39 to 13 aligned with regulations and best-practice frameworks (NIST CSF, CIS, CCPA, HIPAA, GDPR, SOX, PCI) and approved by the governance body.➣ Produced streamlined InfoSec policies directly tied to applicable standards and regulations to identify policy gaps and ensure remediation activities were budgeted and planned accordingly.➣ Led the evolution and maturation of IHG's Global Enterprise Hotel Security Compliance Program, including creating the business case for a global security compliance group and offshore team to handle annual PCI CMH assessments.➣ Re-engineered the SAQ attestation process using an existing tool at no cost, exceeding the SAQ attestation completion rate compared to previous years.➣ Headed up vendor management efforts to implement the CMH SAQ process for enhancing vendor risk and policy management, overseeing the project’s initiation, execution, and closure.➣ Built and launched the enterprise information security policy and governance strategy, establishing a steering committee for accountability, decision making, and reporting of policy control compliance. Show less Managed an offshore developer and oversaw the GRC ServiceNow Program, including developing a governance framework, product roadmap, milestone tracking, end-user training, and executing deliverables. Synchronized with the ServiceNow platform team to institute technical governance processes and set roles and responsibilities.➣ Implemented the ServiceNow GRC governance model and enhanced customer satisfaction with the GRC solution from 50% to 83% over a two-year period➣ Orchestrated vendor management activities (Crowe, KPMG, PwC) associated with the conception, integration, and backing of applications (GRC/vendor risk modules) and the GRC platform.➣ Administered bi-annual feedback surveys to drive platform improvements based on stakeholder feedback.➣ Directed the execution of operational requests for GRC module enhancements and optimization, adhering to an agile software development life cycle.➣ Aligned with influential stakeholders to identify business requirements and effectively operationalize them through the GRC and vendor risk modules. Show less

  • Director, ServiceNow Governance and Enablement

    Feb 2023 - now

  • Director, Security Policy, and Compliance

    Nov 2020 - Feb 2023

  • Manager, Governance, Risk, and Compliance

    Jul 2019 - Oct 2020
• 

  ServiceNow

  Jan 2020 - Jan 2023

  Product Advisory Council Member

  Chosen by ServiceNow to serve in the product council for three consecutive years, representing IHG and the governance risk and compliance space. Shared industry knowledge and influenced changes to the GRC, VRM product strategy.