Christopher Davis

Experience

• 

  ECC Puk-Pusan

  Jan 1995 - Jan 1996

  Teacher

  Worked as an English as a Second Language Instructor for children’s classes at a language institute. Responsibilities included developing appropriate lesson plans and activities, and documenting student progress.

• 

  Panache

  Jan 2001 - Jan 2002

  Contractor, Information Security Analyst

  Deployed to Deutsche Bank Securities Limited and an Identity Access Management administrator. Responsible for the processing of account creations, modification and deletions on proprietary and vendor developed application and infrastructure systems.

• 

  Deutsche Securities Limited

  Jan 2002 - Jan 2003

  Analyst, Information Security Administrator

  Converted from contractor to permanent employee at Deutsche Bank. Accepted leadership role in the Identity Management team. Responsible for supervising two other staff in their day-to-day operations, as well as, developing and documenting improved processes and controls for more efficient handling of client requests and assisting with audit coordination activities. Developed program for the structured transition of identity management processes from application support teams to Identity Management Services team. Show less

• 

  Deutsche Bank Japan

  Jan 2004 - Jan 2006

  Associate, Identity and Access Management, IT Security Analyst & Project Manager

  Continued managing local identity management services team. Responsible for coordinating the development of a request, approval and workflow system. Successfully managed project for the offshoring of identity management services. Responsible for managing the relationship between stakeholders, local staff and the offshore identity management team. Responsible for reviewing and approving internetwork connectivity requests and developing and managing processes around Enterprise State Monitoring tool. Validated and approved exception handling in the state monitoring tool by assessing risks and by reviewing exceptions and mitigating controls. Show less

• 

  Deutsche Bank Asia Pacific Head Office

  Jan 2007 - Dec 2012

  Vice President, APAC Head of Identity Management Services

  Responsible for direct management of the onshore Identity Management Services team and for managing the relationship between our local stakeholders and the offshore Identity Management team. Ensured appropriate metric reporting was in place and valid. Developed policies, processes and controls around user lifecycle management from onboarding end users, to application account provisioning, entitlement recertification, and offboarding. Implemented structured process for integrating applications with an identity data warehouse to improve deprovisioning of entitlements. Developed program for identifying the key application requirements for effective user lifecycle management and transitioning applications to a central administration function. Remediated large and complex legacy infrastructure environments to comply with new, stricter identity lifecycle management policies and processes. Implemented improved controls over privileged access provisioning processes. Responsible for managing the enhancements and support of identity management request, approval and workflow system, from the design of request forms to the approval interface. Reviewed and validated request and approval process to ensure we met internal, external and regulatory audit expectations. Show less

• 

  Deutsche Bank Group

  Jan 2009 - Mar 2011

  Assistant Vice President, APAC Head of Disaster Recovery Planning & Business Continuity Management

  Responsible for developing a comprehensive disaster recovery plan for the Singapore hub data centers. Implemented a standardized process for scoping, planning and executing disaster recovery tests. Developed and deployed template based application and infrastructure disaster recovery plans. Successfully planned and executed three full isolation disaster recovery tests of our primary data center.Responsible for ensuring that all infrastructure support teams had up-to-date Business Continuity plans by reviewing and confirming their feasibility. Performed semi-annual reviews of their plans, their strategies and specific recovery processes to ensure compliance with requirements. Developed and conducted staff training programs and executed a number of Business Continuity test scenarios. Show less

• 

  Deutsche Bank

  Mar 2009 - Mar 2014

  Vice President, CISO CyberSecurity - Global Head of Neutral Control & Control Server Support

  I directly manage two global support teams based in Singapore comprised of approximately sixty staff. I am responsible for all facets of the teams’ management ranging from operational procedure reviews and analysis, policy development and enforcement, budgeting, key metric reporting, and stakeholder and management engagement. As the manager of the the Control Server Support team I am responsible for overseeing a segregated team that manages the infrastructure and applications associated with systems governing privileged access, system logging solutions, Security Information and Event Management, and enterprise state monitoring solutions. In this capacity, I manage the design, documentation and structured deployment of privileged access controls to ensure smooth, structured transitions and regulatory audit compliance. As the manager of the Global Head of Neutral Control I am responsible for managing a team of analysts who govern privileged access to the production environment, monitor privileged access, review privileged access logs, and perform forensic analysis of production incidents. I have designed, documented, and overseen the development and deployment of systems that perform automated analysis of privileged access events that ensure those sessions with the highest risk are reviewed on a risk-weighted basis in order to best meet regulatory expectations. In addition to my primary roles, I act as the APAC Manager on Duty for Cyber Security incidents, coordinating the management of these incidents with the various technical support groups to collect relevant data for forensic analysis to ascertain the indents’ severities, containment methods, risk mitigation and remediation. I am the central point of contact for internal, external and regulatory audits regarding Information Technology Security controls, Identity Management, Incident Management, and IT Security Compliance. Show less

• 

  Major US Financial Institution

  Apr 2014 - now

  Data Loss Prevention / Insider Threat Program Manager