Scribd
Upload
14 views2 pages

David Tam Resume2 - 2 Pager

David K. Tam is a seasoned technology and cyber security leader with extensive experience in managing large teams and budgets in Fortune 100 companies. He specializes in cyber security, risk management, and digitization, with a proven track record of developing and executing strategies to reduce operational risks and ensure regulatory compliance. His professional experience includes leadership roles at MUFG Bank and JP Morgan Chase, where he successfully implemented various programs to enhance security and operational efficiency.

Uploaded by

chinsneh23
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
14 views2 pages

David Tam Resume2 - 2 Pager

David K. Tam is a seasoned technology and cyber security leader with extensive experience in managing large teams and budgets in Fortune 100 companies. He specializes in cyber security, risk management, and digitization, with a proven track record of developing and executing strategies to reduce operational risks and ensure regulatory compliance. His professional experience includes leadership roles at MUFG Bank and JP Morgan Chase, where he successfully implemented various programs to enhance security and operational efficiency.

Uploaded by

chinsneh23
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

David K.

Tam (MCP, CISA, CISM, GSLC) (917) 740-5581


[email protected]

TECHNOLOGY & CYBER SECURITY LEADER

An experienced servant leader with a history of success building and leading cohesive teams to execute and deliver key
projects and initiatives globally in fortune 100 companies. Integral team player with expertise in agile solution
development, automation, machine learning, and digitization specializing in cyber security, technology, and operational
risk management. Proven track record of developing strategy, modernizing, and building teams to transform
organizations.

AREAS OF EXPERTISE
 Leadership & Critical Thinking  Cybersecurity & Technology Risk Management
 Identity & Access Management  Audit & Regulatory Compliance
 Digitization & Automation  Complex Program & Portfolio Management
 Financial & Budget Management  Third Party Risk Management
 Business Continuity & Resiliency  AI & Data Science

PROFESSIONAL EXPERIENCE

MUFG Bank of Tokyo, Jersey City, NY 2016 - Present


Director of Cyber Security for Identity & Access Management (I&AM)
Lead a 200+ people organization and a budget of ~$55MM. Responsible for development of Cybersecurity strategy for
I&AM and execution to reduce technology and operational risk while ensuring compliance with global banking regulations
by performing risk assessment, enabling control adoption, produce KRI metrics, and demonstrating control effectiveness.
 Key contributor to the development & execution of I&AM strategy; providing regular updates to CEO and the
Executive Committee of MUFG on status of strategy execution.
 Strong engagement with key stakeholders (business units, vendors, & technology groups) to ensure the effective
collaboration across different levels of management (CEO, CIO, CTOs, CISO and regulators from the FRB and the
OCC).
 Successfully drove the Cybersecurity I&AM program to secure all highest risk applications (SOX, SOC1/SOC2,
ICRR, High Risk, GLBA, PCI, HIPAA, PII) and systems within 2 years using scrum resulting in the closure of multiple
MRAs (Matter Requiring Attention) and MRIAs (Matter Requiring Immediate Attention) from OCC and FRB.
 Developed & implemented cloud data warehouse solution enabling data mining of user access, access control
risk exposure and predictive modeling for technology operations.
 Recognized by CEO with Outstanding Contributor to Integrated Services of the Americas Award.
 Established and chaired weekly meetings with Lines of Defense (LoD) on MRA Management Action Plans,
program updates, and feedback to ensure MRA closure package meets LoD expectations.
 Established and chaired monthly Global I&AM Operating Committee with leads across different MUFG legal
entities on collaboration: knowledge sharing/lessons learned, strategy execution, and solution implementation.
 Developed and published KRIs and KPIs based on industry best practices to drive down technology risk and to
meet regulatory compliance for the Americas Risk Committee and Board reports.
 Developed and/or enhanced risk assessment methodology through RCSA for control adoption, monitoring, and
reporting that drove enforcement of technology risk policies, standards, and regulatory requirements.

JP Morgan Chase, Jersey City, NY 2009 - 2016


Roles held at JP Morgan Chase with progressive management responsibilities:
Chief of Staff for Global Identity & Access Management (GI&AM) 2014 - 2016
Owned all financial and resource management providing strategy and analysis that drives optimal resource utilization,
efficiency and quality related to the running of a 1000+ person organization.
 Achieved location strategy, productivity, financial and resource management within 1% monthly variance.
 Developed global on-boarding framework that allowed GI&AM to on-board 335 qualified resources within 5
months to accelerate the closure of access management control gaps.
 Reduced $15.5MM (14.5% of total budget) of in-direct savings and an additional $5MM of cost avoidance.
David K. Tam (MCP, CISA, CISM, GSLC) Page 2 of 2

 Implemented 3 lines of defense risk management operating model to the newly centralized GI&AM organization
to ensure proper control is effective to data access management.
Identity & Access Management Operations Manager 2011 - 2013
Tasked with improving service delivery and operational efficiency of the Identity & Access Management (400 person)
operation through data intelligence, risk management, knowledge management, and cost recovery enabling increased
productivity while reducing overall cost without compromising on control and improved customer experience.
 Created and implemented program to achieve 25% productivity/efficiency gain across GI&AM which resulted in
application & database automation, improved customer satisfaction, reduction in incident and change
management roll backs.
 Developed and implemented comprehensive BCP resiliency plan.
 Planned and implemented global centralization strategy of identity & access administration operations across all
lines of businesses.
Program Manager/Technology Operation Manager for Access Management 2009 - 2011
Tasked with improving the risk and control posture across multiple IT Risk & Security Management programs. Lead
multiple teams and projects to ensure duplicate efforts are eliminated and proper communications to stakeholders from
across all Lines of Businesses are made in a timely manner. Provided weekly and monthly progress reports to senior
management including but not limited to Firm-wide IT Risk Leadership and firm-wide I&AM management.
 Lead a team to remediate 550K request templates by removing invalid templates, identified, and assigned proper
ownership, created/updated standard operating procedures (SOP) for each service, and implemented a SOP
recertification framework.
 Created and managed a team of professionals to engage lines of businesses to transition standalone access
administration functions for applications/databases/platforms into the corporate center.

PNC Consulting Services Inc., New York, NY 2004 - 2009


IT Risk Management Director
Lead multiple engagement teams at executive level while demonstrating a thorough understanding of complex business
issues to transform them into technology solutions. Possess strong knowledge of and experience in supervising and
executing all phases of the technology life cycle, based on proven project management and testing methodologies.
Demonstrated success managing Networking, Software Design, Quality Assurance, Product Development, Business
Continuity Planning, and Process Reengineering with deep experience in enterprise Identity & Access Management, Risk
Management, start-up, and turnaround that develop leading-edge applications for diverse industry channels.

XStormtech Inc. Helmetta, NJ (sold to AppIQ, a division of Hewlett Packard) 2002 - 2004
COO and co-Founder
Co-Founder tasked with product development, start-up, and growth of a premier Storage Resource Management
software company. Formulated strategic vision, business plan, objectives, and first-round funding; created fully functional
corporate infrastructure to support rapid growth, all policies, and procedures, operational, merchandising and marketing
strategies, an in-house call center, customer service system, performance benchmarks, and vendor/product fulfillment
relations.

Deutsche Bank, New York, NY 1999 - 2002


Vice President -Global WinTel Storage and Application Engineering Manager
Provided day-to-day management of staffs and development in a global matrix environment. A WinTel architect that
designed and deployed the industry’s first storage strategy which transformed IT from a cost center to a service provider.
These strategy and design documents have been referenced by numerous industry vendors (i.e., HP/Compaq, NTP
Software, WQuinn, Veritas) since March of 2001 and have help shaped the development of their products.

EDUCATION
BA in Business Management and BS in Information Systems – Binghamton University
Data Privacy Professional – IAPP/US

You might also like