Nancy Rodriguez

Current

• SVP, Information Security at Citicorp

Past

• eBusiness Control Manager (Interim Position) at Citi Global Consumer Bank, Front Office Control
• Manager Quality Assurance / Change & Configuration Control at Crossmar, Inc., a subsidiary of Citigroup
• e-Business Delivery Manager and BISO at Citigroup/e-Business, Business Technology Unit

• e-Business Delivery Manager and BISO at Citigroup/Global Corporate Investment Bank (GCIB), e-Business
• Director of Operations and BISO at Citigroup/e-Citi Commerce Enabling Solutions
• Director Digital Infrastructure at Netlan Technology Center
• Senior Project Manager / Lead Applications Engineer at Integrated Computer Management (ICM)
• Business Planning Analyst at University of Medicine & Dentistry of NJ (UMNDJ)
• Information Systems Coordinator at County of Pike
• System Administrator at IMCOR (Interim Management Corp.)
• Training and Development Specialist at Fulbright & Jaworski
• Supervisor, Word Processing at Richards and O’Neil
• Instructor, Operations Training at Parnassus, Inc.

see less...

10 more...

Education

• Long Island University, C.W. Post Campus

Recommended

11 people have recommended Nancy

Connections

213 connections

Industry

Financial Services

Nancy Rodriguez’s Summary

I am a CISSP with over 25 years of combined operations and technology, and information security experience in the financial services, legal, private, public and local government sectors. The past 10 years have been spent at Citi, applying my skills in the development, management, and enforcement of information security initiatives across both the Corporate and Consumer Sectors. Recently I have led the PCI Compliance initiative across Citi Global Consumer.

As Senior Vice President, I currently manage a team of 6 information security officers, across two of the largest Citi Credit Card Organizations. I strongly believe in managing by objectives and early goal-setting, and stretching ones comfort zone to maximize growth potential. My direct management experience spans 15+ years, and I have directly managed over 17 highly technical engineers in providing consulting services to Fortune 100 companies.

My leadership strength involves strategically planning and successfully delivering solid results. I have a proven track record in the IT industry, specifically in the following areas:

•Experience working in a team-oriented, collaborative environment.

•Extensive understanding and experience with security policies, procedures, standards, incident response, security awareness, change management process, quality assurance testing, SDLC, and access controls.

•High-level analytical and problem-solving abilities.

My skills in project management are a key component of prior responsibilities, and have been an invaluable asset in driving my ability to successfully deliver at Citi. I have a wide breadth of experience managing large-scale projects, some global, and I understand the need for diplomacy in managing cross-organizational and cross-functional projects.

Nancy Rodriguez’s Specialties:

Certified Information Systems Security Professional (CISSP).

Nancy Rodriguez’s Experience

• SVP, Information Security

  Citicorp

  (Public Company; C; Banking industry)

  June 2003 — Present (6 years 7 months)

  Recently collaborated with senior management, compliance, & internal auditors to call their attention to legal & information security concerns around the Payment Card Industry (PCI) compliance requirements. Engaged key stakeholders across Citi International to develop a repeatable process to annually recertify.
  
  Manage a team of Business Information Security Officers (BISO's) across two front office organizations in the credit card division. The team responded to a Corporate directive to reduce expenses by reviewing existing practices and identifying critical areas to review. As a result, changes were made to best practices in the areas of vulnerability assessments, as well as assessments of third party security controls. As a result, a total savings of over $100K was realized by revenue-generating organizations.
  
  Consistency and efficiency was realized across Citi Cards Front Office by developing a core set of Common Processes.

• eBusiness Control Manager (Interim Position)

  Citi Global Consumer Bank, Front Office Control

  (Financial Services industry)

  December 2006 — July 2007 (8 months)

  Asked to serve as the Interim eBusiness Control Manager while this position was being sourced. Led and coordinated the successful 2007 Audit & Risk Review, resulting in a Satisfactory Control Rating, and an Effective Risk Control Self Assessment Rating (RCSA), demonstrating an improvement from the prior audit. Citi's Operational Risk RCSA framework was used to guide and direct statutory compliance according to the regulatory agency requirements. Interfaced with senior management, subject matter experts, and other individuals with control responsibilities to ensure that control-related activities were effectively and efficiently aligned. Developed solid senior line management relationships, as well as a strong understanding of the assigned business units.

• Manager Quality Assurance / Change & Configuration Control

  Crossmar, Inc., a subsidiary of Citigroup

  (Financial Services industry)

  June 2002 — June 2003 (1 year 1 month)

  Took over management of this 7-person team, and within 3 months instituted a formal methodology for automating the regression testing of applications, including the creation of detailed test cases (which previously did not exist). Evaluated and procured a suite of test tools to streamline functional and performance testing. Projects included web-based client server applications, while conducting performance, acceptance, functional, and regression testing, as well as stress testing.
  
  Through newly instituted processes and procedures, reduced the number of unscheduled Configuration Management events by 35%, and improved the accuracy of functional and performance test results across the organization. This was achieved by the evaluation and selection of a configuration management tool to streamline current processes, and improve performance. This implementation resulted in more effective development practices, as well as administrative management, ultimately reducing costs.

• e-Business Delivery Manager and BISO

  Citigroup/e-Business, Business Technology Unit

  (Financial Services industry)

  July 2001 — July 2002 (1 year 1 month)

  Due to an internal reorg, responsible for the successful commercial conversion of EAB bank to Citibank's CBNA. Worked closely with both the Consumer and Corporate UAT teams to ensure smooth transition to production. Managed the implementation and delivery of a corporate Multi-Bank Cash Concentration solution from an external vendor, using cross-functional and cross-organizational remote teams.
  
  As BISO, ensured information security solutions were consistent with both policy and corporate architectural directions. In this regard, managed the compliance review of external vendors’ hosting facilities and services. Identified gaps, brought in security and infrastructure consultants, and managed through to remediation.
  
  Managed the evaluation of Identrus as a PKI infrastructure solution for Citi, and assisted in development of the business case. Successfully worked with internal operations to identify and select appropriate PKI vendor, and smart card solution.

• e-Business Delivery Manager and BISO

  Citigroup/Global Corporate Investment Bank (GCIB), e-Business

  (Financial Services industry)

  January 2000 — January 2001 (1 year 1 month)

  A reorganization resulted in management of cross-functional teams to implement and deliver the Citibank Procurement Connection marketplace. Received recognition for the quality of operational support delivered.
  
  •Negotiated discounted contract with outsourced vendor to provide customer support, including a global training plan for end users, hosting operations personnel, & customer support staff.
  
  •Developed North American customer service model, including call center functionality with Levels 1 through 4 support.
  
  •Implemented infrastructure plan, including negotiating a contract for hosted operations, customer service, & service level agreements (including MIS reporting), as well as continuity of business plan.
  
  •Expanded responsibilities in taking an active, leadership role in identifying & resolving all security gaps for the business.
  
  •Managed CommerceOne to ensure that both the application and the hosting facilities met Citi security policy and standards.

• Director of Operations and BISO

  Citigroup/e-Citi Commerce Enabling Solutions

  (Financial Services industry)

  August 1999 — January 2000 (6 months)

  Overall responsibility for developing, coordinating, and managing the Operations of Citigroup’s premier electronic commerce initiatives for e-Citi's Global 2000 customers. Achievements include:
  
  •Managed the design and implementation of e-Citi’s hosted e-procurement initiative, deployed throughout 6 countries, 3 currencies, and 2 languages.
  
  •Developed, negotiated, & implemented a customer service & support infrastructure, and bridged with existing customer service help desk staff. An aggressive deadline was met on time, and within budget.
  
  •Managed the deployment of an information repository, as well as the necessary tools, policies & procedures for content management, site management & branding.
  
  •Participated in core architecture and management teams, specifically developing security architecture diagrams as the Business Information Security Officer.

• Director Digital Infrastructure

  Netlan Technology Center

  (Privately Held; 1-10 employees; Information Technology and Services industry)

  August 1998 — August 1999 (1 year 1 month)

  Direct Management of 17 engineers and architects, responsible for implementation of highly technical projects at client sites. Performed engagement management and project management functions for several Internet and Intranet sites. Reviewed project performance/quality issues for all. Financial and P&L responsibility for the billing revenue of 17 direct reports, generating $3 million in annual professional services revenue. Responsible for managing Netlan’s Fortune 500 accounts, providing pre- and post-sales activities to identify and develop new business opportunities with existing & new clients. These activities included providing technical subject matter expertise, generating Statements of Work (SOW’s), proposals, as well as preparing/delivering client pre-sales presentations, and hosting client kick-off meetings.

• Senior Project Manager / Lead Applications Engineer

  Integrated Computer Management (ICM)

  (Computer & Network Security industry)

  July 1997 — July 1998 (1 year 1 month)

  Provided professional services in developing business-critical information management systems for ICM's clients, including the coordination of all aspects of a project, from consultant time and task-based management to budget and client management. Integrated new electronic workplace architectures and designs within existing infrastructures. Recognized as ICM’s “Top Revenue Generating Engineer” of 1998.

• Business Planning Analyst

  University of Medicine & Dentistry of NJ (UMNDJ)

  (Higher Education industry)

  October 1993 — July 1997 (3 years 10 months)

  Collaborated with internal customers of this 15,000+ teaching University Hospital to collect integration needs and/or evaluate effectiveness of current systems as they related to business needs. Analyzed issues, diagnosed problems, and recommended technical and procedural solutions. Established project plans, strategies, tactics and goals for the development and deployment of technology solutions. Founded and managed the University Campus Computer Store and its staff, along with its web sites, which provided over $4 million of computer-related hardware, software, and peripherals on an annual basis. Developed RFPs, performed due diligence, and wrote technical specifications, to set the strategic direction for hardware and software platforms, as well as services, across the University.

• Information Systems Coordinator

  County of Pike

  (Government Administration industry)

  January 1992 — October 1993 (1 year 10 months)

  Hired as County's first Information Systems Coordinator, providing strategic planning for, and coordination of, the development and integration of Pike County's information systems. Designed, installed, and administered 8 Novell Local Area Networks (LANs) throughout County (including the offices of the District Attorney, Voter Registration, Probation & Parole, the County Jail, and Children Protection Services). Reduced computer service providers' monthly fee by 50% by drafting a contract with County Solicitor. Reduced the county's annual fees by 35% in recurring costs, by performing a countywide assessment and developing an RFP for hardware and networking software. Bid-out, and implemented a Voter Registration system, saving the County over 45% in recurring, annual fees.

• System Administrator

  IMCOR (Interim Management Corp.)

  (Staffing and Recruiting industry)

  August 1988 — December 1991 (3 years 5 months)

  Was hired as the first employee of this start-up, senior level (CEO) executive placement firm, initially located in New York. Was promoted and relocated to Connecticut to participate in new business development, subsequently responsible for hiring, training personnel, and instituting systems procedures. Designed and installed company Novell LAN across 3 states.

• Training and Development Specialist

  Fulbright & Jaworski

  (Legal Services industry)

  January 1988 — August 1988 (8 months)

  Developed, designed, and taught curriculum for over 250 legal and support staff, including senior partners. Assisted in evaluation, selection, and presentation of applicable new technologies for widespread use. Performed user needs analysis and formal presentations to support new applications.

• Supervisor, Word Processing

  Richards and O’Neil

  (Legal Services industry)

  June 1987 — November 1987 (6 months)

  Monitored and delegated all workflow of this law firm’s data center by working with professional staff and senior partners to ascertain needs and scheduling requirements. Directed a daytime staff of over 15 data processors. Managed the successful conversion of over 900 documents from IBM 5520 to Barrister AWP.

• Instructor, Operations Training

  Parnassus, Inc.

  (Information Technology and Services industry)

  October 1985 — April 1987 (1 year 7 months)

  Taught mainframe operations, either in-house or at consortiums, to various clients, including:
  
  -The White House (military personnel)
  -The United States Postal Service
  -Goldman Sachs
  -The Federal Reserve
  -Merrill Lynch
  -Philip Morris
  -The Franklin Mint
  -Prudential Insurance
  -Manufacturers Hanover Trust
  -Prudential Bache Securities
  
  Wrote all course material, slides, overheads, handouts, JCL exercises & flow charts. Courses were taught on the following: MVS/XA, DOS/VSE, VM/CMS, TSO, JES2, OS JCL, POWER, VTAM, CICS and SNA.

Nancy Rodriguez’s Education

• Long Island University, C.W. Post Campus

  B.A , Communication Arts , 1979 — 1983

Additional Information

Nancy Rodriguez’s Groups:

•2009 Volunteer for Citi's Mentor Program
•2009 Citi Representative - Payment Card Industry Security Standards Council (PCI SSC) Board of Advisors
•2008 Volunteer for Citi’s Mentor Program
•2008 Junior Achievement of NY Volunteer
•Member, Citi Hispanic Employee Network
•Member, International Information Systems Security Certification Consortium, Inc., (ISC)²
• NY Metro Information Systems Security Association (NYMISSA)
•Member, Computer Security Institute (CSI)
•Network Professionals Association (NPA)
•National Association of Female Executives (NAFE)

•    Executive Suite
•    On Startups - The Community For Entrepreneurs
•    Citi Global Alumni Network (Citi Network)
•    The Recruitment Network
•    Payment Systems Network
•    Information Security Network
•    Financial Services - Technology Risk, Audit & Information Security (FS-TRAIS)
•    Women in Information Security
•    Information Security Worldwide
•    Long Island University – C.W. Post Campus Alumni Association Network
•    CISSP's
•    Leadership Landing
•    ISACA Buenos Aires Chapter

Nancy Rodriguez’s Honors:

•Information Security Officer of the Year, 2008
•Chairman’s Leadership Award, 2005
•Citi Cards Above and Beyond Award, 2003
•e-Awareness Program Completion, 2001
•e-Citi Excellence in Achievement Award, 2000