Joe Lee

Cyber GRC Program Manager | Cybersecurity and Privacy | ex-Meta, ex-PwC

Atlanta, GA, United States

Details

Education: Bachelor of Business Administration - BBA

Management Information Systems, Marketing, Entrepreneurship Certificate

University of Georgia - Terry College of Business

Dual Enrollment

Business

Columbus State University

Experience: 2023 : Present

Aprio

Cybersecurity GRC & Privacy Program Manager

Led and coordinated multiple projects and teams while ensuring effective project execution, continuous improvement, and communication at all levels. Additionally, managed competing priorities and integrated information from various privacy domains/frameworks to solve complex problems and deliver high-quality results.

• Proactively identified critical workstreams and developed comprehensive roadmaps that led to an increase in on-time project delivery, fostering seamless collaboration with cross-functional teams (Product, Policy, Legal, Comms, Research, Content) and ensuring the successful achievement of project milestones.

• Spearheaded weekly meetings with key stakeholders by documenting and communicating project status updates and action items, resulting in a 30% reduction in project blockers and increased alignment across teams.

• Drove effective communication and knowledge sharing by creating and maintaining consistent update posts and centralized dashboards for various programs, resulting in a 50% improvement in information accessibility and benefiting a team of 50+ cross-functional team members.

• Provided crucial support to Legal teams to address privacy concerns and follow regulations such as General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant privacy laws, which resulted in an increased compliance rate and a strengthened privacy-focused ecosystem.

2021 : 2023

Meta

Privacy Legal Program Manager

Cybersecurity Third Party Risk Management (TPRM) - Fortune 100 Financial Services Company

• Evaluated cybersecurity risks over a period of 12 months and developed remediation actions for the client by coordinating weekly assessments with C-Level Executive Information Security personnel, which contributed to the company's enhanced security posture and regulatory adherence.

• Strengthened security of the client's data by planning, evaluating, and reporting on the third parties' user access management, application security, business continuity, cloud security, data management, data and network security, information security, and physical security (NIST, ISO, CIS, SOC Frameworks), resulting in a 15% improvement in overall third-party security compliance.

• Delivered 20+ high-quality deliverables a week collectively to the client by effectively collaborating in a fast-paced environment with a team of 20 members across the U.S., U.K., and India, resulting in an increase in client satisfaction and timely completion.

Internal Audit / Process Assurance

• Support the internal audit engagement by assessing the client’s internal governance, risk, and compliance processes and planning, designing, and performing two to three audits per quarter to increase efficiency and risk coverage

• Assess gaps in various department processes by conducting quarterly interviews with key stakeholders and create improvement opportunities for the senior management

• Expedite the client’s understanding of complex business processes and network environment by designing flowcharts that detailed in-scope systems and procedures

• Execute Business Process and IT controls testing and consulting services for both private and publicly traded Fortune 500 companies across a wide variety of industries

• Perform SOX 404/IT General Controls (ITGC) testing, Key Reports, and Year End Procedures

2019 : 2021

PwC

Cybersecurity and Privacy Experienced Associate

Microsoft Dynamics 365 Consulting Intern - Former Fortune 500 Restaurant and Government Companies

• Contributed to Dynamics 365 AX/CRM team projects by helping clients configure systems to specific requirements to increase process efficiencies

• Provided support to the AX/CRM consultants by actively being involved in the planning stage and implementing solutions to the client's issues

• Assisted the client's development process by creating functional designs and facilitating the decision-making process

• Centralized important documentation dealing with Velosio's merger and acquisition by properly categorizing and importing documentation into an internal SharePoint

2018 : 2018

Velosio

Consulting Intern

• Assisted students with technical problems such as navigating through vLab or enrolling in dual-factor authentication

• Administered more than 100+ high-cost technology equipment to students

• Monitored 150+ thin clients and performed walk throughs every hour to ensure proper functionality among each floor.

2017 : 2018

University of Georgia

EITS Consultant

Company: Aprio

Years of Experience: 8

Spoken Language: English, Korean, Spanish

Skills Amazon Web Services (AWS), Business Continuity, Cloud Computing, Communication, Consulting, Cross-team Collaboration, Cybersecurity, Data Governance, Data Management, Data Privacy, Data Security, General Data Protection Regulation (GDPR), Google Suite, Governance, Risk, and Compliance, Information Assurance, Information Security, Microsoft Office, MySQL, Network Security, NIST 800-53, Physical Security, Priority Management, Privacy Compliance, Privacy Law, Privacy Policies, Privacy Regulations, Problem Solving, Project Management, Project Planning, Quality Assurance, Quality Assurance Review, Regulatory Compliance, Risk Assessment, Security Compliance, SOC 2, Tableau, Time Management

About I am a highly skilled professional with a strong background in project/program management, legal operations, privacy, third party risk management, and compliance. With four years of experience as a Program Manager for the Legal department at Meta (Fortune 30 company) and Cybersecurity Experienced Associate at PwC (Fortune 100 clients), I have possessed a comprehensive understanding of key regulations and frameworks including privacy laws (GDPR, CCPA, CPRA and other applicable laws) and data protection frameworks such as National Institute of Standards and Technology (NIST), ISO 27001, SOC 2, Center for Internet Security (CIS), and Payment Card Industry (PCI). My experience in these areas enable me to successfully navigate the complex regulatory landscape efficiently.

I have demonstrated the ability to coordinate cross-functional teams and successfully manage critical workstreams. My strong problem-solving abilities, attention to detail, and organizational skills contribute to working with a wide variety of stakeholders on various privacy and compliance initiatives.

A few of my hobbies includes cooking/eating good food, playing the cello, and volunteering. My interests include emerging technology (AI/VR, Blockchain/crypto), cybersecurity/privacy, personal finance, and building relationships.

Key Skills | Qualifications

Privacy Principles | Privacy Laws | Data Protection | | Program Management | Process Management | Risk Assessments | Data and Network Security | IT Compliance | Cloud Security | Information Security | Quality Assurance | Third Party Risk Management | Project Plans | Playbook Creation | Prioritization | Time Management | Written and Verbal Communication | Organizational | Critical Thinking