Realistic and innovative project manager with over 9 years of experience in assisting enterprises with Information Security, Risk Management, IT Governance and Regulatory Compliance; specializing in in Access Management Projects, security tools implementation, IT audit and consulting. Experienced working in different markets and geographies, including: Canada, various locations in Europe, and Israel.

ERP&GRC Division Manager @ Business Unit & Business Development manager in leading EMEA Information Security company. Leading Business unit and managing P&L cost center, responsible for a team of 12 consultants and freelancers who specialize in the following areas: - Information Technology - DRP/BCP - ERP Security - Operational Risk Management - Risk Assessment Methodologies - Internal Audit Other Relevant Specialties: Business Processes Improvements, ERP & CRM Professional Services, SAP, SAP-GRC 10.0, SOD, SDLC, Applications & Technologies, Business Intelligence, Information & Application Security, SaaS, Risk Management, Internal Audit, Sarbanes-Oxley (SOX) ITGC, DRP / BCP, PCI Compliance, SSAE16 / SOC1,2, ISO27001 From July 2013 to February 2014 (8 months) Manager - GRC and ERP security practice lead @ Part of IT Risk Services Practice management team and a lead of GRC and ERP security practice. Leading a team of 7 consultants and project managers. Some of my responsibilities included: • Project management • Planning and Budgeting • Business Development • Team management • Marketing Other Relevant Specialties: Business Process Improvement, Enterprise Risk Management, ERP selection, IT strategy, GRC Implementations, SAP Security, SOD Remediation, Sarbanes-Oxley readiness and internal controls projects, ERP risk and security assessments , Data Analytics, IT Internal Audit. From May 2011 to June 2013 (2 years 2 months) IsraelSenior Consultant | SAP GRC implementer @ Vancouver Enterprise Risk Services Practice • Lead GRC implementation • SAP security redesign to reduce SoD violations • Managed and performed multiple DQI (Data quality and integrity) audit projects for large companies. • Design, implementation of ITGC controls. • Lead several IT risk assessments in large companies. • ERP risk and security assessment public sector including focus on SAP application Sarbanes-Oxley readiness and internal controls projects. From May 2009 to May 2011 (2 years 1 month) Senior Consultant | SAP Security @ Team leader in Deloitte’s SAP security and controls practice. I was responsible for four people and was in charge of an average of 12 projects at any given time. I provided training and guidance to many clients and Deloitte personnel on the internal control requirements. • Product Manager - SOD tool for SAP and Oracle ERP systems. (United States Patent Application 20100082685) • Managed and performed multiple DQI (Data quality and integrity) audit projects for large companies. • Design, implementation of ITGC controls. • Lead several IT risk assessments in large companies. • ERP risk and security assessment in financial, manufacturing, high tech, public and consumer sectors including focus on SAP application • SAP authorizations audit and implementation. From June 2006 to May 2009 (3 years) Information Technology Analyst @ Marina worked at BPSS during her university studies. She executed several development projects and was responsible for the customers' relations. Her experience in BPSS includes among others: • Execution of several web development projects – budget management, time management, customer management, invoicing and collection. • Design of web sites according to the customer needs and technological limits. • Quality checks – delivery tests of the web sites. • Training and guidance of clients on operation of the web applications. From February 2005 to May 2006 (1 year 4 months) IsraelConsultant @ Masik – Consultant company which implements and improves of organizational procedures in enterprises and methods leading to efficiency, profitability and operating excellence. Her experience includes among others: • Execution of several projects of customer service improvement and process utilization. • Design and implementations of computer solutions using office tools for process improvement and optimization • BCP/DRP project in one of the biggest credit cards companies - process review and documentation using Aris software From November 2003 to 2005 (2 years) Mador Osh @ From 2000 to 2002 (2 years)

Master of Business Administration (M.B.A.), Management of Technology, Innovation & Entrepreneurship @ Tel Aviv University From 2011 to 2014 B.SC, Information Systems & Management @ Tel Aviv University From 2002 to 2006 Marina Segal is skilled in: Business Process, ERP, Sarbanes-Oxley Act, IT Audit, Governance, Business Process Improvement, Management, IT Strategy, Internal Audit, Security, Consulting, Project Management, Risk Management, GRC, Auditing