Board Nominees 2023 - 2024
Carol K. Gonzales
Carol Gonzales currently serves as Cal Poly Pomona’s AVP for IT Security & Compliance/Chief Information Security Officer/Chief Privacy Officer. She has over 30 years of experience in government, higher education, and financial service sectors with experience in security, audit, project management, and IT service operations. At Cal Poly Pomona, Carol is responsible for the information security and compliance management strategy and programs including the adoption of campus IT policies and procedures, all IT auditing and risk management projects, as well as accessible technology and services for persons with disabilities. She also works with the support of the IT teams to support business continuity and disaster recovery. Carol also serves as an adjunct professor at Cal Poly Pomona’s College of Business Computer Information Systems department.
Carol is an active member of ISACA and has served in various chapter leadership roles as early as 1996. She currently serves as Vice President, where she has supported successful virtual membership and in-person events. She has also been an active partner with the Academic Relations committee. She has been a facilitator and presenter at the ISACA LA Spring Conference and CISA review sessions.
Carol is a proud alumnus of Cal Poly Pomona where she earned her Bachelor of Science in Computer Science and Master of Science in Business Administration with an emphasis in IS Auditing. She earned her doctorate from Claremont Graduate University in Information Systems and Technology.
Carol is a Certified Information Systems Auditor (CISA), Certified Data Privacy Solutions Engineer (CDPSE), and has the ITILv3 (Information Technology Infrastructure Library) certification.
Carl Grifka is the Chief Financial Officer of Cinionic and Principal of Newport Consulting LLC. Carl is a dynamic Finance and IT leader specializing in finance, IT security/risk, project management, lean process design, and risk advisory solutions. Carl leads Newport Consulting LLC’s IT consulting division and new international Flex Specialist Center. Carl is also the CFO/Compliance Officer leading Cinionic’s finance department and global initiatives to finance new OPEX service models in the cinema industry. Before joining Newport Consulting LLC and Cinionic, Carl consulted at RSM LLP, specializing in IT and Finance advisory, in internal audit at General Motors, and as a revenue agent for the Internal Revenue Service. Carl holds CISM, CISA, PMP, and CDPSE certifications.
Raquel de Leon
Raquel de Leon is a Senior Internal Audit Manager for Reliance Steel and Aluminum Co. She oversees IT audits as well as provides guidance on non-IT audits, in addition to supporting the Reliance internal audit department in all aspects. Prior to Reliance, she worked with KPMG in the Advisory practice and worked in internal auditing and business process improvement in the airline industry.
Over Raquel’s 20+ years of comprehensive experience in IT, financial and operational audits, she has built up a solid foundation in auditing principles, frameworks and methodologies and technical proficiency in various IT systems. Raquel is adept with managing cross-functional teams and collaborating with stakeholders at all levels. She is analytical and highly skilled in identifying risks and recommending risk mitigation strategies. She is relied upon for her leadership and emphasis on quality in directing complex and critical assignments.
As someone who considers herself to be a lifelong learner, Raquel is committed to continuous professional development and constantly encourages learning and growth among her peers and team. She has extended her influence by being a CISA Instructor for the ISACA LA Chapter. She is a Certified Information Systems Auditor (CISA), a Certified Internal Auditor (CIA), and a Platinum member of ISACA.
Cynthia is currently the controller for Sunny Hills Management Company, a property management company. She leads the software program changes and is heavily involved in operational processes in the company. She is good at program and project implementation, vendor management, and cross-functional collaboration. Previously, she worked for PwC in Risk Assurance Practice for 3 years, specializing in internal / IT audit, Sarbanes-Oxley (SOX) compliance, and SOC 1 or 2 reports.
Cynthia is a Certified Public Accountant (CPA) and Certified Information Systems Auditor (CISA). Cynthia is an active member of the ISACA LA Chapter and has served in various chapter roles for 3 years.
Director Nominees 2023-2024
Cuc currently serves as Cal State Long Beach’s Information Security Officer. She has over 20 years of experience in governance, risk, and compliance. At CSULB, Cuc is responsible for maturing the campus’ information security and privacy programs. She also oversees security operations, awareness and education, compliance, and risk management strategies. Prior to CSULB, Cuc has worked with a wide range of industries including automotive, financial services, healthcare, and security professional services, leading diverse, cross-functional teams in both private and public sectors domestically and globally. Cuc is a lifelong learner and is driven to elevating cultural responsibility, stewardship, and advocacy through education and awareness.
Faron has worked in technical sales for 20 years. His expertise includes process automation, information governance, and cybersecurity. Faron has broad experience from years in the Legal Solutions Group at Open Text to creating commercial solutions with open source platforms like Alfresco and Ephesoft. At BlackBerry, Faron now focuses on the Security spoke of the Information Governance wheel designing solutions that ensure the security of people, endpoints, and content everywhere business happens. Faron is an active participant and supporter of ARMA & ISACA. Currently, he serves as President of ARMA- Greater Los Angeles chapter and as the Marketing Chair for the Los Angeles chapter of ISACA. When not working, you’re likely to find him in the mountains on a bike, skis, or in hiking boots.
Ghalib Kassam currently serves as the Executive Vice President (EVP) and Chief Information and Security Officer (CIO & CISO) at the California Times, which owns and operates Los Angeles Times, Los Angeles Times Studios, San Diego Union-Tribune, and their community and lifestyle publications in Southern California. He leads a high-performing team that is focused on aligning a core mission of journalism with business transformation and technology strategies, optimizing operational service performance through continuous improvement initiatives.
Ghalib has over twenty-five years of experience delivering Information Technology solutions and trusted management consulting advice to clients in the aerospace and defense, broadcasting, healthcare, high-tech, insurance, paper products, publishing, retail, transportation, and telecommunications industries. Ghalib has designed, implemented, and managed effective worldwide IT solutions, leveraging both on- and off-shore knowledge teams to drive metric-based business outcomes.
Ghalib currently serves on the board of High Tech Los Angeles, a college prep charter high school (2013 – Present), Governing Board Member of Evanta Southern California CIO Community, A Gartner Company (2021 – Present), Advisory Board Member for Brightspot (2023 – Present), and Advisory Board Member for Tech Mahindra, Multinational Information Technology services and consulting company (2023 – Present).
Irina Kensinger is a Deputy Contract Security Lead at British Telecommunications (BT). She is responsible for partnering with British Telecom’s Top Tier Global outsourcing clients around security compliance. Her knowledge of this specific risk profile enables her to provide leadership to the BT’s Contracts team so they can successfully execute in accordance with contract terms around security compliance. She leverages her extensive background in risk management to provide value add to BT’s largest clients. Prior to BT she was in various IT Audit, Risk and Compliance roles at PWC and Farmers Insurance, leading, or as an individual contributor, in IT Risk and Compliance functions. Throughout her career, Irina has demonstrated her ability to develop strategic innovative ideas, build cross-functional teams to deliver on those initiatives; and to develop successful teams.
Irina has held a Speaker Coordinator leadership position within Project Management Professionals Association. She has volunteered for Information Systems Audit and Control Association Los Angeles chapter’s Spring Conference on and off since 2002.
Irina is a Certified Information Systems Auditor (CISA), Certified Information System Security Professional (CISSP), Certified Project Management Professional (PMP) and hold a Certified Public Accountant (CPA) license, Inactive. Irina holds a Master’s of Science in Business Administration (MSBA) in IT Audit from Cal Poly Pomona.
John is currently the Director of Risk and Assurance for North America at Orora Group, an Australian based packaging company. Previously, he was GRC Manager at LA County in the Internal Services Department Cyber Governance Organization and was Aon IA global leader for IT Audit, Privacy and Data Analytics in Chicago for 20 years. IT risk executive with extensive experience in global corporate financial services and large government organizations. Leader of data protection and cybersecurity reviews in regulated environments, and data center and cloud hosting reviews leveraging NIST framework.
Passionate leader of global teams, as direct line manager and in collaborative multi-functional teams.
John transformed an Internal Audit data analytics function into a leading function providing data science services, collaboration, training, and risk insights. He also co-led the development of cybersecurity incident governance processes to oversee and coordinate cybersecurity and privacy incident response activities, communication strategies, and content for executives and governance boards, external stakeholders including regulators and clients.
Tom is a director with PricewaterhouseCoopers in their Cyber, Risk and Regulatory practice. Over the past 17 years with the firm, he has focused on providing IT process and control services to clients in southern and northern California areas, amongst other markets. His work experience with these clients includes controls readiness assessments, third party / vendor risk assessments, and cybersecurity maturity assessments. In addition, he has led dozens of teams in developing and executing internal and external audits to ensure compliance with various frameworks, such as SOX 404, NIST, and PCI. He enjoys using data-driven analytics, robotics, data visualizations, and next generation technology to drive efficiency and insight into not only audit results, but also into overall organizational effectiveness. Tom is currently identifying areas where AI can benefit the IT controls efficiency and effectiveness, both from execution and auditing lenses. Tom has been a Certified Information Systems Auditor (CISA) for over 14 years.
Kelly Lin is a VP, IT Project Manager at East West Bank with 8 years of experience in financial and IT audits. She leads the SOX IT program at East West Bank and has experience in cybersecurity, system, and application audits. Kelly was an IT Advisory and Risk Consulting Senior with KPMG.
Kelly’s involvement with the ISACA Los Angeles Chapter began when she was a college student and was nominated by the board to serve as the Treasurer. And since then, she has actively taken up various leadership roles, including Board Director, Programs Chair, Conference Registrar, Volunteer Chair, and was also managing the Chapter email communications. She is currently the Chapter President.
Kelly received the Chapter’s Beyond the Call of Duty Award in 2019, and was also an opening co-speaker with the ISACA CEO and Board Chair at the 2019 North America CACS Conference where ISACA celebrated its 50th anniversary.