Chief Information Security Officer and Data Protection Officer with 16 years of experience. Strong background in financial, retail, fintechs, consulting and education group.
Creative and Innovative – Chief Information Security Officer with 16 years of experience. Strong background in financial, retail and fintechs. Broad understanding of consultancy industry and proven ability to combine vision, creativity and technical skills on development and implementation of Information Security System, Technological and Operational Risks. Developing of Information Security Director Plan for different solutions, such as BigData, Cloud, DevSecOps and others. Expert in implementation of incident response teams (SOC / CSIRT), focusing on reduction of frauds in electronic channels and credit cards.
Certifications: CRISC, ISO 27K LA,
MCSO, ISFS, PDPF, CobiT 4.1,
ITIL V3, SGSTI, MCRM and
I advise companies
and NGOs in Privacy
and Security Information
Areas of expertise:
• Risk Management (Based on the ISO 31000).
• Privacy and Data Protection.
• Evaluation and definition of new protection technologies to complement the Corporate Security Architecture based on the new evolving Cyber Threats. (e.g. BigData, DevSecOps, Security for Cloud private and hybrid and Security for IaaS, PaaS and SaaS).
• Management of Security Operation Center Activities (Incident Response and Fraud Investigation).
• GRC – Governance, Risk & Compliance (Based on the COSO ICIF 2013 and COBIT).
• Information Security Management (Based on the ISO 27001:2013).
• Cyber Security and Cyber Warfare.
• Vulnerability Analysis & Ethical Hacking Test (Based on the EC Council).
• BCP (Business Continuity Plans).
• DRP (Disaster Recovery Plans).
• Security Controls (CobiT and Sox).
• Payment Card Industry Requirements (PCI-DSS).
• Information Security Policies and Procedures.
• ISO 27001, ISAE3402 & SOX Audit Process.
• Information Security and Awareness Programs.
• Third Party Risk Management.
• Consulting in systems development life cycle (SDLC).