- KPI’s Management- SOX Aduit, Internal Audit, Audit issues- Security Issues / Action Plan- Security Policy Management- Friendly Hacking Excercise- CAB’s Meeting (Security)- Security Awareness- Security on demands and deliveries projects- Monitoring logs- Cyber Securtiy Program- Vendors and budget ZBB management (Capex/Opex)- Reporting- Scope: LATAM / all infraestructure (Perimeter, Extranet, Intranet, Global, Applications, Web Applications, Networking, Servers, Comunication devices, so on)

- IT Risk assessment: work directly with business units, IT areas and suppliers to facilitate the analysis and process of risk management, identifying mitigation measures and acceptable levels of risk to protect information.-Policy and Procedures: Define how activities should be carried out in terms of security and information protection. Collaboration in the definition of strategies, policies, standards and procedures, to validate with the Risk Committee, Audit and other areas of IT. Lead and coordinate related project initiatives.-Controls: Ensure that activities related to Security are executed as expected. Collaborate in the definition, implementation of controls and monitoring necessary to mitigate the risk.- Lead and coordinate activities related to Business Continuity Plan (BCP) and Contingency / Disaster Recovery Plan (DRP). Definition of strategy, implementation and monitoring. Awareness & Change Management

-Analysis, control and revision of the new security tools to implement.-Maintenance and Control of PKI (Public Key Infrastructure) Security.-Implementation and maintenance of the Privileged Password Manager (exDMZ)-Review security logs in UNIX / Linux / AIX environments-Security E-trust Access Control in UNIX environment-Manage and execute audit logs.-Perimeter Security

I have to ensure the migration of all corp system technology and infrastructure in terms of security. The goal of the project is the nationalization of YPF in Argentina (YPF - Repsol) . During the project, I've worked in the migrations of the all infraestructure ensurig systems like Exchange, Active Directory, SAP 3/R, SAP Portal, eldap, Servers, Systems Access, Risks, Users access management among other things.Additional projects and activities as responsible and collaborating:Execution of re-engineering of security structures on different environments related to SAP.-SAP Netweaver 2.02 / Security-Unix/Linux Security-SAP R/3 & SAP Portal (R/2) Security-Oracle db Security -SQL db management security-Microsoft Exchange 2003-2007-2010 Security-Active Directory Security.-Virtual VMware and tecnologies SO Windows Server 2000, 2003 -2008-BlackBerry Enterprise Server Security. Implementation of the Winshuttle Transaction tool to customize SAP platform processes.Programming and development oriented to information Security (automation ofprocesses and applications)Security Management on the Company's own applications.

Tengo que identificar los riesgos inherentes a los entornos SAP R/3, minimizar el grado de exposición que pueda comprometer a la seguridad del sistema. Paralelamente realizo distintas actividades de seguridad informática.Seguridad en SAP R/3Funciones:-Autorización del usuario final y de las funciones de administración.-Acceso al generador de perfiles para mantener los roles, autorizaciones y perfiles tipos.-Acceso para administrar usuarios, autorizaciones y perfiles de autorización manualmente.-Acceso para mantener la asignación de objetos de autorización sobre transacciones.-Bloqueo de códigos de transacciones críticas y sensibles en producción.-Asegurarse de que los cambios se realizan en el entorno de desarrollo y se transportan a producción.-Creación de roles, simples y derivados (compuestos).-Re-ingeniería de Roles.Firewalls: Administración y monitoreo sobre firewalls fortinet y watchguard.-Active Directory “Access Control”Administración, monitoreo, generación de accesos, usuarios, GPO's.-Patching: herramienta WSUS ejecutando en Workstations y Servidores de la empresa.-Criptographia,PGP (GNUpg)-Seguridad sobre plataformas propias de la compañía.

Supporting InfrastructureIncidents managementVulnerability, Access, threats, riskCriptographia Best practices ISO 27001Monitoring and loggingsAntivirusCompliance managementRSA SecuritySAP Security

Supporting InfrastructureFirewall Management (CISCO)Incidents managementVulnerability managementAccess, threats, riskMicrosoft Exchange 2003Best practices end usersPatching Monitoring and loggingsAntivirus

Help Desk On SiteSupporting Infrastructure, incidentsAccess, threats, riskCryptographic Best practices end usersPatching Monitoring and Antivirus

Help Desk Level 1Help Desk Level 2Offering courses