André D. Email and Phone Number
Manager and Senior Consultant for Information Security, Cyber Security, Risk Management, and Business Continuity.
-
Information Security ManagerThomson Reuters Mar 2022 - PresentSão Paulo, BrasilAs the Security Manager for the LATAM region, I do oversee the product portfolio from a security perspective. Key responsibilities include among others include:- Product Security Maturity:Manage and drive actions aligned with NIST/CCM frameworks to enhance product security maturity.Identify and mitigate risks associated with product security.- Certification Initiatives:Conduct efforts to achieve SOC1 certification for eligible products.- Vulnerability Management:Prioritize vulnerability fixes based on context and CVSS scores.Coordinate resolution of pentest findings with development and DevOps teams.- Incident Response:Conduct tabletop exercises for incident response preparedness in product scope level.Collaborate with the global Computer Incident Response Team (CIRT) during actual incidents.- Disaster Recovery:Assist in the definition, test, documentation and execution of Disaster Recovery plans for relevant products.Work with stakeholders to document scenarios and conduct tests.- Vendor Evaluation:Assess security posture of potential vendors and partners.- Sales Support:Assist the sales team in explaining the product’s security features to customers. -
Latam Information Security ManagerFresenius Medical Care Oct 2020 - Mar 2022São Paulo, BrazilDeveloped metrics, coordinated projects in Region and executed global projects within the countries under the LATAM operation structure that wer Argentina, Brazil, Chile, Colombia, Equador, Uriguay, Peru and Panama.Created and deployed region awarness actions, seminars for Cyber Month synced in all countries.Incident response in colaboration with Global CERT from Germany.Participation in global change IT structure internal board to bring ideas and insights to CTO and CISO about possible areas of improvements discussed within USA, EMEA and APAC.Active participation on global projects on IT, Security and Data Privacy perpespectives. Key ones were Global Workday project, New Healthcare system and Manufacturing (IT/OT) workplan to improve manufacturing environment security rating. -
Especialista Em SegurançaFresenius Medical Care May 2019 - Oct 2020Rio De Janeiro, Rio De JaneiroInformation Security & Data Privacy@Information Security, assist in define an road map for Fresenius Medical Care Brazil to improve the actual security maturity level; assist the in the definition of methodology and global tools for information security awareness and Network Security.@Data Privacy, work as Data Privacy Liaison for BR, assisting in the deployment of the global standard on Brazil and coordinate efforts with other areas to identify possible gaps with local regulation. -
Security OfficerSpread Tecnologia Feb 2018 - May 2019Rio De Janeiro Area, Brazil@ Repsol Sinopec Brasil. Working as the Local Information Security OfficerIdentify and suggest improvements in Information and Cyber Security to keep process, awareness and technology up to date with regulations, internal procedures and business needs.Support Global SOC during possible incidents and investigations.Monitor the implementation of projects to validate that information security needs are been addressed as expected and, if required, propose changes of scope.Define and implement KPIs and KRIs related to user actions, infrastructure, technology and system events to monitor possible events and incidents.Promote awareness actions and propose campaigns. Focal point for internal and external audits. Report gaps related to internal controls and proposed actions suggested to the affected stakeholders.
-
Senior Information SecurityIcts Protiviti Feb 2016 - Jan 2018Rio De Janeiro Area, BrazilWorked in projects to identify the current scenario of exposure to technological, operational and strategic risks of companies with billing and/or financial transactions above $ 2 billion annually in thetelecommunications, private equity and oil & gas sectors. Main deliverables and results:- Identification of the organizational maturity level in Information Security- Structuring of action plans distributed in short, medium and long term phases- Identification of estimated investment in capex and opex to support an information security transformation program- Exposure of risk scenarios to organizations' strategies, considering internal and external situations to products, services and long-term strategies- Quantification of risk impacts and structuring of risk maps- Execution of Business Impact Analysis relating information from interviews, internal metrics of incidents, financial statements, operational model and policies- Review and elaboration of policies
-
Specialist Consultant In GrcMódulo Security Solutions Feb 2008 - Jun 2015BrazilMain projects:- Team leader of the Security Office at ANP (Brazilian National Oil & Gas Regulatory Agency) - (2014/2015). Coordinate the investigation of security incidents, implementation and optimization of security solutions acquired by ANP which were SIEM, DLP, IPS/IDS of hosts, Antivirus, Proxy and Vulnerability Scan.- Risk Management and Business Continuity at TIM Brasil Mobile Company - (2008/2010 – 2012/2014). Conducted Risk Assessment and business continuity with telecommunication services resilience as the main scope. Used qualitative and quantitative metrics to assess risk and continuity management.- Risk Analysis at Lafarge Cement and Concrete Brasil - (2011).Risk Analyses of the industrial, commercial and process units of the main factories and offices.The main objectives were to identify the exposure to risks associated to safety (operational and criminal), maintenance and logistical.- Auditing the Infrastructure of the Fare System of Public Transportation in Rio de Janeiro (Bilhete Único) - (2010).Conducted part of the analysis related to IT and infrastructure. Also presented the final reports with the gathered information.The objective was to identify possible situations of fraud, misconduct, service disruption and the correct usage of the billing fare system. -
Telecom EspecialistOi S.A Mar 2007 - Feb 2008Rio De Janeiro Area, BrazilMaintained and operated the pre-paid cellular system. I also conducted analyses of proposed changes to the system. The main activities were the identifications of failures at its early stages to avoid service disruption and cases of misuse and malpractices conducted by clients.The most relevant discovery I made of malpractice of users was the detection of a system glitch that allowed clients with old phones to obtain illegal rented credits. -
Analista De TelecomunicaçõesEmbratel Jan 2000 - Mar 2007Rio De Janeiro Area, BrazilMaintained the national satellite backbone operational from 2000 to 2004. After 2005, the NGN (Next Generation Network) services were added to the scope of operations. Provided support for troubleshooting critical failures.Also in 2005 I was transferred to the unit that implemented, planned and maintained the first national VoIP services operated as a conventional phone service. This product is still operational and is the second in its market share scope.
André D. Skills
Frequently Asked Questions about André D.
What company does André D. work for?
André D. works for Thomson Reuters
What is André D.'s role at the current company?
André D.'s current role is Information Security Manager.
What schools did André D. attend?
André D. attended Blackstorm, Isaca, Data Center Dynamics, Universidade Federal Do Rio De Janeiro, Senac Rj.
What skills is André D. known for?
André D. has skills like Security, Information Security Management, Itil, Operating Systems, Data Center, Information Security, Telecommunications, It Management, Iso 27001, Business Continuity, Network Security, Firewalls.
Who are André D.'s colleagues?
André D.'s colleagues are Louise Monkhouse, Mike Musgraves, Amanda Perry, Tanisha Mcfadden, Mara Goldstein, Vinod R, Chris Hamilton.
Not the André D. you were looking for?
-
André C. S. Batalhão, Ph.D.
Researcher | Professor At Minas Gerais State University, Brazil | Expert In Sustainability Management And Assessment | One HealthRibeirão Preto, Sp -
-
André Santos, Ph.D
Osasco, Sp -
Free Chrome Extension
Find emails, phones & company data instantly
Aero Online
Your AI prospecting assistant
Select data to include:
0 records × $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial