Head of the information security and compliance area of Balfour & Co located in the United States, Canada, Puerto Rico and Mexico. Main point of contact for security and compliance issues with all educational institutions and local, federal and international privacy laws, oversees credit card fraud investigations, management of security risk and cloud security.

In charge of Information Security /Risk Management, Fraud & Compliance; responsible for establishing, managing and developing the corporate information security program for all business units (Philadelphia, Milwaukee, CD Mexico, Cancun, Dominican Republic, Jamaica, Curacao, Costa Rica, etc.). Primary contact responsible for reporting the overall status of PCI DSS (Payment Card Industry) assessments, as well as attention to credit card fraud and information security risk management.ACHIEVEMENTS • Implementation of information security frameworks like PCI DSS, PII, LFPDPPP, GDPR, CCPA.• PCI DSS certification Level 1 & 2 for ALG’s companies at corporate level.• Information security risk management methodology implementation for all ALG’s companies.• PCI DSS certification for hotels brands.• PCI DSS certification to UVC (Unlimited Vacation Club), first vacation club to achieve this goal in Latin America.

Chief Information Security Officer; responsible for information security administration for Quimmco Group (SISAMEX, MACIMEX, CNH, QCT, BLACK HAWK, PUMEX, among others) which includes the automotive, chemical and construction manufacturing sectors. Responsible for risk management, DRP/BCP, IT project management, business process reengineering, Windows platform management, Linux, Oracle, cloud solutions, SOX audits, ISO27001, ISO20000. ACHIEVEMENTS • Creation and implementation of the information security model in Quimmco. • Implementation of the Program for the Protection of Copyright/Anti-Piracy of Industrial Designs.• Implementation and certification in ISO20000 for CNDH, the largest plant of the group. • Training of 1200 employees in information security and compliance with regulations.• Implementation of incident response processes, reduction of IT failures by 80%.• Implementation of the Business Continuity Plan and Disaster Recovery Plan.• Implementation of the LFPDPPP in all group companies.

Director of the Technical Security Verification Area; responsible for managing risks and vulnerabilities in information security, traffic analysis, compliance with audits in SOX, PCI DSS in Mexico, Spain, USA, and other countries. Information technology project management, IT governance/Security management. Creation/updating of processes, certification and evaluation of information technologies. Training and coaching of personnel in different topics of security, compliance and information technologies. Implementation of the incident response plan. Implementation/execution of Hardening scripts on Windows, AS400, UNIX platforms.ACHIEVEMENTS • Standardization and monitoring of critical banking processes in nine countries.• Implementation of processes of hardening to technological infrastructure, reduction of the number of failures in a 55%.• Monitoring 7x24x365 of the main banking services. Management of specialized work teams covering three shifts (24hrs).• Definition, implementation, and simulation (field tests) of the Incident Response Plan to give continuity to the operation of the IT infrastructure.

Director of Information and Communication Technologies; responsible for the administration and operation of all the technological infrastructure of the Judiciary of Quintana Roo. Management of suppliers and bids for IT projects. Implementation of ISO27001 for the protection of information and the improvement of legal processes.ACHIEVEMENTS • Implementation of a digital voice/video/data network for all Judicial Branch offices.• Automation of the processes for management and generation of files and lists of stages in all courts in the state of Quintana Roo.• Administration and technical support for 10 thousand users of the state Judicial Branch network.• 67% decrease in administration costs for information technologies.

Senior Information Security Specialist, coordination of projects for the development and implementation of information and telecommunications technologies and the management of financial support funds for the governments of Latin American countries. ACHIEVEMENTS • IDB's first mission to Mexico for the implementation of an Electronic Government in the state of Quintana Roo.• Management of financial support for Mexico in order to implement technology projects.• Collaboration in the implementation of the violence laboratory in Colombia.

Information Security Manager; coordination of the Information Protection Plan based on BS7799 / ISO17799, COBIT, SOX, with coverage in Latin America.ACHIEVEMENTS • Creation and dissemination of the corporate security model for all Pfizer locations in LATAM.• Identification and protection of sensitive information throughout the company, strengthening access control measures and trademark protection.• SOX compliance management through NY headquarters.

Information Security Specialist; execution of information security risk management and analysis for telecommunications services and information technologies. Creation of information security models. Information security solutions and models for communications services based on the ISO27001 standard.ACHIEVEMENTS• Information security risk management methodology definition/implementation.• Information security risk management for telecommunications services marketed for the business and domestic market.• Collaboration in the ISO27001 certification process. A first telecommunications company in LATAM to obtain this certification.