Execution of consulting projects in information security, risk management, data privacy and GRC, specifically in:-GAP Analysis (As Is) of cybersecurity capabilities.- Improvements to SOC (Security Operation Center) services such as redefinition of correlation rules, development of playbooks, SOC reliability, sizing of event monitoring platforms.-Cybersecurity strategic advice.-Implementation of Information Security Management Systems.-Design and implementation of response to cybersecurity incidents.-Design and implementation of business continuity management.

1) Review of the design of Informatión Security, Cybersecurity and IT controls2) KPI measurement of IT SOX and Security/Cybersecurity Controls .3) Compliance and control of Security, Cybersecurity and IT controls and Entity level controls4) Implementation of action plans identified in the improvements detected by control entities5) Aligning security and IT plans and processes with business/comercial goals of the company.

- Responsibility for developing security strategies for companies and for overseeing the implementation and execution of said strategies, especially as a Chief Information Security Officer (CISO).- Elaboration of SOC Reports.- Design and implement the information security and cybersecurity management system aligning security architecture plans and processes with business goals in diferents clients and sector such as telecommunications, energy, retail, oil & gas, etc.- Design and implementation of agile cybersecurity audits.- Vulnerability management: Developed vulnerable test environment and ethical hacking for training and testing of various cyber capabilities.- Implementation of the information security event and incident management model.

-Design, define, improve policies and controls of IT and Information Security, based on frameworks such as NIST, ISO27001, COBIT 5 and ITIL.-KPI measurement of Security Operation Center (SOC).-Segregation duties analysis in SAP's Systems and Inhouse development.- responsible for the SOC report.

Coordination and Execution of information security projects, such as: -Vulnerability management: Developed vulnerable test environment and ethical hacking for training and testing of various cyber capabilities.- Incidents and events management: Redesign of policies of incidents/events of information security, process based such as ITIL and NIST frameworks and KPI measurement- Segregation of duties: analysis in SAP's Systems and Inhouse development.- Hardening: Application security on operative Systems and data base. Information Systems Baselines.- Cybersecurity audits: verifying controls base on frameworks such ISO 27001, NIST 800-53 and COBIT.- Created Cybersecurity best practice communications to educate staff of clients against known threats.- Design and maintain security policies, define and improve security policies and controls and review of domains of ISO27001, in the following sectors, Energy, Technology, Telecommunications, etc.- Elaboration of SOC reports, type 1, 2 and 3.

Establish, design, coordinate and execute the Annual IT Internal Audit Program and Information Security Program based on:• Process map. • Organizational requirements.• Requirements of international standards.• Criticality of the processes.• Results of previous audits.-Communication and writing of the audit findings (Strengths, opportunities for improvement, observations, non-conformities). Preparation of audit reports to the Management.-Evaluation data quality and define migration plan to SAP.- Design, Audit and implementation continuity Business plan.

Coordination and Execution of information security projects, such as: -Vulnerability management: Developed vulnerable test environment and ethical hacking for training and testing of various cyber capabilities.- Incidents and events management: Redesign of policies of incidents/events of information security, process based such as ITIL and NIST frameworks and KPI measurement- Segregation of duties: analysis in SAP's Systems and Inhouse development.- Hardening: Application security on operative Systems and data base. Information Systems Baselines.- Cybersecurity audits: verifying controls base on frameworks such ISO 27001, NIST 800-53 and COBIT.- Design and maintain security policies, define and improve security policies and controls and review of domains of ISO27001, in the following sectors: Financial/banking, retail, Technology, etc.

Execution of security information projects, such as: vulnerability management, incident and events management, developing of the segregation of duties of the different Systems of the application layer in the following clients, SOX Compliance: in the following sectors: Telecommunications, financial, Oil & Gas, Energy, retail, etc.

Responsible for the analysis, development and implementation of solutions in SharePoint 2013, InfoPath and Microsoft Office 365.