• Perform PCI DSS audits in different regions across the Bank• Advisory on different projects about PCI DSS related-mattersReporting line: Canadian IS&C team

Responsible for the implementation of the PMI Global Privacy Program within Andean (CO, EC, PE and VE) and South (AR, BO, CL, PY and UY) clusters

• Responsible for the implementation of the PMI Global Privacy Program within Andean (CO, EC, PE and VE) and South (AR, BO, CL, PY and UY) clusters• Lead RIM (Records and Information Management) practice for the Andean cluster• Investigate PMI Ethics and Compliance program breaches and violations

Docente en diversos cursos relacionados a Seguridad de la Información, Riesgos y Auditoría:* SGS Colombia: Auditor Interno ISO 27001:2013* ISACA Capítulo Medellín: Preparación CISM - Módulo Riesgos de Seguridad de la Información* Fundación de Egresados de la Universidad Distrital: Diplomado en Seguridad de la Información* IT Services SAS: Auditor Interno ISO 27001:2013

• Plan, design, perform and report audits and assurance assigments to IT controls and regulatory compliance within Colombia operation and other regional operations in the Millicom group• Perform consultancy works on several company-wide projects.

• Plan, design, perform and report audits and assurance assigments to IT controls and regulatory compliance (Superintendencia Financiera regulation, SOX, etc.), following ISACA/ITAF and IIA (Institute of Internal Auditors) methodologies.• Perform consultancy works on several company-wide projects.

• Perform assessments for small, medium and large merchants (Level 1-4) and service providers (Level 1-2) against the Payment Card Industry Data Security Standard (PCI DSS), in LAC (LatinAmerica and Caribbean region).• Propose improvement plans to audited companies.• Perform Information Security consultancy services to several clients in LAC region.• Present Information Security webinars (ISO 27001, Risk assessment) to clients in LAC region.

• Lead the implementation project of the ISMS for the Grupo Bancolombia (Banking Service and National and International Business Services).• Lead the construction of the Security Program of Bancolombia Miami Agency, based on the Information Security Booklet of the FFIEC.• Define the Group's Integral Model of Fraud Prevention and investigate new trends of fraud in electronic channels.• Participate in the definition and implementation of the Corporate Security Model of Grupo Bancolombia.• Lead the construction of the Security Information Architecture for the Grupo Bancolombia, based in the SABSA methodology.• Define the strategy for securing mobile devices.• Participate in the process of implementation of the PCI DSS standard.• Manage the Information Security Policies of the Grupo Bancolombia.• Define Information Security standards.• Define the strategy for assurance of the presence of Grupo Bancolombia on Internet (defensive portfolio of domains, presence on social networks, etc.).• Advise both the Banking Service and National and International Business Services on regulatory compliance in matters of Information Security.

• Lead the process of classification and assurance of information assets of Company, based on the Standards Series ISO 27000.• Lead the process of implementation of the PCI DSS Standard.• Define and execute the Plan of Internal Audit in Information Security.• Define and develop the Norms Structure in Security (Policies, Standards and Procedures).• Run the plans of Awareness and Organizational Culture in Information Security.

• Analysis, Design, Implementation and Support of CESA and STAR Applications (Suramericana de Seguros) using methodologies and technologies such as: UML, Java, JSP, HTML and Oracle 9i.