José Manuel Plaza Heras

José Manuel Plaza Heras Email and Phone Number

Information Technology and Cyber Security Risk Management | GRC | IT Audit | CISSP | CISA | PMP | ISO 27001 LA | ISO 22301 LA | DORA | ENS @ SIX
zurich, zurich, switzerland
José Manuel Plaza Heras's Location
Greater Madrid Metropolitan Area, Spain
José Manuel Plaza Heras's Contact Details

José Manuel Plaza Heras work email

José Manuel Plaza Heras personal email

n/a
About José Manuel Plaza Heras

I am an IT Director with a 25-year track record in Information Technology and Cybersecurity Risk Management, with focus on Governance Risk & Compliance (GRC). I have previously held roles in Project Management (PMP), Outsourcing, and Business Continuity strategy (ISO 22301).Over the past five years, I have focused on identifying and mitigating risks by implementing control models for Information Technology and Cybersecurity Risks, both on-premises and in the cloud (AWS, azure, etc.), including IT Third-Party risk. Additionally, I have been responsible for IT and Cybersecurity Risks in Data Governance - BCBS 239 from the Second Line of Defense.I have extensive experience in Information Technology and Cyber Risk Control Execution on an international level, where I have implemented processes and controls for Risk Appetite, Control Risk Monitoring, Initiatives Risk Assessment, and Testing of Controls (SOX) to increase risk mitigation and improve the Global Risk Management profile.I possess knowledge in IT & Cyber Risk Management, Cloud Services, Business Continuity & Disaster Recovery, and Data Governance. I am a deep learner about Big Data, Data Science, IoT / ICS and Quantum Technology.My international experience spans the Banking and Financial Services industry, with a background in Telcos, consulting services, and outsourcing providers. I am passionate about Financial Markets and am an enthusiastic learner about Healthcare Informatics and its applications.I am results-oriented, with an annual accomplishment rate close to 100%. I am a good communicator, logical and critical thinker, empathetic listener, and originator of high-performance teams in a multicultural environment.Main Certifications CISSP, CISA, PMP, ISO 27001, 22301 and Digital Operational Resilience Act Trained Professional (DORATPro) (among others).

José Manuel Plaza Heras's Current Company Details
SIX

Six

View
Information Technology and Cyber Security Risk Management | GRC | IT Audit | CISSP | CISA | PMP | ISO 27001 LA | ISO 22301 LA | DORA | ENS
zurich, zurich, switzerland
Website:
six-group.com
Employees:
2442
José Manuel Plaza Heras Work Experience Details
  • Six
    It & Digital Operational Resilience Act (Dora) Senior Auditor
    Six May 2024 - Present
    Madrid, Comunidad De Madrid, España
    View
  • Bbva
    Head Of It & Cyber Risk Control For Data Governance In Bcbs 239 - 2Lod - Second Line Of Defense
    Bbva Dec 2019 - Feb 2024
    Madrid, Comunidad De Madrid, España
    - Evaluate and manage risks from various sources by identifying, assessing, prioritizing, and quantifying them.- Developed and implemented a comprehensive Risk Management Framework and Risk Appetite statement, ensuring ongoing compliance with regulatory expectations and alignment with company standards.- Analyze the different information systems, data inputs, and potential issues that coul impact in Data quality.- Review the data flow and usage across various systems and applications, and evaluate the path it takes based on the current process definition (Data Lineage).- Assess Confidentiality, Integrity and Availability in those critical systems that are involved in Risk and Financial reportings.- Establish with different Areas, the path for resolving those issues which have been identified.- Monitoring and report for mitigation plans.- Contribution to increase a better assessment for evaluating and scoring those risks in the scope of Data Governance from IT perspective.
    View
  • Bbva
    Head Of Risk Control Framework Execution For Tech & Cyber Security - 2Lod - Second Line Of Defense
    Bbva Jan 2019 - Dec 2022
    Madrid Y Alrededores, España
    Inside of Non-Financial Risk (NFR) and IT area:- Evaluate and manage IT Risks - IT Risk Management (IRM) - from various sources by identifying, assessing, prioritizing, and quantifying them.- Defining and monitoring IT Risk Appetite Framework (RAF) for BBVA Group. Global KRI dashboard (Fraud, IT & Cyber-security indicators) follow-up and breach review.- Business and Technological initiatives assessment, considering IT Risk Taxonomy and Controls, making GO/NO GO decisions (Outsourcing Services, Application Management Services (AMS), Cloud services, Technology and new start-up initiatives among others).- Challenge over SOX Testing - RCSA. Reviewing Technology and Cybersecurity controls identifying improvements or issues to be remediated. Negotiation with Business Areas or Product Owners the potential controls and mitigations.- Monitoring and improving internal IT Control Model - IT Risk Management (IRM), considering best practices and standards such as: ITIL, ISO 27001, ISO 27002, CSA, NIST CSF or NIST 800-53.- Develop a Risk Management Framework for different risk taxonomies, and set and implement specific mitigation control, considering the following standards: SO 27001, ISO 27002, CSA, NIST CSF, NIST 800-53, CIS, FFIEC and ICT guidelines (EBA/GL/2019/04). - Challenges 1LOD RCSA assessments, including challenges over specific regulations BCBS 239 or Cloud Governance Frameworks (Azure, AWS, GCP, ServiceNow, etc)- Working with regulatory requirements (Regulator / Supervisor) such as JST (SREP, OSI) and findings resolution.
    View
  • Bbva
    Head Of Global Engineering Continuity - Business Continuity
    Bbva Jan 2016 - Jan 2019
    Spain
    - Review and control the current strategy of Business Continuity Management (BCM) and Recovery Systems across BBVA Group.- Control and boost the alignment between Business Areas (through Business Impact Analysis) and Disaster Recovery Area.- Improve Business Continuity resilience, with a special focus on technological infrastructure.- Review Asset Classification & Protection implementation. Dependency Analysis.- Verify and asses the results of the different D&R tests and review the RTOs and RPOs which have been set.- Negotiation Business Continuity Services contracts- Support the Business Continuity area, providing the technological vision.- Follow the regulations and standards of Business Continuity and Disaster Recovery.- Support for Compliance with FFIEC in BBVA USA.I was involved in the compliance with Ley de Protección de Infraestructuras Críticas (LPIC) and contributed to the development of the Plan de Seguridad del Operador (PSO) and the Plan de Protección Específico (PPE) to ensure the security and continuity of critical infrastructure services.- Working with regulatory requirements (Regulator / Supervisor) and findings resolution from Internal Audit.
    View
  • Bbva
    Head Of Business Continuity Office – Corporate Business Continuity
    Bbva Jun 2012 - Jan 2016
    Spain
    Reporting to Corporate Director of Business Continuity- Responsible for managing Business Continuity Office focused on controlling and supervision of Business Continuity Plans (BCPs).- Responsible for defining, reviewing and implementing the Business Impact Analysis in Sapin. Alignment to Operational Risks impacts.- Leading the implementation of Internal and External Audit recommendations in terms of BCM.- Design, develop and monitor the global implementation (more than 15 countries) of the software LDRPS (Sungard) and the notification system FACT24.- Contract management negotiations: BCMS Licenses and Services.- Functional responsibility for implementing new business continuity methodologies.- High experience in Business Impact Analysis and Business Continuity regulations.- Experience in developing and testing Crisis Management scenarios.
    View
  • Bbva
    It Senior Manager - I&T Development
    Bbva Jan 2010 - Jul 2012
    Madrid Area, Spain
    - Managed several strategic and organizational projects with high impact to Holding Areas and Business Units.- Defined the strategy and initial approaches to potential initiatives, focusing on their conceptualization, analysis and deployment. Main goals are set and attained - fundamentally improvements in quality and efficiency – by collaborating with different Units and managing functional teams.
    View
  • Bbva
    It Manager - Transformation & Productivity
    Bbva Aug 2007 - Jan 2010
    Madrid Area, Spain
    - Collaborated actively on defining, creating and deploying new Corporate Areas. - Managed the New Invoicing Model for Technology and Operations Area,.- Responsible for monitoring the Technology and Operation’s headcount growth.- Developed comparison analysis and benchmarking projects.
    View
  • Bbva
    Senior Project Manager – It Management Models
    Bbva Jun 2005 - Jul 2007
    Madrid Area, Spain
    - Cooperated with Design & Development Area in deploying a Software Factory Model.- Promoted new software factory model.- Evaluation current Application Management Services (AMS) and potential software factory model application.- Manage the development factory in COBOL - CICS - DB2
    View
  • Profesional Independiente
    Tennis Coach
    Profesional Independiente Jan 2014 - Dec 2022
    Currently focused on studying the key aspects that allow a development of tennis mental toughness and how to measure it (MTQ48, SMTQ, etc). Additionally, research of the potential Software (Kinovea, Dartfish, etc) and Data Analysis applied to Tennis.Master in Sport Coaching and Master in Sport Psychology, I have. been certified by:- Registro Profesional de Tenis (RPT). Professional.- International Tennis Professional Association (ITPA). Tennis Performance Trainer.- Modern Tennis Methodology Coaches Association (MTMCA). MTM Tennis Teaching Professional- Women Tennis Coach Association (WTCA). Baseline Certification.- Protrainings. Healthcare Provider (BLS) Adult, Child and Infant CPR/AED & First Aid.Several courses from ITF in Tennis development.
  • Sopra Steria
    Outsourcing Project Manager
    Sopra Steria Jan 2000 - May 2005
    Madrid
    CONSULTING SERVICES- Created the Outsourcing services prortfolio.- End to End sales process, from proporsal development to execution.- Managed several strategic projects for Financial Entities, focusing on outsourcing.of IT Infrastructure and Back-Office Operations - Contract management and negotiation.- Carried out feasibility plans, request for proposals, providers’ assessments, drew up and outsourcing contracts negotiation jointly with a law firm.- Managed different Benchmarking Projects in IT Area: Call Centers, Datacenters and Application Development.SW DEVELOPMENT SERVICES- Programing in COBOL - CICS - DB2
    View
  • Telefónica
    Consultant
    Telefónica Nov 1998 - Jun 1999
    • Worked on Spanish share market analysis on Fixed Telecoms Companies, identifying the impacts of a new series of regulations defined and approved by CMT. • Participated in both different studies about Internet Companies Valuation and Telcos services benchmarking.
    View
  • Hp
    Marketing Assistant
    Hp Feb 1997 - Nov 1997
    • Carried out commercial and marketing tasks: following competency prices, controlling material delivery, etc. • Participated in organizing and supporting products presentations and demonstrations of HP’s printers.
    View

José Manuel Plaza Heras Skills

It Management It Strategy Banca Risk Management Banking Itil Outsourcing Cobit Governance Estrategia Ti Software Project Management Iso 20000 Cmmi Team Leadership Inteligencia Empresarial Management Consulting Pmo Estrategia Investment Banking Project Portfolio Management Liderazgo De Equipos Cambio Organizacional Gobernanza Negotiation Business Continuity Disaster And Recovery

José Manuel Plaza Heras Education Details

Frequently Asked Questions about José Manuel Plaza Heras

What company does José Manuel Plaza Heras work for?

José Manuel Plaza Heras works for Six

What is José Manuel Plaza Heras's role at the current company?

José Manuel Plaza Heras's current role is Information Technology and Cyber Security Risk Management | GRC | IT Audit | CISSP | CISA | PMP | ISO 27001 LA | ISO 22301 LA | DORA | ENS.

What is José Manuel Plaza Heras's email address?

José Manuel Plaza Heras's email address is jm****@****ahoo.es

What schools did José Manuel Plaza Heras attend?

José Manuel Plaza Heras attended Mitx Courses, Iese Business School - University Of Navarra, Universidad Politécnica De Madrid, University Of Cambridge, Thepowermba, Eae Business School, Intermanagement, Universidad Del Pacífico (Pe), Universidad Autónoma De Madrid, Open Source Society University, Escuela Europea Del Deporte, Escuela Europea Del Deporte.

What skills is José Manuel Plaza Heras known for?

José Manuel Plaza Heras has skills like It Management, It Strategy, Banca, Risk Management, Banking, Itil, Outsourcing, Cobit, Governance, Estrategia Ti, Software Project Management, Iso 20000.

Who are José Manuel Plaza Heras's colleagues?

José Manuel Plaza Heras's colleagues are Monserrat N., Edin Omeragic, Darosa Eugenio, Pascu-Lucian Gorgan, Ramona Montalto, Elvira Nazaré, Gianfranco Pizi.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.