• Review and evaluate internal controls to ensure they are designed effectively to address regulatory requirements, including PCI DSS, ISO 27001, 27002, and NIST.• Conduct gap analysis and risk assessments, and implement effective internal controls.• Continuously monitor and review activities to ensure compliance with local regulations and applicable global policies.• Collaborate with other departments to ensure an integrated approach to compliance.• Develop, implement, and monitor information security policies.• Conduct risk assessments and security audits to identify vulnerabilities and implement corrective measures.• Monitor and analyze security systems and event logs to identify suspicious activity or security breaches.• Coordinate and perform penetration tests and vulnerability assessments.• Develop and conduct security awareness training for employees

Responsible for the InfoSec team as Squad Manager, leading 04 main subjects:Governance Security, Security Access Control (IAM), Risk Management. • Review and evaluate internal controls to ensure they are designed effectively to address regulatory requirements, including PCI DSS, ISO 27001, 27002, and NIST. • Responsible for structuring and developing the enterprise risk framework. • Development of Risk Matrix, Indicators and Evaluation Criteria for Risk Analysis and Assessment. • Maintain accurate documentation of control assessments, testing results, and compliance evidence, experience SWOT Analyses focusing on Information Security. • Identify potential control deficiencies and gaps in the control framework and recommend remediation measures.

Identify and deliver appropriate controls based on industry standards (e.g., NIST, PCI, ISO27000 series) Work well independently and with others as part of a larger team and be able to collaborate on cross-functional teamsParticipate, lead, and jointly deliver security in Encryption and digital certificate; as well as Authentication System (AD, LDAP, RADIUS, 2FA, SAML, OAUTH2);• CA Siteminder Web Access Manager and Federated Services• Deployment of single sign-on (SSO) solutions using CA SiteMinder• Configuration of Policy, Rules, Domains, Response and Authentication Schemes• Develop a custom central authentication page• Implement Federation using SAML 2.0• Implement IDP as well as SP-initiated Federation SSO

Prudential InsuranceResponsible for planning, monitoring, controlling and following up strategic IT Infrastructure and Information Security projects.Project meetings and interactions with Prudential International Insurance and GBTS (Global Business & Technology Solutions).Compliance to the best practices and information security frameworks (ITIL, ISO 27001, COBIT, SAS 70 and others).Risk Analysis, Data Classification, Identity Access Management;

• Responsible for local information systems and information security, in accordance with the Organization's standards.• Supervise the IT Service Desk staff and activities, ensuring a rapid service delivery while maintaining high standards of quality.• Implementing business continuity plans for IT, ensure risk mitigation for all IT core business applications.• Improving business processes by leading the implemented new IT solutions, policies, and procedures.• Cisco Network Data and Voice Support.• Supporting 100+ users understands their needs and provide the best solution to any issue they might have.• Ensure that all servers connected to the network are located in one secure location and are under the appropriate internal controls. • Local implementation, maintenance and enhancement of all IT security measures as per Information Technology Services (ITS) and Information Security Officer requirements and recommendations.• Inventory and monitor infrastructure with Qualys.• SCCM (Pacth Management).• Process of auditing information systems.• Governance and management of IT.• Information systems operations, maintenance and service management.• Open-System Firewall Management

Experience in IT project management Startup, Planning, execution and control and closure. Implementation of projects using the practices of PMBOOK.Development and deployment of enterprise solutions for Internet communications management, which include its VoIP to platform Drillers and Network MPLS.BPM – Identifying Critical Business Processes; Implementation Plans; Return on Investment Analysis; Defining and Improving Business Processes; Management and analysis of new demands.

Acted as coordinator of the migration of Microsoft Exchange 2008 across network SESC-Rio accumulating 288 hours in Project Management.Also acted as consultant for the BI project Amil in ERP integration, responsible for the survey UML - Unified Modeling Language.

Maintenance of Computers, Printers, Network Support Windows NT, 2000, 2003 Standard Server, Backup File, Installation, Implementation and Configuration Windows2000Server, SERVER 2003 Standard / Professional, Windows XP PROFESSIONAL. Management and Planning Support Services, Planning and Migration framework for Windows2000Server 2003Standard and Windows Server, Backup / Restore ARCServer2000, ARCserve 11 and File Security Management, called a tool to measure stress levels and GUT HelpDesk - Desk Manager, Antivirus Management Nai-Epo 8.0i 4.0 Maintenance of email accounts, monitoring the environment using technology tools specific to the installation, evaluation of infrastructure (server selection, hardware selection, control of software licenses, etc..) control inventory of equipment and software, specification of equipment to purchase and performance analysis environment. Monitoring of backup servers and re-submission of processing non-compliant; monitoring processes; Submission of sporadic cases; Service on matters of operation, mounting tapes on the servers; Startup and shutdown of servers, Planning and WindowsNT4.0 Server Migration Complete Standard for Windows2003 Server.