•Role as CISO:- Information security management: I oversee internal security, including the management of the Information Security Management System (ISMS) and business continuity.- ISMS maintenance: I maintain the ISMS and continuity strategy (BCP) under ISO 27001 and ISO 22301, managing ICT risks and ensuring compliance with regulations and privacy laws in the Americas and Europe.- Supervision of security audits and compliance: I coordinate and supervise internal and external security audits, working with auditors and regulators, and maintaining strong relationships.- Communication with the board: I regularly present to senior management and committees on the state of security and regulatory compliance.- Risk management and compliance: I develop strategies to align security with regulatory requirements and enhance resilience.- Three lines of defense model: I maintain and optimize the three lines of defense model in information security.- Incident response: I oversee the monitoring of vulnerabilities and incidents, leading effective response efforts.•Role as Information Security Manager for professional services:- Security consulting: I lead consulting in ISO 27001, 22301, DORA, NIS2, GDPR, audits, and development of security management systems, articulating policies, standards, and security processes.- Virtual CISO (vCISO): I act as CISO for various companies, leading their security areas and/or strategic projects, aligning cybersecurity initiatives with each organization's specific objectives.- Client and stakeholder relationships: I maintain relationships with clients and stakeholders, ensuring satisfaction and SLA compliance.•Additional responsibilities in corporate governance:- Development of governance strategy: I lead the creation and implementation of the corporate governance strategy, establishing committees to strengthen organizational structure.

I am passionate about contributing to the education of future professionals in the field of cybersecurity. Throughout my career, I have had the honor of teaching at several prestigious universities, sharing my knowledge and experience to prepare students for the challenges of the digital world.• UTN (National Technological University of Argentina)Diploma in Information Security | August 2014 – PresentSubjects:- Ethical Hacking- Information Security Management• UNQ (National University of Quilmes)Bachelor's Degree in Computer Science | 2021 – PresentSubject Taught:- Information Security• Ekoparty Hackademy | 2021 – PresentSubjects Taught:- Ethical Hacking Projects & Methodology- Vulnerability Assessment- Asset Security & Risk Management- Technical Writing & Executive Reporting• UB (University of Belgrano)Diploma in Certified Cyber Defense Officer (CCDO) | March 2018 – June 2019Subject Taught:- Threat and Vulnerability Management

In my role as Executive Director, I assumed multiple key responsibilities in the area of cybersecurity and technology controls with regional coverage in Latin America and Canada. I was responsible for leading the CISOs across the region, as well as leading the "Cybersecurity & Technology Controls: GRC" team. Additionally, I served as the CISO for Canada and the CISO for the Global Services Center in Buenos Aires, where I implemented and promoted strategic and regulatory initiatives that strengthened the cybersecurity posture in the region. I also led processes that were created and adopted both regionally and globally.Key responsibilities:- Management of CISOs across the LATAM-Canada region.- Coordination and scaling of cybersecurity projects and solutions, technology controls, and data privacy across the LATAM-Canada region.- Alignment of corporate policies with business needs, ensuring regulatory compliance across the different countries in the region.- Coordination of the regional "Threat Intelligence" area.- Management of relationships with regulators, government agencies, and financial sector associations.Coordination of the regional Regulatory Intelligence area.- Oversight of regulatory technology audits for the region.- Coordination of the team responsible for active cybersecurity and technology control evaluations (Penetration Testing, Red Team, Cyber Exercises, Crisis Simulations).- Leadership of the training and development team for the region.- Implementation of global corporate policies adapted to local regulatory needs.- CISO for the Global Services Center in Buenos Aires.- CISO for Canada.Other corporate responsibilities beyond my primary role:- Lead of the Learning and Career Path workstream for Argentina.- Mentor for technology areas.- Mentor in women in technology programs.

In this role, I led the coordination of regulatory and governmental requests related to technology, information security, and data privacy across Latin America and Canada. I implemented a global regulatory response process, ensuring consistency and efficiency in communications with regulators.Key Responsibilities:- Coordination of Regulatory Requests (RFI): Managed responses to external audit and regulatory requests, collaborating with technology groups to ensure consistent use of materials and efficient meeting management, optimizing response times.- Regulator Interaction: Served as the primary point of contact for regulators and external auditors, coordinating on-site visits and ensuring effective participation during audits and reviews, strengthening relationships with key authorities.- Project Governance: Supervised and reported on the progress of RFIs, maintaining an issue tracker to document key matters and ensure resolution of problems identified by regulators and audits.- Executive Presentations: Delivered presentations to regional and global committees, providing key insights on regulatory compliance and risk management in LATAM and Canada, facilitating strategic decision-making.- Global Interaction: Collaborated with the global Technology Regulation team to ensure consistency in regulatory processes worldwide, adapting best practices to regional needs.- Alliance Building: Developed relationships with local and regional regulatory authorities, participating in industry groups to influence regulatory policies and practices.- Training and Awareness: Implemented training programs on regulatory topics to ensure stakeholders understood and complied with applicable regulations.

- Led information security and business continuity for Argentina, serving as Regional Information Security Coordinator in LATAM (Argentina, Brazil, Chile, Mexico, Peru, Colombia).- Developed and implemented a security strategy aligned with business objectives and local regulations (BCRA, SOX, PCI), improving regulatory compliance.- Managed the information security risk management strategy, planning, executing, and establishing plans that reduced critical risks by 30%.- Presented security reports and updates to executive committees and Senior Management, gaining greater support and facilitating better strategic decision-making.- Developed and implemented cybersecurity incident response plans, enhancing reaction capability and minimizing the impact of incidents.- Coordinated and maintained the Business Continuity Plan (BCP), including Business Impact Analysis (BIA), strengthening resilience.- Led the migration of alternative processing sites, improving business continuity and regulatory compliance.- Collaborated with legal and compliance departments to ensure adherence to local, regional, and data protection and privacy regulations.- Managed and implemented controls, standards, and policies to comply with financial regulators.- Developed and implemented the Awareness Program in LATAM, reducing cybersecurity incidents by over 60%.- Advised on business projects and new technologies, ensuring that security best practices were integrated from the outset.- Conducted and coordinated security audits (BCRA 4609, ISO 27001), ethical hacking tests, and web audits, evaluating and improving the security posture.- Fostered alliances with local financial authorities, promoting collaboration and knowledge sharing.

- Managed the Information Security team for the Chilean branch, leading offensive security initiatives.- Coordinated cybersecurity projects at local and regional levels in Argentina, Brazil, and Chile, aligning strategies with corporate objectives and industry best practices.- Performed audits and internal controls to ensure compliance with international standards such as SOX, PCI DSS, and ISO 27001 in financial sector companies.- Executed penetration testing and vulnerability assessments for financial institutions in Chile—including Banco de Chile, Redbanc, Transbank, and Nexus—strengthening their cybersecurity posture.- Issued alerts on new vulnerabilities, malware, and security threats, facilitating their effective resolution and minimizing risks.- Provided Information Security training to the LATAM Security Department (Argentina, Chile, Brazil), enhancing the team's skills and knowledge.- Developed security standards and policies for various network and infrastructure technologies, including Microsoft Server, Linux/Unix, and VMware, standardizing practices and elevating the level of security.- Managed and enhanced the security of HP-UX and other Unix systems, implementing hardening policies and continuous monitoring.

- Managed the ministry's information security, working closely with the IT department to ensure the confidentiality, integrity, and availability of government data.- Collaborated with the IT team to implement technical solutions based on open-source software, wireless technologies, and security configurations for critical servers, resulting in a reduction of security incidents.- Coordinated cybersecurity projects, including the administration and strengthening of Data Center security, enhancing the resilience and protection of the infrastructure.- Performed penetration testing (ethical hacking) and vulnerability assessments using tools like Nessus and Metasploit, identifying and mitigating critical risks in the infrastructure and institutional websites.- Developed and maintained information security controls and policies, aligning them with international standards such as ISO 27001 and promoting a culture of continuous improvement.- Evaluated the security of new governmental applications and web developments, providing recommendations that strengthened protection against cyber threats and improved the overall security posture.

- Conducted advanced cybersecurity research, focusing on penetration testing, ethical hacking, and wireless security.- Executed penetration tests and performed vulnerability assessments in companies, including those in the oil and gas industries, enhancing their cybersecurity posture.- Designed and delivered training programs in cybersecurity and IT infrastructure, covering topics such as wireless hacking, network hacking, and administration of GNU/Linux and Microsoft Windows Server systems.

- Provided technical support for corporate networks, ensuring the optimal functioning and availability of the company's communication systems.- Installed, configured, and maintained Cisco network equipment, including routers and switches, working with protocols such as TCP/IP, OSPF, and BGP.- Diagnosed and resolved connectivity and performance issues in the networks, improving internal customer satisfaction and minimizing downtime.- Collaborated with multidisciplinary teams in the implementation of network solutions that supported business objectives and strategic projects.

- Provided information security consulting services to various companies, specializing in penetration testing, ethical hacking, and vulnerability assessments.- Conducted gap analyses against industry standards such as ISO 27001, identifying risks and proposing corrective actions to ensure compliance with current regulations.- Designed and implemented firewalls and perimeter security solutions, strengthening network protection against external threats and enhancing IT infrastructure security.- Developed and deployed proxy servers, optimizing access control and enhancing security for corporate web browsing.

- Network desing and configuration. - Server administration ( Linux flavors and Windows Server)