Rafael Jimenez Email and Phone Number

In this role I worked directly with the Global Cybersecurity teams and Latin America stakeholders to guide during the identification of risks and to guide the implementation of Cybersecurity controls into a Tactical and Operational Global Perspective .• Industrial Security :-SCADA/ICS Architecture Evaluations-Attack Surface Reductions ICS -Cyber kill Chain identifiying Threats/ Vulnerabilities on ICS/SCADA Environments.-Policy/ Procedures Creation for Patch Mgt., Account Review, Vulnerability Scan, etc on ICS Networks.• Risk Management:-Risk Assessments/ Business Impact Analysis / Treatment with Action Plans.-Engagement of Cybersecurity on Business Inititatives-Management of all technical penetration testing and vulnerability assessment methodologies-Implement Critical Cyber Security Controls-Information Classification/ Confidentiality management - PII, PI, IP-Third Party Evaluations-(Support) Security Risk Management processes and decision making, related to areas in scope-Supporting Internal / External Audits and Following up Action Plans-Support Standards such as PCI, ISO 27000, ITIL, NIST, CIS.•Vulnerability Management:-Implementation of VM Process for LATAM and Globally.-Lead the Latin America VM, Pentesting and Audit functions-Application and enterprise security Implementations-Participate in IS/IT vulnerability remediation

Served as Information Security Manager within Sony Latinamerica on eGIS group. Was the second employee in this group (behind the then and current director) approximately 4 years ago. Continue to provide leadership in the organization in the following ways:* Lead the SouthAmerica Vulnerability Management, Pentesting, Architecture.* Management of all technical penetration testing and vulnerability assessment methodologies* Red Teaming Engagements* Manual security testing of flagship web and mobile applications* Continue to enhance and expand the SOLA mobile practice* High-level customer interactions and relationship management* Application and enterprise security Implementations* Conduct private executive briefings on current threats and solutions* Innovation, design, and management of construction of new service offerings* Provide competitive analysis and strategic direction In this role I work directly with the Global Heads of Pentesting, Vulnerability Management This involves activities ranging from testing key systems and applications, to managing and enhancing all of our testing methodologies, to presenting to and consulting on how best to build out our security programs. Role continued from previous position, with expanding responsibilities as the team grows in size.

In this role I served as Information Security Technical Manager for Latin America. Responsible of Information Vulnerability Management and Security Architecture at Sony Latin America.This involves activities ranging from assisting upper management with strategic evaluation and analysis, the Implementation of Vulnerability Management Process, Architecture Design of Network Security, Host & Device security, Application Security, DB Security and User Security. Other key activities include security audits of information security practices, coordinate cross-disciplinary security projects, and perform audits in all Sony offices throughout Latin America. In charge of the following processes:- Vulnerability Assessment- Methodology Development- Mobile Application Testing- Infrastructure Testing- Security Architecture Design- Web Application Testing- Social Engineering Testing- Security Research- Process Development- Risk Assessments- Third Party Evaluations- Security Audits- Policies & Procedures Creation

Served as a Senior Information Security Consultant at BBVA Bancomer. Role highlights included:- Building/Enhancing the Security Architecture- Performing Network and Web Vulnerability Assessments- Performing Wireless and Web Penetration Testing- Implementing Bank´s Wireless solution- Implementing Encryption solution- Implementing Intrusion Detection- Enterprise Security Architecture- Assisting with securing of acquisitions- Assisting with high-level security operations with BBVA BancomerThis position required me to act as a one-man consulting team -- performing the full range of engagement activities, including: inbriefings, auditing ,all technical work, producing the report and presenting the findings for BBVA Bancomer.

Served as an Information Security Analyst at Scitum. Role highlights included:- Managed Services and Monitoring- Web Proxies- Intrusion Detection and Prevention - Firewall Engineering- Network Troubleshooting- Suspicious Activity Detection- General Security Architecture- Network MonitoringIn this role I served in a number of roles ranging from administering and troubleshooting the firewalls within a highly segmented and complex environment, performing vulnerability assessments, to helping management understand various technical risks for different companies: Comisión Federal de Electricidad, Secretaría de Educación Pública, FONACOT, Banco de la República de Colombia.