Cloud Security Lead, Architect. CNAPP. CASB. ZTNA. BAS and Purple Team Lead & Architect. EPM Lead & Architect. Zero Trust. Defense in Depth. Threat Informed Defense - MiTRE Engenuity & MiTRE ATT&CK. PAM Engineering. SecOps, PenTest Lead. Threat Intelligence. Incident Response. Threat Hunting. IdP and IAM. Programming and Scripting. Policies, Procedures, Standards, and Baselines. Risk Assessment and Threat Modeling.CMM CSA, NIST CSF, ISO 27001, CIS Controls.

PAM. BAS. EPM. Zero Trust. Defense in Depth. Threat Modeling. Security Frameworks and Standars. Threat Informed Defense - MiTRE Engenuity. SecOps. IR. Threat Hunting. PenTest. Purple Teaming. SIEM. Cloud Security. Vulnerability Scanner. NGFW. EDR. AD Auditing. Python scripting. Vulnerability Management. Linux. Patch Management. IdP. Procedures and Standards. Engineering Defense and Offensive. Planning, documenting, and measuring progress.

Led the Ethical Hacking Program. Performed Threat Modeling. I engineered different security solutions, such as SIEM, AV/EDR, DLP, NAC, Proxy Gateway Security, Cloud Security, AD Auditing, Threat Intelligence, NGFW, and Python scripts, among others. I performed Threat Hunting and Incident Response. I was responsible for the Vulnerability Management Program. I was oriented to GRC as well, leading Cybersecurity programs and projects, planning Cybersecurity Architecture and Engineering to achieve/maintain Defense in Depth (DiD), mitigating risks, improve response plans and business continuity, all that while aligning the Agency to follow the Industry Best Practices, Standards, and Controls (NIST CSF, ISO 27001, OWASP TOP 10, FFIEC Framework, and CIS Controls). I helped to perform Risk Assessments and helped with the Cybersecurity Awareness Program. I continuously found new methods to enhance Confidentiality, Integrity, and Availability, framing a Zero Trust Architecture. I Monitored KRIs and KPIs to analyze, create, and propose action plans to reach the highest Information Security Hygiene and Maturity Level in the Organization.

IAM, AD, Endpoint Encryption, Asset Security, VPN, Network Security, Troubleshooting and more.

Designing a Secure Network Architecture (communication and data storage)Implement And Maintain a Network using secure protocols and devices (Firewalls) while mapping to Security best practices.Provisioning user accounts with Secure passwords, following industry standards.Managing asset lifecycle, classifying,  creating, encrypting, and destroying it. (Data, Routers, Firewalls)Monitor Firewall to detect Incidents and Improve the state of Security.