Descripción

I am an Cybersecurity professional with over a decade of experience in IT audits, cybersecurity, and governance. I specialize in SOx compliance, ITGC, SAP security, and segregation of duties, helping organizations strengthen their control environments and reduce risk exposure.

With hands-on expertise in assessing, designing and implementing security control frameworks, I bridge the gap between technical and business teams, ensuring compliance while enabling innovation.

With great analytical skills, I am passionate about driving collaboration across stakeholders, mentoring teams, and building resilient security programs that enable sustainable growth.

Idiomas

Inglés
Bilingüe o nativo
Portugués
Bilingüe o nativo
Español
Competencia profesional básica

Preferencias de lugar de trabajo

Acepta trabajo presencial

Barcelona (hasta 50 km)

Booking.com
IT Risk & Control Officer Interim
noviembre de 2023 - Hoy (2 años y 7 meses)
• Lead IT SOX Audit for Financial Systems (E.g. SAP) and ensure are compliant with SOX requirements
• Stakeholder Management
• Support risk identification and control mapping for key EMEA systems
• Manage audit remediation and provide consultation to tech teams
• Provide Subject Matter Specialist to IT process and controls across multiple technology teams SAP's Access Management, SoD and ITGCs.
• Report SOX audit status and issues to leadership
ASML
Processes & Methodology Manager
febrero de 2023 - octubre de 2023 (8 meses)
• Lead the implementation of unique Security Control Framework based on (ISO27001 , NIST CSF, CIS and others) while customizing to the companies' requirements.
• Function lead to Service Now GRC modules project implementation. Act defining requirements, testing and training to end-users.
• Expertise in Integrated Risk Management and to provide insight and oversight on end-to-end processes and how it should be translated to Integrated Risk Management way of working.
• Responsible for maintaining integrated risk management processes, taxonomy and means & methods.
• Stakeholder Management
• Support team management and governance key to being successful (vision, goals, planning, communication, collaboration, interaction).
Nike
Senior IT Compliance Analyst
febrero de 2019 - diciembre de 2022 (3 años y 10 meses)
• Manage SOX EMEA compliance program and ensure teams are compliant with SOX requirements.
• Manage audit cycles and support audit execution (e.g. scoping, risk discussion)
• Support risk identification and control mapping for key EMEA systems
• Manage audit remediation and provide consultation to tech teams - Provide Subject Matter Specialist to IT process and controls across multiple technology teams
• Report SOX audit status and issues to leadership Assignment to lead the design and implementation of a system to support Risk Assessment execution in an automated manner, while integrating policy requirements, controls improvement roadmap and application lifecycle.- Gather requirements from multiple stakeholders and translate into development user stories under agile way of working. Cyber Landscape Assessment- Lead EMEA Risk assessment following the CIS framework- Design the methodology and planning to execute this risk assessment.- Provide training to multiple resources to execute risk assessment with evidence based approach.- Report on EMEA landscape risks and controls to leadership.