Fernando Sanchez Manzano

Strong background supported by 20 years working in information security and technology audits and advisories, working with some of the best known international standards and regulations; such as DORA, NIS2, NIST-CSF, CIS, ISO38500, CoBIT, ISO27001, ISO27002, ISO22301, SOX Act.404, GDPR, MAGERIT, National Security Schema (ENS for Spain), ISO20000 and ITIL,

I gained this expertise working in big companies such as Deloitte, Ernst & Young, KPMG, BBVA, Santander bank, SegurCaixa Adeslas Bank of Tokyo, HSBC, Aplazame (WiZink group) and spanish public Administration.

I decided to change my professional way of working to face a challenge in European Commission, within the LISO team in JRC department in Ispra, taking part of the European directives and regulations Quality Assessment (as GRC expert) area to improve these publications in Information Security matters. Besides, I am the Senior Manager advisor in the risk assessment over the control systems managing nuclear power stations.

My professional expertise, academic background and personal skills have prepared me to understand both private companies and Public Administrations, especially in needed governance models and compliance (international laws & normative) frameworks.

Specific work experience includes business units, divisional and corporate level consulting in international companies, such as MAPFRE, ING-Nationale Nederlanden, UBS Securities, CASER SEGUROS, USB bank, EADS-CASA, AIRBUS, Mercedes Benz, BMW, Telefonica, INDRA SISTEMAS, S.A, BBVA bank, BSCH Corporation (Santander bank), and UBS Bank Spain and Twenty Century Fox.

All of my work experience shows a strong track record with measurable results, the most recent example of which is my current consultant-like position, defining the IT security governance and strategy in European Commission – JRC as Senior Manager external advisor