Acerca de Ricardo
During the last 18 years I have been working in the information security field in Mexico, France and Germany, I have worked from technical, project management, presales and consultant positions and as a CISO (Chief Information Security Officer).
Curious, hard worker, quick learner, I love competitive environments and work effectively under pressure.
Español
Bilingüe o nativo
Inglés
Bilingüe o nativo
Francés
Bilingüe o nativo
Acepta trabajo presencial
Madrid (hasta 50 km)
Experiencia
- OutpaycePayments Business Information Security OfficerBANCA & SEGUROSmayo de 2023 - Hoy (3 años y 1 mes)Madrid, EspañaManage the implementation of the DORA (Digital Operational Resilience Act)-Lead PCI DSS certification process.-Support and lead the security part of the process to obtain the EMI license in Spain.-Develop, implement, and maintain the Information Security Framework for Internal Services (policies, standards, guidelines, architecture models, etc.)-Derive and translate the Corporate Security Policies into local/specific ones and with the corresponding standards, baselines, guidelines & architectural model.-Develop and embed security processes into global framework and methodologies.-Develop a strong communication (position papers, policies, procedures, standards, etc.) and awareness around the Information Security Policies.-Ensure that the security risk posture for internal services is aligned with the business appetite & -strategy.-Provide security consulting/expertise and support in programs / projects to other Business Units-Perform security assessment on Programs/projects ((confidentiality, integrity, availability, traceability) with compliance to applicable regulations)-Identify possible mitigation measures.-Translate security risk into business terms which are understandable by the business to reach residual risk acceptance.-Validate the design & accreditation of the security with Programs & projects (architecture, design, processes, regulatory compliance)-Collect & report of metrics supporting the business value of the security program’s activities.-Conduct, coordinate or support IT Risk Assessment analysis and Audit Plans-Drive the day-to-day security process, serious security Incidents. Vulnerabilities management.
- Cyber Defense Consulting GroupSenior Security Officernoviembre de 2019 - mayo de 2023 (3 años y 6 meses)Paris, FranceSome past missions:- Mission at DEXIA – La Défense Security and Business Continuity Consultant – CISO Team- Contrat at PMU - Paris 15 During this mission I worked as CISO Deputy for the PMU- Contrat at Allianz Partners – Saint-Ouen Security Consultant During this mission I worked for the Global Information Security Officer for Allianz Partners
- Ditto BankChief Information Security Officerjunio de 2016 - octubre de 2019 (3 años y 4 meses)92100 Boulogne-Billancourt, France-Establish and maintain the security enterprise vision, strategy and program to ensure assets and technologies are adequately protected-Lead and coordinate the development and maintenance of information systems security policies, procedures, standards, and guidelines, ensuring compliance with laws and regulations-Ensures threat and vulnerability resources and technology are proactively monitoring 24X7 potential threats and vulnerabilities and protection controls are implemented timely and appropriately to safeguard and maintain business operations.-Identifies and assesses risks in implementing business innovations, Provides assessment of those risks to business stakeholders.-Directs staff in identifying, developing, implementing and maintaining processes across the enterprise to reduce information and technology risk.-Monitors compliance with the organization's information security policies and procedures among employees, contractors, alliances, and other third parties.-Design and execute penetration tests and security audits-Monitor, report and control incidents-Monitor threats and take prevention measures-Define the IT security controls with the permanent control Manager-Stay well-informed of best practices in the IT security field including from a data protection perspective, coordinate and/or evaluates new and emerging security practices and technologies, and recommends and promotes adoption as appropriate.
Recomendaciones
Sé el primero en recomendar a Ricardo
Ayuda a este freelance a destacar compartiendo tu experiencia.
Estos perfiles de freelance también coinciden con tus criterios
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Formación
- Master of Business Administration (M.B.A.), Business Administration and Management, GeneralESSEC Business School2014Master of Business Administration (M.B.A.), Business Administration and Management, General
- Master of Business Administration (M.B.A.), Business Administration and Management, GeneralUniversität Mannheim2014Master of Business Administration (M.B.A.), Business Administration and Management, General
Certificados
- Certified in Risk and Information Systems Control™ (CRISC)ISACA2018
- Certified Information Security Manager® (CISM)ISACA2017