You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
Malt Strategy
Xavier D.XD

Xavier D.

Fractional CISO | SaaS, ISO 27001 & Audit Readines

950 €/día
Barcelona, ES
8-15 años
ISO 27001
Risk Assessment
Security Assessment & Testing
Fractional CISO / Virtual CISO
Security roadmap

Tiempo medio de respuesta: 1h

Acerca de Xavier

Independent Fractional CISO (vCISO) and Cybersecurity Advisor supporting SaaS and regulated organizations in building scalable, audit-ready, and business-aligned security programs.

I bring 20+ years of IT experience and 12+ years in cybersecurity, including hands-on roles as CISO and Security Manager. I specialize in translating regulatory and risk requirements into clear, pragmatic security strategies that support growth, customer trust, and executive decision-making.

I typically operate across two levels of engagement:

• Advisory & structured support — defining strategy, governance, and risk priorities, and supporting executive teams in decision-making

• vCISO / ownership roles (dedicated engagements) — where formal responsibility is required (e.g. regulatory interaction, governance ownership, incident accountability)

Typical engagements include:

– Fractional / Virtual CISO support (advisory or structured engagements)
– ISO 27001 readiness and audit preparation
– Cybersecurity risk assessments and gap analysis (ISO / NIST)
– Incident readiness and crisis management advisory (governance-level, non-operational)

I work directly with CEOs, CTOs, and executive teams, helping them prioritize risks, structure security initiatives, and make informed decisions in complex environments.

My approach is pragmatic, risk-based, and focused on outcomes:

✔ Passing audits
✔ Closing enterprise clients
✔ Building security that scales with the business

Engagements are structured based on the level of responsibility and involvement required, ranging from advisory support to full responsibility roles depending on business needs and regulatory context
Recursos humanos
Servicios bancarios y financieros
Seguros Medicos
Seguros
Construcción

  • Español

    Bilingüe o nativo

  • Inglés

    Competencia profesional completa

  • Catalán

    Bilingüe o nativo

Acepta trabajo presencial
Barcelona (hasta 50 km)

Experiencia

  • Independent
    Fractional (CISO) | Cybersecurity & Compliance Advisor
    febrero de 2026 - Hoy (4 meses)
    Barcelona, España
    Independent fractional CISO (vCISO) supporting SaaS and regulated organizations in building audit-ready security programs, with a focus on governance, risk, and executive decision-making.
    Fractional CISO / Virtual CISO Cybersecurity Management ISO 27001 audit readiness
  • GRUPO CONSTRUCÍA| Compensa Capital Humano (Howden Group)
    Chief Information Security Officer (CISO) | SaaS & Regulated Environments
    enero de 2016 - enero de 2026 (10 años)
    Barcelona, Spain
    • Directed security governance, strategy and compliance programs including the implementation of ISO 27001, GDPR, and NIST aligning with business objectives and regulatory demands
    • Supervised and managed security risks and gap analysis, implementing policies, procedures, and controls to strengthen organizational security .
    • Optimized business continuity planning (BCP, BIA), ISO 27001 and GDPR (data protection), maintaining a continuous compliance roadmap.
    • Ensure cloud and SaaS security compliance and initiatives on Microsoft Azure, SaaS, IaaS) and secure (systems and applications) architecture approvals.
    • Established and embedded a security-first culture, training teams and raising company-wide security awareness.
    • Coordinated cross-functional incident response teams, integrating SOC escalation workflows and executive communication protocols.
    ISO 27001 Gap analysis Security Compliance Cybersecurity Management Security Policies & Procedures Documentation
  • Private
    Information Security & Compliance Management
    RECURSOS HUMANOS
    enero de 2012 - enero de 2016 (4 años)
    Barcelona, España
    Established foundational security frameworks based on ISO 27001 and ISO 27002.
    Developed and enforced security policies, managed data protection (GDPR), and ensured business continuity.
    Led internal audits and vendor risk assessments to strengthen the organization’s security posture.

    ➡️ Focused on building compliance and governance from the ground up.

    Performed vulnerability assessments, managed incident response processes, and supported ISAE3402 and ISO audits.
    Provided expert guidance to enhance risk visibility and implement technical and procedural controls.

    ➡️ Expanded expertise in audit readiness and security assurance.
    ISO 27001 Risk Assessment Security Compliance Cybersecurity Management Security Policies & Procedures Documentation

Recomendaciones

Sé el primero en recomendar a Xavier

Ayuda a este freelance a destacar compartiendo tu experiencia.

Estos perfiles de freelance también coinciden con tus criterios

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Registrarse para verlos

Formación

  • Cybersecurity CC: Certified "ISC2"
    ISC2
    2025
  • MASTER DE SEGURIDAD DE LA INFORMACIÓN
    IMF FORMACION
    2017
    PROFESSIONAL POSTGRADUATE
Mira la formación de Xavier

Certificados

  • LEAD AUDITORI ISO 27001
    BSI
    2016

Conjunto de habilidades profesionales

Government Reporting Compliance
Cybersecurity Management
Security Compliance
ISO 27001 implementation
ISO 27001 audit readiness
Risk management framework
Executive Advisory
Incident response governance
Gap analysis
Security Policies & Procedures Documentation

Categorías