| 20,000+ Fresh Resumes Monthly | |
|
|
| | Click here or scroll down to respond to this candidateCandidate's Name , CISA, CISM, CISSPBoca Raton, FL PHONE NUMBER AVAILABLEEMAIL AVAILABLE https://LINKEDIN LINK AVAILABLECybersecurity Governance Risk and Compliance Data Privacy IT AuditConsummate IT professional who is passionate about Cybersecurity. Deep knowledge and proven experience on IT Governance, Risk and Compliance (GRC) and Data Privacy. Keen ability to establish key relationships and communicate effectively at all corporate levels. Exceptional critical thinking ability, curiosity, and a passion for learning and researching. Proven leader skilled at strategic planning with a strong commitment to deliver excellence.Cybersecurity Risk ManagementIT Change ManagementData Privacy analysis and mgmt.Program Project ManagementThird-Party Risk ManagementCybersecurity Threat MgmtIT Audit Planning and ManagementVulnerability ManagementIT Control AssessmentSecurity Architecture DesignCloud Security Risk ReviewHIPAA ComplianceSOX IT AuditApplication and Network SecurityPCI DSS CertificationPROFESSIONAL EXPERIENCESANTANDER US, Miami, FL Oct 2023 - Dec 2023Cloud Cybersecurity Risk Consultant ContractAWS Risks & Controls Review - Second Line of SupportCybersecurity Risk analysis of the Banks platform migration to the AWS Cloud platform and identification/analysis of Cybersecurity risks.TELEVISA-UNIVISION, Doral, FL Jan 2022 Feb 2023IT Governance, Risk and Compliance Manager (GRC)Televisa-Univision is a US/Mexican multimedia conglomerate created in March 2022 through the merger of Univision and Televisa, with cable, digital and audio networks covering 29 countries.Managed the Cybersecurity Vulnerability Assessment and Threat Management processes in partnership with the CISO and IT infrastructure teams, integrating the results with the Risk Management process.Led the integration of the IT Governance processes for Univision and Televisa (400+ Policies, Standards and Procedures). That was a critical requirement to execute their merger.Coordinated the migration of the TelevisaUnivision IT platform to Google Cloud for the Cybersecurity domain.Cybersecurity Risk Management and compliance attestation for administrative and financial systems running on the AWS cloud (EC2 SaaS).Chaired the Change Advisory Board (applications and Infrastructure).Managed the 2022 SOX IT program and attestation for Televisa and Univision.Managed the IT Compliance Self-Assessment program, performing over 1.4K tests in 2022.Defined and implemented a new Cybersecurity Risk Management program for the US and Mexico subsidiaries, based on ISO and NIST frameworks.Coordinated the review of SOC 1-2 reports from 12 critical vendors to support the Vendor Management program.Reported GRC indicators directly to the IT Executive Committee and all constituents, providing rich, timely and clear information.Candidate's Name EMAIL AVAILABLE Page 2CAPGEMINI BUSINESS SERVICES, Pensacola, FL Oct 2018 Jan 2022Risk and Compliance ManagerLed the Cybersecurity Risk and Compliance function for 22 large health insurance companies (Capgeminis clients), with direct responsibility for their Information Security programs and 3rd Party Risk Management.Managed the Cybersecurity Risk Management function for Capgeminis Financial Services segment in the Americas, covering Cybersecurity risks in the domains of applications, network and infrastructure.Coordinated the Change Advisory Board for Information Security matters.Supported Cybersecurity compliance requirements from 21 health insurance customers, including coordination external audits, HIPAA attestation, PCI DSS certification, SOC 1-2 reports, BCP and Disaster Recovery (DR planning and tests).Managed the annual review of InfoSec policies, procedures, and standards for the Americas.Achieved/maintained industry certifications, such as ISO 27001, ISO 27701, ISO 22301 and PCI-DSS.Led the architecture design function for Cybersecurity, with direct involvement with the application, network, and infrastructure teams. These included applications running in EC2 (AWS).Defined and implemented the Privacy Program for the Americas, in compliance with ISO 27701 and GDPR regulations. The implementation was successfully certified by an external audit company.EIS GROUP, San Francisco, CA April 2014 Jan 2018Delivery Director for Latin AmericaLed the company startup in Latin America.Managed the relationship with our customers in Latin America to ensure platform compliance to their local legal and institutional regulations, policies, and standards.Established partnerships with consulting firms in Latin America, including Cognizant and IBM.Managed the sales and pre-sales activities in Latin America.eBaoTech, Shanghai, China April 2010 Apr 2014Delivery Director for the AmericasCoordinate the customization of the eBaoTech insurance suite for the Latin America market.Implemented the enterprise solution in 3 global insurance companies.Established a successful partnership with IBM in Latin America.Managed the sales and pre-sales activities in Latin America.ASSURANT, Miami, FL April 2008 Jan 2010CIO, IT InternationalManaged a global team of 200+, located in the US, Canada, Latin America, Europe and Asia.Oversaw IT governance, IT Risk and Compliance, Cybersecurity, strategic planning, application development and data center operations.Consolidated 2 regional data center hubs (Ireland and Argentina) into the USA, achieving relevant savings and major quality improvements.Consolidated insurance applications into a global platform.CITIBANK, Fort Lauderdale, FL May 2002 Jan 2008Audit and Risk Review DirectorGlobal liaison for 49 auditors located in the USA, Latin America, Europe, and Asia, covering business applications, end-user computing, information security, operations and business continuity.Developed and implemented a risk-based methodology for business application reviews, which streamlined the coverage of over 3,500 corporate applications.Lead auditor for Technology Infrastructure entities covering multiple complex platforms (Mainframe, AS400, Oracle, DB2, Win-SQL, UNIX, LAN, WAN and Voice).Coordinated the audit plans for the technology entities in Latin America (16 countries).Candidate's Name EMAIL AVAILABLE Page 3RELEVANT EDUCATION & CERTIFICATIONSBachelor of Science (BS), Accounting, University of Phoenix, Phoenix, AZBachelor of Science (BS), Industrial Engineering,, Universidade Federal do Rio de Janeiro,, RJ, BrazilApplication Design (Graduate Extension) - Pontificia Universidade Catolica do Rio de Janeiro, RJ, BrazilMSc Cybersecurity (Ongoing) - Georgia Institute of Technology, Atlanta, GACISSP Certified Information Systems Security Professional ISC2, 2023CISA Certified Information Systems Auditor ISACA, 2018CISM Certified Information Security Manager ISACA, 2016CPSP - Certified Payment Security Practitioner (PCI-DSS) Network Intelligence, 2021CPFA - Certified Professional Forensic Analyst Network Intelligence, 2021CWASP - Certified Professional WEB Application Security Professional Network Intelligence, 2020SCCP - Certified Secure Cloud Professional Network Intelligence, 2021Privacy for Professionals Georgia Tech / IAPP, 2024 |