Mexico City, Mexico
Andrés has 17 years of experience in identity governance management, cybersecurity, risk management, SAP ERP and IT internal control. Over the past 14 years, he has strategized and implemented various technologies in IDM solutions to support and empower numerous clients in the challenge of adopting and improving identity management; from its conceptualization to materializing it in architectures for the digital access governance. Also, he has participated in the development of information security strategies and the automation of internal control monitoring focused on risks in different industries. Andres has experience in different sectors of the industry such as: financial sector, public sector, manufacturing, retail, automotive, consumption, construction and aeronautical. During the 2010, Andres had the opportunity to share and interchange knowledges of Security and IdM methodologies in PricewaterhouseCoopers Minneapolis collaborating with colleagues from US, Brazil, Mexico and India During the 2014, Andres had performed the review of SAP MM, FI, SD modules at Tremec India, related to the business processes like revenue and expenditures collaborating with colleagues at Pune, India Specialties: Identity Management / Identity Governance Access Management Privileged Access Management SAP GRC Access Control SAP GRC Process Control Project Management Office Implementation Diploma in 2018 IT Audit Programs (CGTI and SAP) ISMS Lead Auditor ITIL Foundations v3 Certified (obtained in 2010) RBAC SAP Roles Design Snow License Management Tool. SAP Security QA
- In charge of development and growing of a solid high performance Identity Management team practice in México able to support and delivery multiple projects in different industries with different technologies like SailPoint, Ping Identity, Okta, CyberArk, Microsoft from the strategy project roadmap to the post-implementation managed services. - Advisor of the Identity Management practices for LATAM countries like Peru and Costa Rica. - In charge of Propose, socialize, win, managing and delivery services with a budget from 1 MDP – 20 MDP - Part of the team in charge to step up and grow alliances with technology partners like SailPoint, Okta, Ping Identity, Microsoft and CyberArk - Advisor of SWIFT Customer Security Program framework projects
- Annual budgeting plan. - Attention to external and internal audit processes. - IT internal control enforcement through new controls implementation. - KPI’s / OKR’s design and compliance. - Robotic process automation projects. - Quality head software orchestrator. - Processes and IT maturity model.
- IT Internal Control Management. - SAP GRC Access Control Administrator 10.1. - SAP GRC Process Control 10.1 Project design, Solution Administrator and Technical team lead. - SAP Business Integrity Screening Project Design and Technical team lead. - Segregation of Duties process Advisor. - Microsoft Identity Manager Project design and administrator - On Cloud. - Azure AD apps integration. - Snow license manager administrator. - Corporate IT process, policies and procedures. - Attention to Internal / External / Quality audit processes. - SAP Roles security based on RBAC and SoD. - ABAP Security QA. - IT Governance. - Cybersecurity.
Planning and execute Audit Programs for IT and SAP Process Controls: - Materials Management - FI - Procure to Pay - Assets Management - Production - SAP GRC Access Violations - Access Control and SOD based on RBAC Combining the SAP modules with the analysis of business processes like revenue and expenditures. Planning and execution the review for the IT Areas based on ITGCS, Cobit and ITIL including adquisitions, help desk, incident and problem management, projects delivery, change management, outsourcing. Planning and execution the Logical review of the infraestructure including Vulnerability Assessments, Security controls for AIX, Windows, Databases, Networking.
Playing roles like project manager; architect and technical leader in the implementation of identity management systems like: BMC Software, SAP IdM, Oracle IdM; process automation; Design of provisioning processes; deployment and security policies development. IT Security based audits execution in the CGTI and SOX standards; analysis and processes design for users and privileges administration, development of professional services proposals; resources planning, project sizing and costs planning. Supervisor and reviewer of the project results besides status project presenter at the directive and administrative committee levels. Customers (Liverpool, Grupo KUO, Banco Azteca, PEMEX, Ceneval, ASUR, PROSA, Banco Santander, Grupo Autofin, Wal-Mart, Casas GEO, Grupo MABE, Unimarc Chile).
• Manage and Development Projects for MoviDirect (Development of a web system based on SMS for mobile phones with the following technologies: Servlets, Oracle 10g database, Sun Solaris 9 & Tomcat Web Server) • Development of a system to collect traffic calls using Visual Basic. • Billing Automation Process Management Finance of Bestel.