Barcelona, Catalonia, Spain
Information Technology and Security practitioner experienced in leading programs focused on client assurance, risk management, business resilience and IT operations for large multi-national corporations. Driver of business goals and projects with cross functional functions and external partners. Results-oriented leader with ability to manage virtual teams and deliver client excellence. Passionate about identifying business risks and developing and implementing programs to address them. Specialties: Information, Systems and Application Security/ large productive IT environments/ Service Delivery / Operations Regulatory Adherence and Compliance/ Policy Planning / Implementation/ Data Integrity / Disaster Recovery/ Risk Assessment / Business Resiliency/ Incident Response / Crisis Management/ Information Security Governance Third Party Risk Assurance
As Head of B.Braun's Cyber Defence Center (CDC) I... - lead the CDC Service Line with high level of integrity and quality of service, - offer a 24x7 security operations and monitoring service, with distributed teams across the world. - ensure the regular execution of vulnerability scans, penetration tests and threat hunting for all B.Braun divisions, - oversee and empower incident and crisis response, including compliance with NIS2, DORA, Kritis and other regulations - partner with IT, OT, Legal and other teams to ensure adoption of the company's security posture, - lead cyber threat intelligence efforts to identify and mitigate potential threats, - operate the corporate security tools, such as EDR, SIEM, SOAR, mail security, internet security, certificate management, etc - establish KPIs, SLAs, and executive reporting to clearly communicate cyber risk, trends, and operational effectiveness to senior leadership, - manage the budget and vendors from the CDC, - ensure optimal use of resources while aligning with business priorities.
Focused on risk and compliance linked to end-to-end cloud deployment strategy for EMEA South region: • public cloud (AWS, Google Cloud, Azure, Alibaba) and co-lo providers • data center coverage in accordance to regulatory and market needs, • compliance & data residency (Spanish ENS, Italian Cloud Technology Strategy, Israeli Project Nimbus, etc ) • contracts with customers and third-parties Security Officer with customers, government regulators and SAP teams for Information Security, Technology and Privacy: • Discussion with government officials regarding new regulations on data protection and residency • best advice and assistance in the cloud security and compliance domain • Support to internal teams (Sales, Product, Legal) to establish lasting customer relationships Government Secrecy & Security: new policy and service model
Security officer for Fortune100 corporations for security and privacy queries and escalations Global program of Security services and processes based on risk framework Alignment of security programs and policies with business and market needs Risk assessment for regulatory and market requirements (NIST, EBA guidelines, etc) Development and deployment of a new Security program for GDPR at corporate level Lead of Information Security, Privacy and Compliance audits Client and Third-party management Privacy by Design policy definition International team leader (virtual and on-site directs)
Client’s IT Advisor for outsourced services Service Level and portfolio management (KPIs, new services and culture, etc) Contract negotiations with clients and third-parties IT project management Problem and issue management for IT Operations (3 regions, on-site and off-shore) Audit lead (SSAE 18) Product vulnerability management & third-party pentesting Compliance with Legal and market standards
Previously working as trainee Joining directly BCN Solution Center Set-up and management of IT services: SAP Enterprise Portals 5.0 6.0, R/3 4.6C, 4.6D, ECC 5.0, XI 3.0. World-wide projects Leading IT teams