• With over 19+ years of experience in Information Security, specializing in design, architecture, implementation, support, and configuration.
• Proven ability to secure complex technologies and ensure compliance for global organizations across multiple industries.
• A collaborative leader with excellent communication, analytical, and project management skills.
• Extensive knowledge of international information security standards, including ISO 27001, NIST, HIPAA, HITRUST, PCI DSS, GDPR, LFPDPPP, SSAE, COBIT, SDLC, DSAG, EAS-SEC for SAP, OWASP, SOX, COSO, and GXP.
• Highly skilled in designing effective and innovative cyber security solutions, with a track record of delivering results and adding value to clients.

• Information Security
• Identity and Access Management
• Project Management
• Time Management
• Security Controls
• Technical Security Architecture
• Strong Work Ethic
• Self-Confidence
• Regulatory Compliance
• Cloud Security
• Problem Solving
• Flexibility/Adaptability

• Information Security: CISA, CISM, CRISC, CGEIT, CPDSE, ISO 27001
• Cloud Certifications:AWS: Solutions Architect Professional, Security Specialty, DevOps Engineer Professional
  Azure: Security Engineer Associate
  Google: Professional Cloud Security Engineer
• Project Management: PMP, SCRUM Master, TOGAF 9.2, ITIL Fundamentals V3, CCNA
• SAP Certifications:SAP Certified Technology Professional - System Security Architect
  SAP Certified Application Associate - SAP Access Control 12.0
  SAP Certified Associate - SAP Activate Project Manager

Role: Solutions Architect Lead Cyber Security USA/LATAM
Timeline: February 2023 – Present

Responsibilities:

• Design comprehensive security solutions to protect organizational digital assets and information systems.
• Provide implementation best practices and standards for securing networks, systems, and applications across all cybersecurity domains, including IAM, VM, BCP, SOC, NOC, DFIR, GRC, Security Architecture, IT Audit, and Governance.

Kinect
Role: Principal Security Architect
Timeline: January 2022 – February 2023 | Mexico City, MX

Responsibilities:

• Designed and implemented security measures to protect data on public clouds against unauthorized access, including secure authentication, encryption, access control lists, and intrusion detection systems.

Novartis
Role: Global Senior Manager ISC (Application Security)
Timeline: September 2015 – May 2021 | Mexico City, MX

Responsibilities:

• Managed global information security project management, planning, and design of robust security architecture for various IT applications.
• Defined and implemented procedures, information security policies, and IT governance, focusing on data privacy, IAM, DLP, and incident response.

Grupo México
Role: Information Security and GRC Manager
Timeline: May 2015 – September 2015 | Mexico City, Peru, and USA

Responsibilities:

• Implemented the Information Security Management Framework (ISMS) to manage risks to information assets.
• Managed threat and vulnerability management programs, including security technology upgrades and assessments.

PricewaterhouseCoopers
Role: Senior Information Security and GRC Consultant
Timeline: January 2015 – May 2015 | Mexico City, LATAM, and US/CA

Responsibilities:

• Led major projects to enhance the security of patient information and developed policies and procedures to meet regulatory requirements.

IBM Global Services
Role: Application Security Security Consultant Advisor
Timeline: February 2014 – August 2014 | Washington D.C., USA

Responsibilities:

• Implemented an application security program (DAST and SAST) at the enterprise level to identify and remediate security vulnerabilities in various environments.

T-Systems
Role: Information Security Team Lead
Timeline: May 2013 – February 2014 | Puebla, MX

Responsibilities:

• Led a technical security team supporting various SAP landscapes, overseeing vulnerability management and security event monitoring.

Smurfit Kappa
Role: Senior Information Security Analyst
Timeline: April 2011 – May 2013 | Mexico City, MX

Responsibilities:

• Developed global information security standards, led audit remediation, and architected security roles for SAP technologies.

Ernst & Young
Role: Information Security Auditor
Timeline: November 2010 – April 2011 | Mexico City, MX

Responsibilities:

• Conducted IT security audits across various disciplines, focusing on GRC and compliance.

Casa Cuervo S.A. de C.V.
Role: IT Human Resources Analyst
Timeline: December 2006 – August 2010 | Mexico City, MX

Responsibilities:

• Managed personnel administration and implemented access control for HR data.