Professionalism and Experience in the Spotlight
Presentation of Skills and Successful Projects
Recent Projects
Explore my portfolio and discover unique professional experiences.
Expertise
My Professional Experiences
Serasa Experian
2023 - Actual
Project Management focused on information security mergers and acquisitions.
Delivery the strategy of security testing and provide resources to reach the minimum required security stack of target company along of the deal negotiation time. Management of the integration phase after deal conclusion to the target meet the Experian GRC and security stack in place accordingly with each deal plan.
Previous Experience
Cipher
2022 - 2023
Management of security tools like Palo Alto Firewalls, Cortex XDR Endpoints, CyberArk Vault and Forcepoint Email Security with a focus on continuous improvement. High level demand management and solution of highly specific demands focusing on the environment. Implementation of security tools projects such as EDR/XDR, Email Security, Cloud (CIEM) and practical development of information security culture.
Active participation in decision-making meetings regarding integration, improvement with a consultative focus on customer demands relating to managed products. Knowledge sharing both with the Cipher team and with the Client for better decision-making in terms of improvements or in a crisis. Study of new technologies focusing on the current Cipher scenario and dissemination of training and information for people from the Cipher team on Palo Alto Technologies
Service IT
2019 - 2022
Main Activities: Implementation of new projects, administration of the SI/SOC environment and management of security demands, with emphasis on SIEM LogRhythm, Password Vault IBM SS, Firewall Palo Alto and development and improvement of the environment.
Risk management and vulnerability analysis according to results obtained through VM tools like Qualys and Tenable and correlating with results from log sources coming from SIEM.
Endpoint and security event management (XDR) with CrowdStrike on servers, workstations and mobile devices.
Activities related to security, vulnerability correction, assessment and compliance according to ISO 27001 and ISO 9001 standards and standardization of rules in equipment such as F5 BigIP, Cisco ASA, Oracle Exadata, among others.
Application of Security Frameworks NIST, OWASP and MITER ATT&CK
AGIL, ITIL and COBIT methodologies.
Development of internal projects from RFP sizing and GRC deployment focused on internal and third-party data governance with Securiti.AI software.
Active participation in the information security integration committee, promoting and disseminating an IS culture and implementing Processes and Procedures in accordance with guidelines, standards and best market practices aimed at business rules.