Román Mesa Martínez
Cybersecurity & Cloud Director at Meta-Data- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
-
Español -
-
Inglés -
Topline Score
Bio
Credentials
-
Certified - IriusRisk Threat Modeling
IriusRiskOct, 2023- Sep, 2024 -
Generative AI Fundamentals
GoogleAug, 2023- Sep, 2024 -
Professional Cloud DevOps Engineer
GoogleJan, 2023- Sep, 2024 -
Professional Machine Learning Engineer
GoogleDec, 2022- Sep, 2024 -
Chronicle SIEM fundamentals
ChronicleNov, 2022- Sep, 2024 -
Diplomado en Seguridad Informática Ágil
Instituto de CiberdefensaAug, 2022- Sep, 2024 -
Intermediate MITRE ATT&CK
AttackIQAug, 2022- Sep, 2024 -
Strategic Cybersecurity Management
AttackIQAug, 2022- Sep, 2024 -
Certified Information Systems Security Professional (CISSP)
(ISC)²Apr, 2022- Sep, 2024 -
Certified Data Privacy Professional
ISMS ForumNov, 2021- Sep, 2024 -
Professional Cloud Network Engineer
GoogleJul, 2021- Sep, 2024 -
Professional Data Engineer
GoogleJul, 2021- Sep, 2024 -
Cloud Digital Leader
GoogleJun, 2021- Sep, 2024 -
Well-Architected Proficient
Amazon Web Services (AWS)Apr, 2021- Sep, 2024 -
Professional Google Workspace Administrator
GoogleMar, 2021- Sep, 2024 -
Professional Cloud Architect
GoogleFeb, 2021- Sep, 2024 -
Professional Cloud Security Engineer
GoogleFeb, 2021- Sep, 2024 -
ACA Cloud Computing Certification
Alibaba CloudDec, 2020- Sep, 2024 -
AZ-303 Microsoft Azure Architect Technologies
MicrosoftNov, 2020- Sep, 2024 -
BTA Certified Blockchain Security Professional
Blockchain Training AllianceAug, 2020- Sep, 2024 -
AWS Certified Solutions Architect – Associate
Amazon Web Services (AWS)Jun, 2020- Sep, 2024 -
Certificate of Cloud Security Knowledge (CCSKv4)
Cloud Security AllianceJun, 2020- Sep, 2024 -
Certified Data Privacy Solutions Engineer™ (CDPSE™)
ISACAJun, 2020- Sep, 2024 -
ThePowerMBA
ThePowerMBAJan, 2020- Sep, 2024 -
Management 3.0
Management 3.0Nov, 2016- Sep, 2024 -
Certified in Risk and Information Systems Control™ (CRISC)
ISACAJun, 2016- Sep, 2024 -
Product Owner Accredited Certification
International Scrum Institute™Jun, 2015- Sep, 2024 -
PRINCE2
APM GroupFeb, 2013- Sep, 2024 -
Certified Information Systems Auditor® (CISA)
ISACAFeb, 2012- Sep, 2024 -
Certified Information Security Manager® (CISM)
ISACAJan, 2012- Sep, 2024 -
Foundation Certificate in Information Security ISO/IEC 27002
EXINJul, 2010- Sep, 2024
Experience
-
Meta-Data
-
Spain
-
IT Services and IT Consulting
-
1 - 100 Employee
-
Cybersecurity & Cloud Director
-
Jan 2022 - Present
Act as CISO and DPO for companies providing the strategic vision and helping these companies to grow in the degree of maturity related to Cybersecurity. Advisor for companies that consider important the data & cybersecurity of their organization, how to treat and work with it. Zero Trust architecture specialist, from design & implementation thru governance, authentication, authorization, identity, credential and access management. Act as CISO and DPO for companies providing the strategic vision and helping these companies to grow in the degree of maturity related to Cybersecurity. Advisor for companies that consider important the data & cybersecurity of their organization, how to treat and work with it. Zero Trust architecture specialist, from design & implementation thru governance, authentication, authorization, identity, credential and access management.
-
-
-
Profesional independiente
-
Business Consulting and Services
-
700 & Above Employee
-
Technology and Cybersecurity Advisor
-
Dec 2021 - Aug 2022
Consultant and advisor to organizations that need help with vision, strategy and leadership in their digital transformation and agile innovation journeys. Specialized in Digital Transformation, Cybersecurity, Cloud, Regulatory Compliance and with focus on companies related to Financial Services, Telcos, Hospitality and Healthcare. I have helped several companies with their load moves to public clouds, security architectures definition, DevSecOps processes and faster adoption of agile methodologies. Also act as Zero Trust specialist defining architectures, stablishing the government, and all identity management from enrollment, through authentication, authorization, access and credential management. Show less
-
-
-
Citibanamex
-
Banking
-
700 & Above Employee
-
Director of Next Generation Payments
-
Jun 2020 - Dec 2021
Responsible for the technological and cultural transformation of the engineering teams in the payment area. With the goal of accelerating the digital transformation, create a Delivery team focused on moving workloads to the cloud, automating, ensuring regulatory compliance, security and accelerating development delivery. Rip and replace project based in Cloud and with Zero Trust approach. Responsible for the technological and cultural transformation of the engineering teams in the payment area. With the goal of accelerating the digital transformation, create a Delivery team focused on moving workloads to the cloud, automating, ensuring regulatory compliance, security and accelerating development delivery. Rip and replace project based in Cloud and with Zero Trust approach.
-
-
-
BBVA Next Technologies
-
Spain
-
Software Development
-
700 & Above Employee
-
Local CISO
-
Jun 2018 - Jun 2020
-
-
Head of Cyber Security Delivery Services
-
Dec 2015 - Jun 2018
-
-
Cyber Security Manager
-
Mar 2013 - Dec 2015
Cybersecurity Engineer in the Innovation Labs Department in BBVA:- Definition of the Security Architectures for all inovation projects.- Creation of a new Sox Control Framework for the Digital Banking area.- CISO of a project under the PCI-DSS Standard. First Bank in storage Credit Cards Numbers in Cloud (AWS) Product Owner of 3 security software products. Responsible for the roadmap and evolution of the products:- Armadillo: Identity Management Service for BBVA. Using XACML Scheme we built the PAP, PDP, PIP, PEP & PRP. - Chymera: SecDevOps product. Definition of the Security controls and tools in the pipelines. - Chameleon: Cryptography product that manage the keys (using HasiCorp Vault), Certificates and Tokenization algorithms. Show less
-
-
IT Governance, Risk and Security
-
Mar 2012 - Mar 2013
Development of Cyberecurity Management plan for BBVA.Manager of teams responsible for the deployment of technologies to prevent fraud in the financial sector, with scope in Spain, Latin America and the United States. After the deployment fraud was reduced by 40%.Project risk analysis and action plans.
-
-
-
Informática y Control de Navarra S.L.
-
Spain
-
IT Services and IT Consulting
-
1 - 100 Employee
-
Cyber Security Consultant
-
2005 - Mar 2012
Definition and development of Cybersecurity Plans. Business continuity plans. BS25999. Compliance with the legal framework. Responsible for security audits in SMBs. ISO 27000 Adaptations, CobIT, ITIL. Main clients: Voklswagen Navarre, Fagor, Faurecia, Navarre Government and Vegamayor. Definition and development of Cybersecurity Plans. Business continuity plans. BS25999. Compliance with the legal framework. Responsible for security audits in SMBs. ISO 27000 Adaptations, CobIT, ITIL. Main clients: Voklswagen Navarre, Fagor, Faurecia, Navarre Government and Vegamayor.
-
-
Education
-
Universidad Politécnica de Madrid
Máster en Seguridad de la Información ALI-UPM, TIC -
ThePowerMBA
Programa ThePowerMBA, Business Expert - Gestión y Administración de Empresas -
Universidad Europea
Grado, Ingeniería informática -
ThePowerMBA
ThePowerDigitalMarketing, Marketing Expert -
ALI - Asociación de Ingenieros e Ingenieros Técnicos en Informática
Dirección y Gestión de Proyectos en Ingeniería en Informática, Gestión de proyectos de tecnología de la información, PMP, Prince2 -
ALI - Asociación de Ingenieros e Ingenieros Técnicos en Informática
Dictámenes, Peritajes en Informática e Informática Forense -
ALI - Asociación de Ingenieros e Ingenieros Técnicos en Informática
Proyectos de Adecuación de los Sistemas Informáticos a las leyes LOPD, LSSI y RD1720 -
Universidad de Zaragoza
Ingeniería, Tecnología informática/Tecnología de sistemas informáticos