Cybersecurity & Cloud Director

• Jan 2022 - Present

Act as CISO and DPO for companies providing the strategic vision and helping these companies to grow in the degree of maturity related to Cybersecurity. Advisor for companies that consider important the data & cybersecurity of their organization, how to treat and work with it. Zero Trust architecture specialist, from design & implementation thru governance, authentication, authorization, identity, credential and access management. Act as CISO and DPO for companies providing the strategic vision and helping these companies to grow in the degree of maturity related to Cybersecurity. Advisor for companies that consider important the data & cybersecurity of their organization, how to treat and work with it. Zero Trust architecture specialist, from design & implementation thru governance, authentication, authorization, identity, credential and access management.

Technology and Cybersecurity Advisor

• Dec 2021 - Aug 2022

Consultant and advisor to organizations that need help with vision, strategy and leadership in their digital transformation and agile innovation journeys. Specialized in Digital Transformation, Cybersecurity, Cloud, Regulatory Compliance and with focus on companies related to Financial Services, Telcos, Hospitality and Healthcare. I have helped several companies with their load moves to public clouds, security architectures definition, DevSecOps processes and faster adoption of agile methodologies. Also act as Zero Trust specialist defining architectures, stablishing the government, and all identity management from enrollment, through authentication, authorization, access and credential management. Show less

Director of Next Generation Payments

• Jun 2020 - Dec 2021

Responsible for the technological and cultural transformation of the engineering teams in the payment area. With the goal of accelerating the digital transformation, create a Delivery team focused on moving workloads to the cloud, automating, ensuring regulatory compliance, security and accelerating development delivery. Rip and replace project based in Cloud and with Zero Trust approach. Responsible for the technological and cultural transformation of the engineering teams in the payment area. With the goal of accelerating the digital transformation, create a Delivery team focused on moving workloads to the cloud, automating, ensuring regulatory compliance, security and accelerating development delivery. Rip and replace project based in Cloud and with Zero Trust approach.

Local CISO

• Jun 2018 - Jun 2020

Head of Cyber Security Delivery Services

• Dec 2015 - Jun 2018

Cyber Security Manager

• Mar 2013 - Dec 2015

Cybersecurity Engineer in the Innovation Labs Department in BBVA:- Definition of the Security Architectures for all inovation projects.- Creation of a new Sox Control Framework for the Digital Banking area.- CISO of a project under the PCI-DSS Standard. First Bank in storage Credit Cards Numbers in Cloud (AWS) Product Owner of 3 security software products. Responsible for the roadmap and evolution of the products:- Armadillo: Identity Management Service for BBVA. Using XACML Scheme we built the PAP, PDP, PIP, PEP & PRP. - Chymera: SecDevOps product. Definition of the Security controls and tools in the pipelines. - Chameleon: Cryptography product that manage the keys (using HasiCorp Vault), Certificates and Tokenization algorithms. Show less

IT Governance, Risk and Security

• Mar 2012 - Mar 2013

Development of Cyberecurity Management plan for BBVA.Manager of teams responsible for the deployment of technologies to prevent fraud in the financial sector, with scope in Spain, Latin America and the United States. After the deployment fraud was reduced by 40%.Project risk analysis and action plans.

Cyber Security Consultant

• 2005 - Mar 2012

Definition and development of Cybersecurity Plans. Business continuity plans. BS25999. Compliance with the legal framework. Responsible for security audits in SMBs. ISO 27000 Adaptations, CobIT, ITIL. Main clients: Voklswagen Navarre, Fagor, Faurecia, Navarre Government and Vegamayor. Definition and development of Cybersecurity Plans. Business continuity plans. BS25999. Compliance with the legal framework. Responsible for security audits in SMBs. ISO 27000 Adaptations, CobIT, ITIL. Main clients: Voklswagen Navarre, Fagor, Faurecia, Navarre Government and Vegamayor.