Keywords
Skills
I am VirtualCISO Ethical Hacker,Cyber Security Senior Consultant
I am a computer security scientist with an intensive hacking background. I do have a Msc in computer engineering I am working for severals Internationals Enterprises where I do intensive researches in Penetration Testing, Vulnerability managements, Technological Risk, Security Architecture and Forensic
I am Professional with over 20 years experience in the area of information and communications technology, including 15 years of experience in networks and security infrastructure
Analytical skills to solve problems, ability to work with new technologies, adaptable to any situation, pro-activity and motivation to individual and team achievements
Self-management capacity of the learning process to successfully assume the continued improvement of my functions
My passion is to help SMBs gain a fighting chance in an increasingly hostile information security threat environment by providing part-time vCISO services.
Whether PCI , GDPR, NIST, ISO27000 and any other Security Standards gap analysis, information security risk assessments, audit remediation, strategic planning, interim CISO services, or anything else information security related, I offer you my vCISO Services, Information security ISO27001 consultancy and Policies Documentations
Stong experience in Information security and Network Security:
• Design Network security architecture
• Design Cloud Security architecture
• IT Vulnerability Assessment
• API Security Evaluation
• Cloud Security Assessment
• Active Directory Security
• Network and Web Application/Mobile Penetration Testing
• Threat Hunting,
• Red Team Program Development/Red Team Attack Simulations
• Open Source Intelligence (OSINT) Gathering
• IT Risk Management
• Incidents Response management
• Technical Writing; Information Security Policies,: ISO2700, NIST, HISPAA, PCI
• Working experience of supporting Cyber Security tools such as, McAfee, CISCO IPS,
• Citrix NetScaler, TrendMicro endpoint. Checkpoint , Bluecoat, WAF.
• Kali Linux Toolkit, Qualys, Nessus
• Office 365 security
Strong experience in QA testes
• Ability to Code Automated Tests
• Ability to Work Independently and In Team-Based Environment
• Analyze Test Results
• Project management
• Create Test Plans
• Discover Bugs Within Software
• Document Test Cases
• Develop Standards and Procedures to Determine Product Quality and Release Readiness
• Agile Development Process
• Experience With Web-Based Testing Applications
• Identify Areas of Improvement
• Identify, Isolate and Track Bugs Throughout Testing
• Identify Potential Problems Users May Encounter
Strong experiece in IT Support and admin
• Technical Supports Windows Server
• Active Directory management
• Technical Supports Azure Cloud
• Technical Supports Windows 7 and 10
• Technical Supports Office 365
• Technical writing IT Procedures,
I am a computer security scientist with an intensive hacking background. I do have a Msc in computer engineering I am working for severals Internationals Enterprises where I do intensive researches in Penetration Testing, Vulnerability managements, Technological Risk, Security Architecture and Forensic
I am Professional with over 20 years experience in the area of information and communications technology, including 15 years of experience in networks and security infrastructure
Analytical skills to solve problems, ability to work with new technologies, adaptable to any situation, pro-activity and motivation to individual and team achievements
Self-management capacity of the learning process to successfully assume the continued improvement of my functions
My passion is to help SMBs gain a fighting chance in an increasingly hostile information security threat environment by providing part-time vCISO services.
Whether PCI , GDPR, NIST, ISO27000 and any other Security Standards gap analysis, information security risk assessments, audit remediation, strategic planning, interim CISO services, or anything else information security related, I offer you my vCISO Services, Information security ISO27001 consultancy and Policies Documentations
Stong experience in Information security and Network Security:
• Design Network security architecture
• Design Cloud Security architecture
• IT Vulnerability Assessment
• API Security Evaluation
• Cloud Security Assessment
• Active Directory Security
• Network and Web Application/Mobile Penetration Testing
• Threat Hunting,
• Red Team Program Development/Red Team Attack Simulations
• Open Source Intelligence (OSINT) Gathering
• IT Risk Management
• Incidents Response management
• Technical Writing; Information Security Policies,: ISO2700, NIST, HISPAA, PCI
• Working experience of supporting Cyber Security tools such as, McAfee, CISCO IPS,
• Citrix NetScaler, TrendMicro endpoint. Checkpoint , Bluecoat, WAF.
• Kali Linux Toolkit, Qualys, Nessus
• Office 365 security
Strong experience in QA testes
• Ability to Code Automated Tests
• Ability to Work Independently and In Team-Based Environment
• Analyze Test Results
• Project management
• Create Test Plans
• Discover Bugs Within Software
• Document Test Cases
• Develop Standards and Procedures to Determine Product Quality and Release Readiness
• Agile Development Process
• Experience With Web-Based Testing Applications
• Identify Areas of Improvement
• Identify, Isolate and Track Bugs Throughout Testing
• Identify Potential Problems Users May Encounter
Strong experiece in IT Support and admin
• Technical Supports Windows Server
• Active Directory management
• Technical Supports Azure Cloud
• Technical Supports Windows 7 and 10
• Technical Supports Office 365
• Technical writing IT Procedures,
Project history
Currently I am working in an Important Bank in Venezuela
My Responsibilities:
*Build the security compliance and risk management function within the my company´s Systems
* Manage, oversee, and guide information security policy projects and tasks
* Lead security awareness and training initiatives
* Perform phishing exercises & threat assessment's on a regular cadence
* Work with teams to identify security gaps prior to Pentesting & schedule Pentesting for services
* Support compliance officer in achieving industry certifications (e.g. ISO 27001, NIST, etc)
* Lead organization’s security policy efforts and policy related activities for risk management
* Contribute security best practices to Operations strategy planning, design, implementation, and maintenance activities.
* Ensure the production environment is operating in accordance with established security procedures and best practices.
* Manages senior policy consultants or other policy analysts where applicable.
* Manages and aligns security policies to industry standards
* Acts as an advocate of information security, GRC (Governance, Risk management & Compliance), and privacy programs across the organisation.
* Maintains security policy program in accordance with industry standards and requirements.
* Prepares reports and performance metrics onsecurity policy for senior management.
* Provides expert-level analysis of policy activities including: policy impacts on IT systems; procedural integration and alignment to policy; alternatives analysis; and policy rollout or implementation plans.
* Writes, edits, and maintains information security policies, procedures, standards, and guidelines.
* Develops, manages, and maintains enterprise wide phishing campaigns to test security awareness and training.
* Develops, manages, and maintains enterprise wide security awareness and training programs.
* Collaborate closely with other departments to ensure that the information security policy, compliance, and risk management requirements are met
My Responsibilities:
*Build the security compliance and risk management function within the my company´s Systems
* Manage, oversee, and guide information security policy projects and tasks
* Lead security awareness and training initiatives
* Perform phishing exercises & threat assessment's on a regular cadence
* Work with teams to identify security gaps prior to Pentesting & schedule Pentesting for services
* Support compliance officer in achieving industry certifications (e.g. ISO 27001, NIST, etc)
* Lead organization’s security policy efforts and policy related activities for risk management
* Contribute security best practices to Operations strategy planning, design, implementation, and maintenance activities.
* Ensure the production environment is operating in accordance with established security procedures and best practices.
* Manages senior policy consultants or other policy analysts where applicable.
* Manages and aligns security policies to industry standards
* Acts as an advocate of information security, GRC (Governance, Risk management & Compliance), and privacy programs across the organisation.
* Maintains security policy program in accordance with industry standards and requirements.
* Prepares reports and performance metrics onsecurity policy for senior management.
* Provides expert-level analysis of policy activities including: policy impacts on IT systems; procedural integration and alignment to policy; alternatives analysis; and policy rollout or implementation plans.
* Writes, edits, and maintains information security policies, procedures, standards, and guidelines.
* Develops, manages, and maintains enterprise wide phishing campaigns to test security awareness and training.
* Develops, manages, and maintains enterprise wide security awareness and training programs.
* Collaborate closely with other departments to ensure that the information security policy, compliance, and risk management requirements are met
Local Availability
Only available in these countries:
Venezuela
