Carmen Martins


Last update: 23.09.2020

CyberSecurity VCISO Consultant

Graduation: Msc Telecommunications and Informations Technology
Hourly-/Daily rates: show
Languages: English (Limited professional) | French (Limited professional) | Portuguese (Full Professional) | Spanish (Native or Bilingual)


I am VirtualCISO Ethical Hacker,Cyber Security Senior Consultant

I am a computer security scientist with an intensive hacking background. I do have a Msc in computer engineering  I am working for severals  Internationals Enterprises  where I do intensive researches in Penetration Testing, Vulnerability managements, Technological Risk, Security Architecture and  Forensic

I am Professional with over 20 years experience in the area of information and communications  technology, including 15 years of experience in networks and security infrastructure 

Analytical skills to solve problems, ability to work with new technologies, adaptable to any situation, pro-activity and motivation to individual and team  achievements

Self-management capacity of the learning process to successfully assume the continued improvement of my functions

My passion is to help SMBs gain a fighting chance in an increasingly hostile information security threat environment by providing part-time vCISO services.
Whether PCI , GDPR, NIST, ISO27000 and any other Security Standards gap analysis, information security risk assessments, audit remediation, strategic planning, interim CISO services, or anything else information security related, I offer you my vCISO Services, Information security ISO27001 consultancy and Policies Documentations

Stong experience in Information security and Network Security:  
•    Design Network security architecture
•    Design Cloud Security architecture 
•    IT  Vulnerability Assessment
•    API Security Evaluation
•    Cloud Security Assessment
•      Active Directory Security
•    Network  and Web Application/Mobile Penetration Testing
•    Threat Hunting, 
•    Red Team Program Development/Red Team Attack Simulations 
•    Open Source Intelligence (OSINT) Gathering
•      IT Risk Management
•      Incidents Response management
•    Technical Writing; Information Security  Policies,: ISO2700, NIST, HISPAA, PCI
•    Working experience of supporting Cyber Security tools such as, McAfee, CISCO IPS, 
•    Citrix NetScaler, TrendMicro endpoint. Checkpoint , Bluecoat,  WAF.
•    Kali Linux Toolkit, Qualys, Nessus
•    Office 365 security 

Strong experience in QA testes
   •    Ability to Code Automated Tests
•    Ability to Work Independently and In Team-Based Environment
•    Analyze Test Results
•    Project management
•    Create Test Plans
•    Discover Bugs Within Software
•    Document Test Cases
•    Develop Standards and Procedures to Determine Product Quality and Release Readiness
•    Agile Development Process 
•    Experience With Web-Based Testing Applications
•    Identify Areas of Improvement
•    Identify, Isolate and Track Bugs Throughout Testing
•    Identify Potential Problems Users May Encounter  

Strong experiece in  IT  Support and admin

•    Technical  Supports  Windows Server 
•      Active Directory  management
•    Technical  Supports Azure Cloud
•    Technical  Supports Windows 7 and 10   
•    Technical  Supports Office 365    
•    Technical writing IT Procedures,

Project history

Currently I am working in an Important Bank in Venezuela
My Responsibilities: 
*Build the security compliance and risk management function within the my company´s Systems
* Manage, oversee, and guide information security policy projects and tasks 
* Lead security awareness and training initiatives 
* Perform phishing exercises & threat assessment's on a regular cadence 
* Work with teams to identify security gaps prior to Pentesting & schedule Pentesting for services
* Support compliance officer in achieving industry certifications (e.g. ISO 27001, NIST, etc)
* Lead organization’s security policy efforts and policy related activities for risk management 
* Contribute security best practices to Operations strategy planning, design, implementation, and maintenance activities. 
* Ensure the production environment is operating in accordance with established security procedures and best practices. 
* Manages senior policy consultants or other policy analysts where applicable. 
* Manages and aligns security policies to industry standards 
* Acts as an advocate of information security, GRC (Governance, Risk management & Compliance), and privacy programs across the organisation. 
* Maintains security policy program in accordance with industry standards and requirements. 
* Prepares reports and performance metrics onsecurity policy for senior management.
* Provides expert-level analysis of policy activities including: policy impacts on IT systems; procedural integration and alignment to policy; alternatives analysis; and policy rollout or implementation plans. 
* Writes, edits, and maintains information security policies, procedures, standards, and guidelines. 
* Develops, manages, and maintains enterprise wide phishing campaigns to test security awareness and training. 
* Develops, manages, and maintains enterprise wide security awareness and training programs. 
* Collaborate closely with other departments to ensure that the information security policy, compliance, and risk management requirements are met

Local Availability

Only available in these countries: Venezuela
Profileimage by Carmen Martins CyberSecurity VCISO Consultant from CyberSecurity VCISO Consultant