Freelancer profile translated to English.

Description

I am a senior consultant in GRC (Governance, Risk & Compliance) and a technical writer specializing in cybersecurity, financial regulation, and regulatory compliance, with over 10 years of experience in highly regulated financial sector entities (Triodos Bank, CaixaBank, Santander).

- ISO/IEC 27001 Lead Auditor (certification in progress, April 2026).

- Executive MBA from IE University.

- Master's in Digital Law, Cybersecurity, and AI (UNIR).

- Law Degree. CPCC — Cybersecurity, Privacy & Cyber Compliance (ISMS Forum).

What I do:

— Technical Writing: white papers, guides, and thought leadership on DORA, NIS2, ISO 27001, ENS, and GDPR. Rigorous content that any audience understands.

— LinkedIn Ghostwriting: I write in your voice so you have a presence without dedicating time. I have written for executives for years.

— GRC/ISMS Documentation: policies, procedures, master plans, KPIs/KRIs, and executive reporting. Documentation that passes audits because it's written by someone who has been on the other side.

— Regulatory Communication: I translate DORA, NIS2, or ISO 27001 for investors, clients, and management teams without losing rigor.

You don't need to explain to me what a GAP analysis or a risk treatment plan is. I've managed them firsthand. That means less briefing, fewer revisions, and a better outcome.

I work with GRC consultancies, fintechs, tech law firms, compliance software providers, and executives who want visibility on LinkedIn.

Have a project? I'll respond in under 24 hours.

Industry field of expertise

Languages

Spanish
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Madrid (up to 50km)

Lawyers for projects
Cybersecurity GRC Manager
July 2025 - Today (11 months)
Madrid, Spain
Projects for ENS implementation, risk analysis with MAGERIT v3 and ISO 27005, definition of controls, and preparation of ISMS documentation with full regulatory traceability.
artificial intelligence DORA GRC Cybersecurity ISO 27001
Triodos Bank NV
MANAGER-GOVERNANCE, COMPLIANCE & DIGITAL RISK
BANKING AND INSURANCE
April 2015 - July 2025 (10 years and 3 months)
Comprehensive management of technological risks in a regulated banking environment. ISO 27001, supervision of critical ICT suppliers, reporting to governing bodies, preparation of internal and external audits, security KPIs/KRIs.
Lean management GDPR NIS2 DORA ISO 27001
Transcom
LEGAL MANAGER – BUSINESS LEGAL DEPARTMENT
April 2009 - April 2015 (6 years)
Madrid, Spain
Managed a unit of 12 people, drafted governance documentation, designed procedures, and standardized documentation for clients in the financial sector.
Workflow automation Regulatory Compliance KPIs & SLAs Audit Governance