About Ana
Projects are budgeted at a fixed price
Services
Portuguese
Native or bilingual
German
Conversational
English
Native or bilingual
Experience
- Independent Governance,Risk & Security ConsultantCONSULTING AND AUDITSSeptember 2025 - Today (10 months)• • Developing an AI Governance and Implementation Framework to support organisations in the secure, compliant, and business-aligned adoption of Artificial Intelligence.• • Designing and developing professional training programmes across Information Security, GRC, and AI governance.
- Smarttech247Head of GRC and Professional ServicesApril 2023 - July 2025 (2 years and 3 months)• • Led the delivery of Information Security and GRC consultancy services, including ISO/IEC 27001 implementations, maturity assessments, gap analyses, third-party risk management, incident response, and business continuity initiatives.• • Established and led the Supplier Security Risk Management and Data Security Services practice, developing pragmatic assessment frameworks aligned with ISO/IEC 27001, NIST CSF 2.0, DORA, and NIS2.• • Directed a team of 7 security consultants, overseeing project delivery, capability development, and quality assurance across multiple client engagements.• • Supported 5 organisations in achieving ISO/IEC 27001:2022 certification and spearheaded Smarttech247's own ISO 27001:2022 transition, ensuring successful recertification and alignment with evolving organisational requirements.• • Established and led supplier security maturity programmes, overseeing the development of integrated assessment approaches across supplier risk management, application security, privacy, and broader governance practices.
- Smarttech247Governance Risk and Compliance ManagerJuly 2022 - March 2023 (8 months)• • Managed the GRC function, expanding Supplier Security Risk Management services and enhancing organisational GRC maturity.• • Enhanced the organisation's Integrated Management System to support evolving security, governance, and compliance requirements.• • Designed and implemented third-party risk assessment methodologies, processes, and registers supporting ISO/IEC 27001:2022 certification programmes.• • Strengthened supplier governance and regulatory compliance through alignment with GDPR, ISO/IEC 27001, and related security requirements.
Recommendations
Be the first to recommend Ana
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- University degree in Economics"Universidade Autónoma de Lisboa"1995University degree in Economics
- CISMCISM
Certifications
- Certified Information Security Manager® (CISM)ISACA2024