Freelancer profile translated to English.

Description

I am a freelance auditor and consultant specializing in ISO/IEC 27001, ENS, NIS2, IT Compliance, GRC, risk analysis, and information security.

I offer certification bodies, companies, and consultancies services for audits, ISMS documentation review, gap identification, control evaluation, evidence organization, and progress towards certification or compliance improvement processes.

I can collaborate on ISO 27001 audit projects, Annex A control reviews, statement of applicability, risk analysis, treatment plans, security policies, internal procedures, document management, ENS, NIS2, and evidence preparation.

My differential value lies in combining compliance, auditing, and technical expertise. This allows me to analyze security controls from a dual perspective: regulatory compliance and technical feasibility, understanding how they should be documented, evidenced, and implemented in real cybersecurity architectures.

I have a practical, clear, and results-oriented approach. Understanding the organization's real context, reviewing what exists, detecting what is missing, and proposing concrete actions that can be defended during an audit.

In addition to my experience in IT Compliance and cybersecurity, I have a background in regulated environments, airport security, team supervision, vocational training, and judicial IT expert testimony.

Industry field of expertise

Languages

Spanish
Native or bilingual
English
Conversational
Romanian
Native or bilingual

Workplace preferences

Remote only

Primarily works remotely

OptimumTIC
IT Compliance Manager
April 2026 - June 2026 (2 months)
Barcelona, Spain
Participation in IT Compliance, GRC, audit, and cybersecurity projects focused on the implementation, review, and improvement of security frameworks, risk management, and regulatory compliance in regulated environments.
• Internal audits and evidence review on ISO/IEC 27001, ISO/IEC 42001, ENS, and NIS2.
• GRC consulting, IT Compliance, and information security.
• Evaluation of controls, documentation, regulatory requirements, and improvement plans.
• Support in certification processes, internal/external audits, and corrective action follow-up.
• Focus on traceability, document control, technological risk, and security maturity
ISO 27001 ENS GRC ISO 27001 Lead Auditor ISO 27001 ISMS Implementation & Audit
Aena / Entorno aeroportuario internacional
Airport Security Operations Supervisor
October 2017 - July 2024 (6 years and 9 months)
Barcelona, Spain
Supervision and coordination of operational teams of over 140 people per shift in an airport environment, ensuring the organization of security checkpoints, operational continuity, personnel management, and incident intervention.
• Decision-making in high-pressure environments with direct impact on aircraft, passengers, facilities, and operational continuity.
• Management of incidents, risk situations, airport security procedures, and internal controls.
• Coordination with the Civil Guard, airport operators, and other security stakeholders.
• Support during audits, compliance reviews, and application of airport security regulations.
• Operational experience in an international environment linked to sensitive security and high-profile flights.
DORA AESA Cybersecurity Team Management Health and Safety
OptimumTIC
IT Compliance Manager
November 2023 - January 2024 (2 months)
Barcelona, Spain
Participation in IT Compliance activities and support for cybersecurity incident management, focusing on risk assessment, compliance audits, policies, procedures, and customer support.
• Technological risk assessment and control analysis.
• Support in projects related to ISO/IEC 27001, ISO 9001, ENS, and GDPR.
• Review of evidence, documentation, regulatory requirements, and security procedures.