About Francisco
Spanish
Native or bilingual
English
Conversational
Experience
- KPMG EspañaSenior Consultant - Tech Risk & CybersecurityCONSULTING AND AUDITSJanuary 2024 - April 2026 (2 years and 3 months)Madrid, Spain
- Leadership and execution ofcybersecurity governance, risk, and complianceprojects, supporting CISOs and security areas in improving their regulatory, operational, and control model.
- Development and update of **security policies, standards, and procedures**, aligned with **NIS2, DORA, ISO 27001, NIST, GDPR, RIA, SOX, and SWIFT CSCF**.
- Assessment of **cybersecurity and regulatory compliance maturity**, identifying gaps, risks, and improvement opportunities against standards, regulations, and best practices.
- Definition and monitoring of **action plans, roadmaps, and cybersecurity master plans, and customized risk methodologies**, prioritizing initiatives based on risk, criticality, effort, dependencies, and execution capacity.
- Design ofdashboards, KPIs/KRIs, and executive reportingfor monitoring risks, controls, projects, budget, and cybersecurity area performance.
- Preparation of **executive presentations for CISOs, management committees, and senior leadership**, facilitating decision-making on technological risk, compliance, and security strategy.
- **End-to-end coordination of internal and external technology and cybersecurity audits**, managing evidence, requirements, liaison with auditors, and monitoring of remediation efforts.
- Management and assessment of **third-party and technology vendor risks**, participating in approval processes, contracting, criticality analysis, security requirements review, compliance assessment, and monitoring of remediation plans.
- PwC EspañaSenior Auditor - IT Risk, SOX, and Internal ControlCONSULTING AND AUDITSJuly 2019 - January 2024 (4 years and 6 months)Madrid, SpainAudit of IT general controls (ITGC) for IBEX 35 clients in the Banking, Technology, and Retail sectors:
- Assessment ofIT general controls—ITGC—in complex environments, including applications, databases, operating systems, and IT processes associated with financial information.
- Review of compliance with **internal control frameworks and SOX requirements**, analyzing the design and operational effectiveness of controls over access, changes, IT operations, and incident management.
- End-to-end analysis of **business processes and financial information flows**, identifying key systems, technological dependencies, control points, and risks associated with financial reporting.
- Development of **process maps, flowcharts, and walkthrough documentation**, facilitating the understanding of audited processes and the traceability of reviewed evidence.
- Assessment of **processes for generating non-financial indicators and ESG metrics**, reviewing the collection, processing, consolidation, and control of reported information.
*Automation of control tests and massive data analysisusing ACL and Alteryx, optimizing the efficiency and traceability of audit procedures. - Phoenix Software 3000Intern Software DeveloperTECHApril 2018 - August 2018 (4 months)Caracas, Capital District, VenezuelaEngineer participating in a Startup project for the development of a series of improvement functionalities for a money transfer application for Banco Provincial (Venezuela):
- Support in project planning.
- Review of developed code efficiency (SWIFT Language).
- Following Agile methodology (SCRUM).
- GIT management.
- Performing tests on developed functionalities.
- Continuous collaboration with UX and UI teams.
Recommendations
Be the first to recommend Francisco
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Computer EngineerUGMA2018
- ISO 27001 Lead AuditorAENOR2024