You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Gonzalo GarciaGG

Gonzalo Garcia

VCISO

€280/day
Madrid, ES
15+ years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Gonzalo

Looking to elevate your cybersecurity maturity without hindering business agility?

I am a vCISO (Virtual Chief Information Security Officer) with a holistic view of security: I don't see it as a technical silo, but as a key component of corporate governance that protects company value and builds trust in the final product. My approach is pragmatic, realistic, and results-oriented, acting as the necessary bridge between senior management (C-Level) and technical needs.

How can I add value to your organization?
Strategy and Governance: I conduct maturity assessments, design security master plans, and manage budgets and RFPs. I assist internal CISOs with executive reporting to the Steering Committee.

Regulatory Compliance and NIS2: Comprehensive support in adopting NIS2, ENS, ISO 27001, and SOC guidelines. I work closely with the DPO office for GDPR compliance and sensitive data protection.

Operational Resilience: Strategic incident management, DFIR, and security control for the supply chain (suppliers and clients).

Security in the Software Development Lifecycle (SDLC): Implementation of DevSecOps models and software asset governance. My technical background allows me to speak the same language as your engineering teams to prioritize mitigations without blocking delivery.

Vulnerability Management and IAM: Design cyclical processes for asset discovery and resolution, as well as robust identity management systems (IDaaS, Azure AD).

New Technologies and AI: Strategic consulting for the secure adoption of AI frameworks (Copilot, GPT), Zero Trust architectures, and Cloud Security.

My commitment:Honesty and Efficiency
I am not a 'theory and PowerPoint' consultant. My job is to ground security in your operational reality, fostering a culture of awareness from the executive team to the frontline staff.

Shall we talk about how to secure your company's strategy?
  • English

    Native or bilingual

Can work on-site
Madrid (up to 50km)

Experience

  • Kobal Soluciones
    Product Line Manager
    TECH
    September 2016 - December 2018 (2 years and 3 months)
    Madrid, Spain
    • • Simultaneous management of various ERP projects.
    • • Programming in diverse architectures and languages.
    ◦ • Team of several people in charge.

    Client relations, crisis resolution, and direct reporting to the steering committee in a niche consultancy in Madrid. Definition of KPIs and strategies for the business line for which I was responsible.
    .NET SQL Server SDLC CI/CD Cloud
  • Urbaser S.A.
    Senior Consultant / Cybersecurity Manager
    TECH
    May 2020 - September 2024 (4 years and 4 months)
    Madrid, Spain
    Ultimately responsible for the company's vulnerability management process. External service with a niche consultancy in charge.
    - Head of the security architecture office with a top-tier consultancy.
    - External cyber intelligence service with a niche consultancy.
    - Support to the internal audit and ISMS team (ENS, 27001, NIS2…).
    - DPO Support.
    - Head of cybersecurity for the company's entire application landscape. Responsible for the secure development process (DevSecOps, OWASP, CI/CD…) across all types of architectures SaaS, PaaS, IaaS, both in the Cloud and On-Premise. Experienced in complex and highly heterogeneous projects.
    - Global scope, over 300 applications and 20 countries. Focus on two levels: executive (KPIs, dashboards, Steering Committee presentations…) and operational (direct work with technical teams).
    NIS2 Cybersecurity Incident Management IAM Data Privacy ISO 27001
  • Dimatica
    Technology Consultant
    TECH
    December 2018 - May 2020 (1 year and 5 months)
    Madrid, Spain
    - PMO and head of programming at a multinational client, shifting in late 2019 to the (newly created) cybersecurity department as head of SDLC and CISO Support (20 countries and 300 applications).

Recommendations

Be the first to recommend Gonzalo

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • CISSP ISC2 Course
    2022
    Curso CISSP ISC2
  • Technical Engineer in Systems Informatics
    Polytechnic University of Madrid.
    2003
    Ingeniero técnico en Informatica de Sistemas

Skill set

Categories