About Ricardo
During the last 18 years I have been working in the information security field in Mexico, France and Germany, I have worked from technical, project management, presales and consultant positions and as a CISO (Chief Information Security Officer).
Curious, hard worker, quick learner, I love competitive environments and work effectively under pressure.
Spanish
Native or bilingual
English
Native or bilingual
French
Native or bilingual
Can work on-site
Madrid (up to 50km)
Experience
- OutpaycePayments Business Information Security OfficerBANKING AND INSURANCEMay 2023 - Today (3 years and 1 month)Madrid, SpainManage the implementation of the DORA (Digital Operational Resilience Act)-Lead PCI DSS certification process.-Support and lead the security part of the process to obtain the EMI license in Spain.-Develop, implement, and maintain the Information Security Framework for Internal Services (policies, standards, guidelines, architecture models, etc.)-Derive and translate the Corporate Security Policies into local/specific ones and with the corresponding standards, baselines, guidelines & architectural model.-Develop and embed security processes into global framework and methodologies.-Develop a strong communication (position papers, policies, procedures, standards, etc.) and awareness around the Information Security Policies.-Ensure that the security risk posture for internal services is aligned with the business appetite & -strategy.-Provide security consulting/expertise and support in programs / projects to other Business Units-Perform security assessment on Programs/projects ((confidentiality, integrity, availability, traceability) with compliance to applicable regulations)-Identify possible mitigation measures.-Translate security risk into business terms which are understandable by the business to reach residual risk acceptance.-Validate the design & accreditation of the security with Programs & projects (architecture, design, processes, regulatory compliance)-Collect & report of metrics supporting the business value of the security program’s activities.-Conduct, coordinate or support IT Risk Assessment analysis and Audit Plans-Drive the day-to-day security process, serious security Incidents. Vulnerabilities management.
- Cyber Defense Consulting GroupSenior Security OfficerNovember 2019 - May 2023 (3 years and 6 months)Paris, FranceSome past missions:- Mission at DEXIA – La Défense Security and Business Continuity Consultant – CISO Team- Contrat at PMU - Paris 15 During this mission I worked as CISO Deputy for the PMU- Contrat at Allianz Partners – Saint-Ouen Security Consultant During this mission I worked for the Global Information Security Officer for Allianz Partners
- Ditto BankChief Information Security OfficerJune 2016 - October 2019 (3 years and 4 months)92100 Boulogne-Billancourt, France-Establish and maintain the security enterprise vision, strategy and program to ensure assets and technologies are adequately protected-Lead and coordinate the development and maintenance of information systems security policies, procedures, standards, and guidelines, ensuring compliance with laws and regulations-Ensures threat and vulnerability resources and technology are proactively monitoring 24X7 potential threats and vulnerabilities and protection controls are implemented timely and appropriately to safeguard and maintain business operations.-Identifies and assesses risks in implementing business innovations, Provides assessment of those risks to business stakeholders.-Directs staff in identifying, developing, implementing and maintaining processes across the enterprise to reduce information and technology risk.-Monitors compliance with the organization's information security policies and procedures among employees, contractors, alliances, and other third parties.-Design and execute penetration tests and security audits-Monitor, report and control incidents-Monitor threats and take prevention measures-Define the IT security controls with the permanent control Manager-Stay well-informed of best practices in the IT security field including from a data protection perspective, coordinate and/or evaluates new and emerging security practices and technologies, and recommends and promotes adoption as appropriate.
Recommendations
Be the first to recommend Ricardo
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master of Business Administration (M.B.A.), Business Administration and Management, GeneralESSEC Business School2014Master of Business Administration (M.B.A.), Business Administration and Management, General
- Master of Business Administration (M.B.A.), Business Administration and Management, GeneralUniversität Mannheim2014Master of Business Administration (M.B.A.), Business Administration and Management, General
Certifications
- Certified in Risk and Information Systems Control™ (CRISC)ISACA2018
- Certified Information Security Manager® (CISM)ISACA2017