Logo
Tel:
+44 (0) 2079890750
Logo
Post-graduate degree in Information Security with 14 years experience in the Industry, generally working for the financial sector, strong knowledge of technology-oriented issues regarding information security and business continuity. Good knowledge of Project Management and good leadership skills.
Self-starter with the ability to work with a great degree of autonomy. Flexible and adaptable to new assignments. Proficiency/advanced level language skills (Portuguese, English and Spanish).
Profile
• Post-graduate degree in Information Security with 14 years experience in the Industry, generally working for the financial sector
• Strong knowledge of technology-oriented issues regarding security, privacy and business continuity
• Flexible and adaptable to new assignments. Never afraid of changes and always willing to learn
• Self-starter with the ability to work with a great degree of autonomy
• Good knowledge of Project Management and good leadership skills
• Available for local and international travelling
o CERTIFICATIONS
• Certified Information Systems Security Professional – CISSP
• Certified Functional Continuity Professional – CFCP
• ITILv3 Foundations
• TOEIC Certificate – Test of English for International Communication – 900 Points, Feb/2006
Career Summary
GRUPO GALVÃO (GALVAO GROUP)
Aug 2010 – Mar 2015
Information Security Coordinator
• Provided advice and support to the Group regarding information security, risk management and compliance;
• Developed educational materials and advised senior management to sensitise them to the risks and exposures to their businesses associated with information technologies and services;
• Developed and maintained the information security policies and strategies based on ISO 27001 and 27002 standards, supported SOX (Sarbanes-Oxley) audits and other audit related subjects;
• Performed risk assessments and created mitigation plans;
• Continuously contributed to the improvement of the organization’s systems access control positively affecting SLAs and decreasing audit findings. These activities included automation of exclusion of terminated users, proper identification and control of generic user accounts and safeguard of privileged user’s passwords;
• Developed and maintained an information security management framework including controls such as log management, change management, incident handling, patch management, vulnerability scanning and management, network topology best practices, hardening of servers, segregation of production and development environments, among others;
• Constantly evaluated information security tools with the aim to increase IT’s environment security controls such as event management tools, data loss prevention, identity management, privileged accounts management, among others tools.
FIDELITY PAYMENT SERVICES
Jul 2006 – Aug 2010
Business Continuity Coordinator
• Responsible for creating a coherent and efficient business continuity management program that is commercially used by the company to acquire new investors. The program includes the establishment of a business continuity committee formed by the company’s top executives, reformulation of the existing continuity documentation, the creation of a testing schedule including table tests and real tests, the creation of a business continuity training program and the dissemination of business continuity culture throughout the company;
Information Security Policies Consultant
• Contributed to the reduction of corporate information security incidents by developing and implementing Fidelity’s first set of security policies in accordance with the company’s goals, trading partners requirements and the Payment Card Industry Data Security Standard (PCI-DSS) along with the creation of an efficient security awareness campaign involving visual elements such as banners and posters with essential safety messages, as well as educational lectures for all employees;
• Contributed to improvement of the access control area efficiency by restructuring its processes, providing training for the access control analysts and implementing role based access profiles.
ERNST & YOUNG
Jan 2006 – Jul 2006
Senior Information Security Consultant
• Consulting and systems auditing for market leader companies like FujiFilm, Safra Bank, Unibanco Bank, Bradesco Bank And ABN Amro Bank;
• Coordinated a team of up to 10 analysts and trainees, planning and assigning tasks, training new resources and managing the team’s hours and expenses;
• Performed penetration tests, segregation of duties analysis and systems role based profile redesign.
GAP YEAR
Nov 2004 – Dec 2005
• Lived in London, UK for a year (2004/2005) to acquire fluency in English.
BANKBOSTON
Aug 2001 – Oct 2004
Information Security Analyst
• Information Security Analyst dedicated to the Capital Markets sector, was responsible for suggesting security controls during the systems development life cycle focusing on adhering to the global bank’s policies;
• Addressing and advising on business and end-user security concerns and questions.
ABN AMRO Bank
Jan 2000 – Jul 200
Information Security Analyst
• Performing user access control management;
• Monitoring privileged users activities with the help of real time alert tools.
Training Courses
• Leadership Development Program
• Workshop – The art of giving and receiving feedback
• Negotiation Techniques
• Project Management
• BCLP 2000 – DRII
• Internetworking with TCP/IP
• Ethical Hacking
Languages
• Portuguese – Native Speaker
• English – Fluent
• Spanish – Conversational
Qualifications
• Bachelor Degree in Music with a Major in Conducting – University of São Paulo – 1999
• Post Graduate Degree in Information Security – IBTA College S. Paulo – 2009
Skills Provision Limited | T: +44 (0) 2079890750 | E: enquiries@skills-provision.com | Registration Details
Copywriters | Privacy Policy | Data Protection Policy | Website Terms & Conditions | Business Terms & Conditions | Equality Policy | Modern Slavery Policy | Library | Sitemap