CV

Work experience

Hey! You can also grab a copy of the CV in PDF format right from here (permanent link).

  • Cloud Security Architect & Digital Risk Leader, Schneider Electric
    • This is a role with technical know-how and leadership qualities to eager drive security initiatives from start to finish and presents opportunities to advise on the global security strategy matters:
      • Ensure compliance with Data Protection, Jurisdiction and Privacy laws globally as part of the cloud domain.
      • Lead the development and implementation of the overall global cloud security architecture strategy, conducting security architecture assessments and defining future solutions and roadmaps.
      • Complete security architecture compliance assessments and auditing on in-flight projects and during operations against reference architectures.
      • Perform threat modelling and design reviews to assess security implications and requirements for introduction of new technologies.
      • Develop and maintain cloud security standards in partnership with Architecture, Operations, and Application Development teams.
      • Provide support to the SOC on cloud incident handling.
      • Lead investigations and take corrective/preventive actions, working closely with other regional or domain security experts.
      • Lead training and technical forums, serving as both a formal and informal mentor, and execute other initiatives designed to share knowledge across the enterprise, managing security awareness.
    • Frameworks:
      • TOGAF
      • SABSA
    • Technologies:
      • Typical ICS mechanisms and IIoT devices.
      • Application Security design patterns.
      • Service-oriented and microservices architectures.
      • Data at rest protection mechanisms: cryptography, key management, etc.
      • Network security in IaaS, PaaS and SaaS multi-cloud environments and data in transit security mechanisms.
      • Cloud-native/friendly authentication mechanisms (OAuth, OpenID, SAML), as well as traditional methods such as Directory Services, Identity and Access Management (IAM) & Single Sign-On (SSO).
      • Monitoring, detection and protection methods (network segregation, Firewalls, IDS/IPS, NAC, SDP, SIEM, Threat Intelligence).
      • Cloud security and governance tools & security brokers (CASBs).
  • Cloud Architect/DevOps, DXC Technology
  • Network Engineer/SRE, SD WISP
  • Digital Analytics Analyst, Sweetspot Intelligence
  • Cloud VoIP Product Manager, Alisys
  • Consultant on OSINT projects, Indra
  • Functional Architect (core banking)-Security, Matchmind
  • Security Team Leader, Accenture
  • Network Security Engineer, BT
  • IT Auditor, IBM
  • Security Consultant, DINSA
  • R&D Engineer-Security, Atos
  • Systems Engineer, Comverse Technology Inc.
  • Web developer, Portel Servicios Telematicos

Education

  • Ph.D candidate, UC3M, 2020 (expected)
  • MSc in Digital Information Systems & Libraries, UC3M, 2017
  • MSc in Security Management, UC3M, 2010
  • BSc in LIS, UC3M, 2014
  • BSc in Computer Science, ITFP Nº1, 1999

Publications

Talks

Projects

  • The Things Network - Principado de Asturias
    https://www.thethingsnetwork.org/community/principado-de-asturias/
    We are on a mission to provide the entire Principality of Asturias region, in the north of Spain, with Internet of Things (IoT) data connectivity by leveraging a public-owned LoRa (LoRaWAN/LPWAN) network infrastructure.

  • RAENAC (Radio en Accion)
    https://www.raenac.net
    Association commited with the promotion of radio technologies of all types.