Sign in

Information Security Analyst

Lower Town, ON, K1N 8J9, Canada
March 24, 2019

Contact this candidate


Camilo Romero

** ***** ********* ******

Ottawa, Ontario, K1N8J9



Experienced Systems Engineer with advanced knowledge in Information Management, Business Processes, Security, Risk Analysis and IT Audit. Knowledge and six years’ experience in legislation/industry standards and frameworks such as SSAE18, SOC2, ISO27001 ISO27018, COSO, COBIT, SOX, ITGC, SARLAFT, Information Security, Business Risks, Managing IT Projects and Data Privacy (GPRD). Also, maintenance and IT support. Fluent English and Spanish Languages. ISO 27001 and COBIT 5 Certifications. Microsoft Office Suite Expert (Access, Word, Excel, PowerPoint & Visio), McAfee Drive Encryption 7.1.3 Platform, Imperva Web Application Firewall (WAF), ACL Audit Management & Analytics.

Employment History

Technology & Information Security Consultant 27/11/2017 – 28/02/2019 ONCE A & C

Bogota, Colombia

Coordinate and develop IT Risk and audit projects related to information security, auditing systems and Data Privacy. Also, support in the development of information gathering and process development methodologies. Also, perform on-site interviews to gather and analyze inputs to obtain a perfect understanding of each area of organizations and how they act. Advisory Risk Senior 12/12/2016 - 24/10/2017 EY

Bogota, Colombia

Testing IT General and SOX controls, collecting evidence during the external auditing and compliance reports (SSAE18, SOC2, ISO27001 ISO27018, COSO, and COBIT Frameworks). All this according to the requirements of main governing parties such as the PCAOB (Public Company Accounting Oversight Board), U.S. Securities and Exchange Commission

(SEC) and Colombian stock regulations. Telecommunication and Oil & Gas Industries. Senior Analyst 01/11/2015 - 28/02/2016 Banco Multibank

Bogota, Colombia

Supporting the development of test projects related to IT vulnerabilities, risk analysis and management of encryption platform (McAfee Drive Encryption 7.1.3), Web traffic analysis, systems audit and Information Security Information Security Professional 01/09/2014 - 10/01/2015 EAN University

Bogota, Colombia

Support in availability, integrity and confidentiality of information, through the implementation of safety initiatives, updating the Information Security Manual and the definition of risk methodology. Platform management of Imperva WAF (Web Application Firewall)


Security Information Professional 07/12/2013 - 01/08/2014 Banco Popular

Bogota, Colombia

Lead security assessments and audits, including the design and execution of security awareness programs, Full risk analysis for new/enhanced technology and business processes and Support annual enterprise security risk analysis. Enterprise Risk Management Consultant 27/11/2011 – 07/10/2013 DELOITTE

Develop a complete analysis related to Control Assurance (CA), Enterprise Risk Management (ERM), Operative Risk System and Money Laundering Prevention System (SARLAFT) Education

System Engineer 10/10/2012 Universidad Central

Bogota, Colombia

Intensive English Programs (IEP) 28/08/2015 Zoni Languages Center

Miami, Florida

Security Information Internal Auditor ISO27001 13/09/2013 Universidad Nacional

Bogotá, Colombia

ISO 27001 Certification 13/09/2013 SGS International

Bogotá, Colombia

COBIT 5 Foundation Certification 31/05/2017 APMG INTERNATIONAL

Bogota, Colombia


• Provide tracking procedures to support policies are developed and maintained by technical and business owners.

• Evaluate and prepare suggestions for new software requests for security compliance

• Respond to inquiries from staff, administrators, service providers, site personnel and outside vendors, to provide technical assistance and support

• Develop executive presentations using non-technical language IELTS - English Exam results:

• Listening: 7.0, Reading: 8.5, Writing: 6.0, Speaking: 6.5. CEFR Level: B2. Test Date: 12/08/2015

Contact this candidate