Information Security Analyst
Resume:
Camilo Romero
Ottawa, Ontario, K1N8J9
*********@*****.***
Objective
Experienced Systems Engineer with advanced knowledge in Information Management, Business Processes, Security, Risk Analysis and IT Audit. Knowledge and six years’ experience in legislation/industry standards and frameworks such as SSAE18, SOC2, ISO27001 ISO27018, COSO, COBIT, SOX, ITGC, SARLAFT, Information Security, Business Risks, Managing IT Projects and Data Privacy (GPRD). Also, maintenance and IT support. Fluent English and Spanish Languages. ISO 27001 and COBIT 5 Certifications. Microsoft Office Suite Expert (Access, Word, Excel, PowerPoint & Visio), McAfee Drive Encryption 7.1.3 Platform, Imperva Web Application Firewall (WAF), ACL Audit Management & Analytics.
Employment History
Technology & Information Security Consultant 27/11/2017 – 28/02/2019 ONCE A & C
Bogota, Colombia
Coordinate and develop IT Risk and audit projects related to information security, auditing systems and Data Privacy. Also, support in the development of information gathering and process development methodologies. Also, perform on-site interviews to gather and analyze inputs to obtain a perfect understanding of each area of organizations and how they act. Advisory Risk Senior 12/12/2016 - 24/10/2017 EY
Bogota, Colombia
Testing IT General and SOX controls, collecting evidence during the external auditing and compliance reports (SSAE18, SOC2, ISO27001 ISO27018, COSO, and COBIT Frameworks). All this according to the requirements of main governing parties such as the PCAOB (Public Company Accounting Oversight Board), U.S. Securities and Exchange Commission
(SEC) and Colombian stock regulations. Telecommunication and Oil & Gas Industries. Senior Analyst 01/11/2015 - 28/02/2016 Banco Multibank
Bogota, Colombia
Supporting the development of test projects related to IT vulnerabilities, risk analysis and management of encryption platform (McAfee Drive Encryption 7.1.3), Web traffic analysis, systems audit and Information Security Information Security Professional 01/09/2014 - 10/01/2015 EAN University
Bogota, Colombia
Support in availability, integrity and confidentiality of information, through the implementation of safety initiatives, updating the Information Security Manual and the definition of risk methodology. Platform management of Imperva WAF (Web Application Firewall)
2
Security Information Professional 07/12/2013 - 01/08/2014 Banco Popular
Bogota, Colombia
Lead security assessments and audits, including the design and execution of security awareness programs, Full risk analysis for new/enhanced technology and business processes and Support annual enterprise security risk analysis. Enterprise Risk Management Consultant 27/11/2011 – 07/10/2013 DELOITTE
Develop a complete analysis related to Control Assurance (CA), Enterprise Risk Management (ERM), Operative Risk System and Money Laundering Prevention System (SARLAFT) Education
System Engineer 10/10/2012 Universidad Central
Bogota, Colombia
Intensive English Programs (IEP) 28/08/2015 Zoni Languages Center
Miami, Florida
Security Information Internal Auditor ISO27001 13/09/2013 Universidad Nacional
Bogotá, Colombia
ISO 27001 Certification 13/09/2013 SGS International
Bogotá, Colombia
COBIT 5 Foundation Certification 31/05/2017 APMG INTERNATIONAL
Bogota, Colombia
Highlights
• Provide tracking procedures to support policies are developed and maintained by technical and business owners.
• Evaluate and prepare suggestions for new software requests for security compliance
• Respond to inquiries from staff, administrators, service providers, site personnel and outside vendors, to provide technical assistance and support
• Develop executive presentations using non-technical language IELTS - English Exam results:
• Listening: 7.0, Reading: 8.5, Writing: 6.0, Speaking: 6.5. CEFR Level: B2. Test Date: 12/08/2015
Contact this candidate