- HIGHLIGHTS OF QUALIFICATIONS
-Over ten years of solid experience on Risk Control Management, Project Management and leading teams.
-Strong Experience in Audits: coordinating the planning, organizing and execution of information Technology (IT) audits.
-Strong experience in implementing Regulatory requirements as well as Internal Standards and Norms.
-Strong leadership, problem-solving, analytical and negotiation skills.
-Spanish native speaker and fluent in English.
- RELEVANT EXPERIENCE
HSBC: Business Risk Control Management (BRCM)
Dept. IT Risk
Position: Senior Manager Nov 2005 – Current
-Responsible of addressing and managing internal, external and Group IT Audits (including SOX reviews).
oThe IT audits consist of reviewing the system of internal controls relating to information security, change management and IT processes supporting the Information Systems organization.
oMy main responsibilities for IT Audits:
Developing, directing, planning and evaluating internal audit programs for the organization's information systems and related procedures to ensure compliance with the organization's policies, procedures and standards independently and as part of a team.
Provide input into decisions on audit scope, staffing requirements and work assignments.
Act as Lead Auditor, as necessary, leading and supervising the team and completing evaluations for members of the team
Conduct reviews, perform analysis and assess the significance of control weaknesses and operational problems.
Communicate results orally and in writing to senior corporate and division management
oIdentify and communicate to involved parties the annual calendar of audits when available.
oReview and prepare the information needed by authorities and auditors during the audit exercise.
oEnsure that all internal and external requests are delivered in time.
oDeliver reports and present to Local and Regional Steering Committees the information regarding the current situation of audits in place or the result of previous audits.
oTo ensure that action plans are documented and executed as results of previous audits.
oTo document in the internal tool all action plans and evidences regarding previous audits.
-Responsible of Risk Management for IT.
oAct as first line of defense in order to ensure that all possible risks and material risks are well identified, documented and with an action plan in order to mitigate the risk.
oWork jointly with the second and third line of defense in order to ensure that all identified weakness are covered and documented through different risks management documents inside the organization.
oEnsure that the internal Risk Management policies and standards are implemented on time.
oDocument all risks in the internal IT tool and ensure that all action plans are executed inside the period as documented.
oPresent in the Local and Regional Steering Committees the current status of all risks and controls.
oTo ensure that all risk acceptances and dispensations are accomplished in time.
oTo ensure that all Group Internal controls are adopted and are executed as defined.
oTo ensure that all regulatory demands are covered in time in order to avoid fines or other reputational or financial impacts to the organization.
oEnsure that all activities regarding different projects inside HSBC s IT areas are implemented in time and in accordance to the execution costs as planned.
oPresent to different Steering Committees the advances regarding the projects.
- EDUCATION & TRAINING
- Master Business Administration (MBA) Degree. (Universidad del Valle de Mexico, Apr 2013 – Apr 2015)
-Medal received for academic excellence.
-Knowledge and skills acquired:
oA comprehensive and global view of the company and its environment.
oA broad range of theoretical and practical knowledge to manage projects and organizations.
oA focus on core business functions.
oMultidisciplinary management skills in business environments.
- Bachelor of Computer Systems Management. (Universidad del Valle de Mexico, Sept 1996 – Sept 2000)
Training: Project Management, Quality Systems, Management Skills, Information Technology Risks, Business Risk Management Processes, Process Reengineering, among others.
Adept at handling Microsoft office tools:
Microsoft Office (Word, Excel, Power Point, Visio).
Team Working Methods certified Instructor
Process Reengineering Diploma
Facilitator of Quality and Continuous Improvement.