Information Security Risk Management
Resume:
OSCAR ALBERTO BARRAGÁN LEÓN
*********@*****.***
Executive leader and specialist in information security, cybersecurity and IT risk management, certified internal auditor (SGSI ISO-27001:2013), ITIL® 4 Certificate in IT Service Management and Guidelines for cybersecurity ISO/IEC 27032-2012, with support orientation to the different business areas towards the achievement of strategic objectives through execution of information security and cybersecurity functions, BCM-PCN Business Continuity Management (ISO 22301), government and protection of personal data (HIPAA, GDPR, 1581 Law) financial and operational risk management (SARO), project management and IT services, software development, transactional monitoring, document management, computer security architecture (Cloud: AWS, Google, Azure) and information technology, auditing, consulting, tax audit and internal control. Professional with 20+ years of proven experience leading work teams at local and regional level in information security (ISO27001) and cybersecurity (ISO27032), financial risk management
(ISO31000), operational (SARO), government and protection of personal data (HIPAA, GDPR, 1581 Law), fraud control, anti-corruption and money laundering (SARLAFT), IT projects for secure software development (PMI-OWASP), IT services management (ITIL), document management
(AGN), audit, risks and operational control (COBIT), security standards and best practices (PCI) and others.
I have held positions of Manager and Director of information security, IT security, cybersecurity, personal data protection, financial and operational risk management (SARO), IT project management, secure software development, security and document management, ISO27001 auditor, IT operations and systems, tax audit, assurance and improvement of processes, preparation of risk matrices, business impact analysis (BIA) and business continuity (BCM- ISO22301); monitoring and control of projects with IT technology component, in Colombian entities and regional financial conglomerates.
CISO Stores D1 - Entelgy Colombia SAS, April 2023 – July 2023. Provision of professional technical services, in the role of Security Officer (CISO) to ensure the adequate definition and implementation of the information security management system, applied to the IT platforms and information systems of Stores D1, in accordance with internal policies, Colombian legal regulations, recommendations from internal evaluations and current international standards.
Information Security, Cybersecurity and Business Continuity Manager BCM. BPO and Contact Center, February 2020 - October 2020.
- Manager responsible for the planning, maintenance and control of IT and ISMS risks, ISO-27001: 2013. Responsible for the PCN-BCM ISO22301 Business Continuity plan, before and after the declaration of a Pandemic by the OMS and the health emergency decreed by the Colombian. National government for COVID-19.
- Responsible for the scanning and remediation of vulnerabilities, implementation of secure remote connections, monitoring of connections from work at home, information security measures and controls, computer security and cybersecurity, protecting personal data and PROFILE
EXPERIENCE
guaranteeing confidentiality, integrity and availability of BPO information, clients. and stakeholders.
Independent consultant, IT risks, information security, cybersecurity, internal auditor ISO27001, November 2017 - December 2019 and October 2020 - April 2023.
- Specialized professional services to support the monitoring and control of contracts, projects, programs and plans that contain a technological component, IT risks, business continuity management systems, information security, cybersecurity, governance and protection of personal data, operations, risks and services of TIC.
- Implementation of an ISMS Information Security Management System under ISO27001 ISO- 31000. Protection of personal data 1581 Law and registry of databases Banco GNB Sudameris S.A. and Subsidiaries - Jun2005 - Jan2017 Director of Information Security and Information Security Projects Director of Financial and Operational Risk SARO
Director of Technological Development and IT Projects Director of Systems and Operations Audit
Banco Tequendama S.A. Credicorp Group, Colombia and Venezuela January 1999 - June 2005, Systems and Operations Audit Director - General Audit Banco Mercantil de Colombia S.A. – Audit Price Waterhouse Cooper August 1994 - January 1999, Manager / Director / Systems Auditor Banco Caja Social
October 1990 - July 1994, Systems Auditor - General Audit Information Security Postgraduate degree
Politécnico Grancolombiano University – Bogotá DC, September 2019. Certified Guidelines for cybersecurity ISO / IEC 27032-2012 Interpretation of the Standard SGS Academy MINTIC Colombia - Bogotá DC, November 2021. ITIL® 4 Foundation Certificate in IT Service Management PeopleCert Axelos SGS – Bogotá DC, October 2021.
Certified Internal Auditor ISMS ISO / IEC 27001: 2013 SGS Academy - Bogotá DC, December 2019.
Diploma, protection of personal data - 1581 Law and registration of databases Bogotá Chamber of Commerce - Certicámara - Bogotá DC, December 2018. Diploma, Risk Management, Universidad del Rosario, Bogotá DC, January 2003. Systems Engineer - Catholic University of Colombia, Bogotá DC, December 1994. Technologist in Data Systematization - Jorge Tadeo Lozano University, Bogotá DC, 1987. STUDIES
Contact this candidate