Telecommunications Engineer Emergency Management
Resume:
ABOUT ME
Proven capacity to lead an organisation, at both strategic and management level. Excellent capacity to develop, communicate and implement business strategies, ensuring a successful. Proven track record of leading and managing change in a large organisation, in a context of stable or diminishing resources. Ability to lead and motivate teams in a International, multicultural and multilingual environment. Proven track record in financial and human resources management in a national, European and/or international context. Ability to communicate to the public and cooperate with various stakeholders (International, National and Local Authorities, international organisations, social partners, etc.). Knowledge of the rules and functioning of EU Institutions, as well as of EU policies.
WORK EXPERIENCE
Security Operations Manager - Global
Beam Suntory [ 17/02/2020 – Current ]
Address: Madrid (Spain)
City: Chicago, IL (Remote)
Country: United States
SOC management direct responsibilities: Security Monitoring and detecttion; CTI & Digital surveilance; Vulnerability Management; Digital Forensics & Incident response; Threat Hunting; Security validation and Purple Team.
Oversee daily monitoring and review of security events, stay abreast of the cyber threat landscape to be proactive in the identification of potential threats, and work with all stakeholders to ensure the integrity and security of Beam Suntory networks, assets, and data.
Diagnose threats and lead mitigation efforts, including performing root cause analysis and after-action reviews with all Information Technology Teams, and can effectively defend the enterprise against malicious network attacks.
Bring a strong understanding of the business drivers that affect IT Security and be able to influence change in the organization to drive the maturity of the SOC function. Provide technical and management oversight to a diverse team of Tier 1 through Tier 3 SecOps and Security Engineering professionals.
Drive resolution of Cyber Security incidents, provide problem resolution for issues, and coordinating O&M Engineering support for security systems.
Francisco Luis de Andres Perez
Nationality: Spanish
Date of birth: 03/12/1970
Gender: Male
Email address: flandres@ciso.es
Website: https://www.enisa.europa.eu/events/2019-cti-eu/2019-cti-eu-bonding-eu- cyber-threat-intelligence
LinkedIn : https://www.linkedin.com/in/01F
575francisco-luis-de-andres-80a5b85
Address: C/Galvilla 6 Bajo, 30319 Cartagena (Spain) Member of the Steering Committee
Manusec (OT Cybersecurity [ 01/12/2021 – 30/03/2022 ] City: Munich
Country: Germany
ManuSec Europe explores solutions to the widening array of cyber threats jeopardizing European manufacturers as they increasingly embrace technological innovations. A senior delegation of 150+ manufacturing and cyber security leaders from across Europe explore strategies and best practices for protecting industrial networks, promoting organisational alignment as support for IT/OT convergence and establishing a roadmap for cyber security of safety-critical systems to define the practical steps needed to protect their key assets from cyber threats
https://europe.manusecevent.com/steering-committee/ Development Standard CVSS 4.0
First.org [ 02/11/2021 – Current ]
City: Online
Country: United States
The CVSS Special Interest Group (SIG) is currently working on individual improvements that will form the basis of the next version of the CVSS standard. The SIG is composed of representatives from a broad range of industry sectors, from banking and finance to technology and academia. Organizations and individuals interested in joining the SIG, or observing progress via the CVSS SIG mailing lists, should complete the Request to Join form below.
A list of potential improvements targeted at CVSS v4.0 has been created based on input and feedback from various sources. The current list of potential improvements can be found here. https://www.first.org/cvss/
Member of the Ad-Hoc Working Group on Security Operation Centres (SOCs) ENISA [ 20/10/2021 – Current ]
City: Athens
Country: Greece
The scope of this ad-hoc working group is to assist ENISA in capturing current practices across the EU regarding typical SOCs capabilities, i.e. capabilities to identify, protect against, detect, respond to and recover from cyber threats affecting a particular organisation. It will also help the Agency capture current practices in CSIRTS and SOCs, Member States’ cybersecurity policies and investment plans relevant to increasing the capacity of SOCs, identify gaps based on maturity models for SOCs that establish best practice (i.e., FIRST framework) and highlight pathways for research and innovation that will increase the maturity of current stakeholders in the field. https://www.enisa.europa.eu/topics/cross-cooperation-for-csirts/ad-hoc-working-group-on-socs Independent Cybersecurity Expert H2020
European Commission [ 12/09/2016 – Current ]
Address: Brussels (Belgium)
City: Brussels
Country: Belgium
SCOPE EUROPEAN COMMISSION HORIZON 2020 PROGRAM
Subjects: Critical Infastructures Protection, GDPR and Digital Security Working on classified projects by the EU security commitee, the review/monitor of the projects allow me to learn about beyond of the state of the art cybersecuity not only from European Countries but also Israeli. EVALUATOR
Proposals' analysis from a Cybersecurity perspective based on my expertise. Impact, quality, and excellence based on beyond of the state of the art solutions analysis, project and risk management etc...
Individual and consensus reports
RAPPORTEUR
Meetings coordination and consensus reports' development REVIEWER
Participated on classified European Projects.
Deliverables review and validation.
Individual and consensus reports.
Cybersecurity Strategies Manager
S21Sec - Sonae Corporation [ 10/01/2017 – 24/10/2019 ] Address: Madrid (Spain)
City: Madrid
Country: Spain
Multinational cybersecurity pure player. The scope of my responsibilities were very opened and international. PENTESTING/RED TEAM DIGITAL TRANSFORMATION:
Collaborate with the Red Team director in order to define roles, resposibilities and methodologies for the Red Team
Definition of Red Team APT emulation capaigns mirroring APT s TTP s. Analysis of regulations and standards like TIBER-EU, NIST 800-53, or NIS, in order to align the Red Team Attack scenarios.
Participation on conferences in order to present our own Cyber Attack Methodology. Training Red Team about CAT methodology, procedures, and "Target profiling" CAT1st phase. Vulnerability and exploitation solutions. (Tenable, Burp suit, Qualys, Acunetix, kali software (metasploit, armitage...) etc...
INCIDENT RESPONSE DIGITAL TRANSFORMATION:
DFIR. Definition of Roles, Responsibilities and procedures. Training technical department on OSINT.
Network forensics (Wireshark, dissectors, NetworkMiner, Kali tools, etc...) and OSINT techniques and tools, Malware forensics: Static malware analysis: Strings and metadata, dissamblers, packers detector, de- ofuscators, steganography detection etc...
Systems forensics: Windows shellbags, prefetchs, event viewer filtering and triggers, endpoint and servers IOCs rules generation and detection.
ICS/SCADA CYBERSECURITY 3RD PARTY PORTFOLIO DEV.:
Clients cybersecurity analisis, POC.
Analysis and clasification of the OT Cybersecurity solutions (Cyberarch, claroty, Silent defense, Dark trace, diode filters etc...)
CORPORATE STRATEGY TASKS:
Own and thrid party products portfolio definition.
New products building and products lifecycle management. Market analysis.
Conferences: participation as speaker.
Presales and RFP participation.
CEO EMEA & LATAM
B-Scada Inc. [ 01/11/2014 – 31/10/2016 ]
City: Crystal River, FL
Country: United States
Spanish branch office of the U.S. head offices based on Tampa, Florida, with responsibilities for European and Latam markets
IT/OT SYSTEMS ENGINEER
Responsible for IT projects implementation (Windows servers, GPO, fileservers, scripting, AD, etc...) Responsible for Scada solutions, systems and databases, networking and security under operational technilogies' environment.
Databases management SQL server (Transact and server mangmt) Virtualization (Vcenter, Vsphere, Veeam backup, etc...) BPM projects implementation (Bizagi)
Technical training (Windows servers, Scada software, BPMN etc...) CYBERSECURITY
Firewalls implementation: Checkpoint clustering, Fortinet.. Security architectures development
Vulnerability management and exploitation (Tenable, Qualys, Kali, Metasploit framework, and many more) Forensic tools and systems (Forensic falcon, encase, volatility, ftk, Belkasoft, etc...) MANAGEMENT
Projects and budgets management
People management
Strategic plan to grow sales and brand on Europe and Latam Coordination with U.S. head offices
SME CEO, Chief Executive Officer
Coneti Consultores [ 01/08/2006 – 31/10/2014 ]
City: Murcia
Country: Spain
- Business or sector: Information and communication Coneti was a small and medium size company based in south east Spain. The target was local medium to big size companies and international sales to Angola.
IT/OT ENGINEER
Windows and Linux Systems and software implementation (Certified expert on Windows servers). Virtualization (Vcenter, Vsphere, backup solutions Veeam, V-Ranger, etc...) Storage management NAS (Qnap, open-nas ...) and SAN IBM V Series Cloud backup servers Azure configuration
BPM software implementation Auraportal, Bonitasoft and Bizagi CYBERSECURITY
Vulnerability management and exploitation (Acunetix, Meterpreter, sss, etc... ISO 27001 and other compliances' controls
Firewalls implementation (Fortinet and Checkpoint) Network policies GPO, Kpi, encryption etc...
Proxy server implementation Squid
Network monitoring tools Snort etc...
Mail filtering linux implementation mailproc + sendmail MANAGEMENT
People management
Projects management
Budget and strategies management
CIO and CISO
PC DAU SYSTEMS [ 01/09/2005 – 30/08/2006 ]
- Business or sector: Information and communication IT SYSTEMS ENGINEER
Windows and Linux servers implementation
Virtualization (Vcenter, Vsphere, Vmware workstation, Veeam backup) Physiscal backup solutions and scripts
Mail server implementation and management (Exchange server) Database implementation adn management (SQL Server) Sharepoint services implementation and management
CYBERSECURITY
Network policies and GPO s
Secutiry Controls implementation
Firewall management
CIO & CISO
La Gardenia Europe [ 01/05/2003 – 30/08/2005 ]
- Business or sector: Real estate activities
IT SYSTEMS ENGINEER
Windows and Linux servers implementation (File servers, users and groups, certification authorities, terminal servers, group policy ogbjects, clustering etc...) Virtualization vmware
Physiscal backup solutions and scripts
Mail server implementation and management (Exchange server) Database implementation adn management (SQL Server) CYBERSECURITY
Network policies and GPO s
Secutiry Controls implementation
Firewall management
Proxy server implementation and management
IT Consultant
Oracle (Micros-Fidelio PMS) [ 01/03/2000 – 30/04/2003 ]
- http://www.micros-fidelio.es/
City: Madrid
Country: Spain
IT ENGINEER
Windows servers implementation, files, policies, etc.. Novell netware servers, printers, file system management. Databases implementation and management Oracle and MS SQL Application servers
Help desk support
Training
CYBERSECURITY
Security controls implementation
IT Consultant Business Development
Thistle Hotles PLC [ 01/09/1998 – 28/02/2000 ]
Address: Leeds (United Kingdom) - http://www.thistle.com/ City: London
Country: United Kingdom
HELP DESK IT
Support as a SAP R3 FI Junior Consultant
Support to corporate applications (Fidelio Etc.)
JUNIOR IT CONSULTANT
Novell netware implementation and management (printers, backups, files, servers etc...) EDUCATION AND TRAINING
InsightVM Certified Administrator (Vulnerability Management) Rapid 7 [ 17/01/2022 – 18/01/2022 ]
https://verify.skilljar.com/c/ij6pj9bpqxiy
Cyber Crisis Management Certificate
CCN (Spanish Government) [ 24/08/2021 – 24/08/2021 ] CSFPC (Cybersecurity Foundation Proffesional Certificate) CertiProf [ 21/04/2021 – 21/04/2021 ]
Effectively Leveraging MITRE ATT&CK Symposium
IANS [ 17/06/2020 – 17/06/2020 ]
CyberArk PAS Administration Certificate
CyberArk PAM [ 12/06/2020 – 12/06/2020 ]
CISM (Certified Information Security Manager)
ISACA [ 05/10/2018 – 05/12/2018 ]
Address: Madrid (Spain)
https://www.youracclaim.com/earner/earned/badge/49844a33-34b0-4eee-b5e5-971d3928e4d1 CDPSE (Certified Data Privacy Solutions Engineer)
ISACA [ 05/2020 – 06/2020 ]
https://www.youracclaim.com/earner/earned/badge/eaafbf83-432d-4990-a887-5cdb8f3ceea9 Lead Auditor ISO 27.001:2013 IRCA
BSIGroup [ 26/09/2016 – 30/09/2016 ]
CFPC (Cybersecurity Foundation Professional Certificate) CertiProf [ 04/2021 – 04/2021 ]
CISSP BootCamp
Infosec [ 07/10/2007 ]
University postgrade on Cybersecurity for Industrial Control Systems & Scada UNED [ 01/12/2014 – 30/09/2015 ]
Address: Madrid (Spain)
Digital Forensics Certification for the Spanish Court COITIMUR [ 10/03/2016 – 18/03/2016 ]
CSO, Chief Security Officer certification for the Spanish Interior Ministry Instituto Universitario General Gutierrez Mellado - UNED [ 01/08/2016 – 23/12/2016 ] CyberArk PAS Administration course
CyberArk [ 05/2020 – 06/2020 ]
Tenable Certified MSSP Engineer
Tenable [ 01/05/2018 – 04/06/2018 ]
Address: Online
PMP: Project Management Professional
PMI : EDBFormación [ 01/08/2016 – 20/10/2016 ]
ITIL V3 Foundation
Exim [ 23/10/2008 ]
Microsoft Certified Trainer MCT
Foritec Academias [ 09/01/2007 ]
Address: C/Amsterdam 72, 30353 Cartagena (Spain)
Field(s) of study: Information Technology
National classification: Microsoft Certified Trainer MCT Microsoft Certified Trainer MCT
MCSA - Microsoft Certified Systems Administrator
Foritec Tecnologia [ 01/11/2008 ]
Address: C/Amsterdam 72, 30.353 Cartagena (Spain)
Field(s) of study: Information Technology
National classification: Microsoft Certified Systems Administrator MCSA MCSA - Microsoft Certified Systems Administrator
Management: Business organizational skills
MCA Business School [ 24/02/2019 – 08/04/2019 ]
210W - Cybersecurity for Industrial Control Systems U.S. Department of Homeland Security [ 2015 – 2015 ] 100W - Operational Security (OPSEC) for Control Systems U.S. Department of Homeland Security [ 09/02/2015 – 09/02/2015 ] Advanced Threat Detection in ICS – SCADA Environments Concise Courses USA [ 20/01/2015 ]
Advanced Threat Detection in ICS SCADA Environments Certified I.T. Forensics Investigation and Legal
On line, Universidad de Extremadura [ 01/11/2018 – 29/11/2018 ] Address: Extremadura (Spain)
Protecting Critical Infrastructures against Insider Threats Emergency Management Institute, U.S. Department of Homeland Security [ 12/10/2016 ] Address: Online
Critical Infrastructure Security: Theft and Diversion Emergency Management Institute, U.S. Department of Homeland Security [ 12/10/2016 ] The Human Threat: Breaking Down Insider Risk
ForcePoint [ 05/2021 – 05/2021 ]
https://www.brighttalk.com/webinar/the-human-threat-breaking-down-insider-risk/ Improve Security Posture with MITRE ATT&CK Framework and Threat Intelligence BrightTalk [ 01/2021 – 01/2021 ]
www.brighttalk.com/webcast/10703/444204
Effectively Leveraging MITRE ATT&CK Symposium
IANS [ 06/2020 – 06/2020 ]
Cyberspace - Threat Intelligence and Security
Universidad de La Rioja [ 11/07/2017 – 13/07/2017 ] Address: Logroño (Spain)
Cybersecurity exercises
Universidad de Valencia [ 20/06/2017 – 21/07/2017 ] Address: Valencia (Spain)
Ethical Hacking: Penetration Testing
Insectech [ 01/08/2016 – 23/08/2016 ]
Address: Online
Cybersecurity for SME s
Incibe [ 04/02/2016 – 14/05/2016 ]
Address: Online
BPM Building Apps for Knowledge Workers
Bizagi [ 10/08/2016 – 12/08/2016 ]
Address: Online
English
LISTENING C1 READING C1 WRITING C1
SPOKEN PRODUCTION C1 SPOKEN INTERACTION C1
Portuguese
LISTENING B1 READING B1 WRITING B1
SPOKEN PRODUCTION B1 SPOKEN INTERACTION B1
Integration and Development Bizagi BPM
Bizagi [ 28/03/2016 – 01/04/2016 ]
Address: Online - con Instructor
E-Government Interoperability Certification
UNPAN - United Nations Public Administration Network [ 15/10/2015 ] Infrastructure for E-Government Development
UNPAN - United Nations Public Administration Network [ 17/04/2014 ] Corruption Prevention Certification
UNPAN - United Nations Public Administration Network [ 11/04/2014 – 11/04/2014 ] Backup Academy Certified Professional
Veeam Backup Software - Backup Academy [ 29/01/2014 ] BPM Auraportal Senior Consultant
Auraportal [ 01/03/2012 ]
Address: (Spain)
National classification: Auraportal BPM Senior Consultant Solaris Administration I
Instituto Cibernos [ 25/07/2002 ]
Address: C/Madrid, 28.0004 Madrid (Spain)
Cisco CCNA
Instituto Cibernos [ 01/07/2002 ]
Address: Madrid, 28000 Madrid (Spain)
SAP FI Consultant
Advansoft Ltd. [ 04/06/2000 ]
Address: London, E5 QSJ London (United Kingdom)
Telecommunications Engineer
Universidad Politécnica de Madrid [ 19/05/1989 ]
Address: Madrid, 28000 Madrid (Spain)
LANGUAGE SKILLS
Mother tongue(s): Spanish
Other language(s):
DIGITAL SKILLS
Personal Skills
Public Speaker / Written and Verbal skills / Team-work oriented / Organizational and planning skills / Decision- making / Good listener and communicator / SecOps / Proactive, flexible and able to perform well under pressure / Analytical skills / research and analytics skills / Project leadership / Motivated / Research methodology writing
Cybersecurity Technical Skills
Cyber Threat Intelligence Collection and Analysis / NISt 800 SP-53 / Incident Commander / Digital Forensics / Thre at Analysis / ServiceNow Workflow Editor / Network Security Monitoring / Digital Forensic Investigation / CrowdStr ike / Wireshark / Kali Suite / MITRE ATTCK Framework / PRIVILEGED ACCOUNT SECURITY : CyberArk, OneIdentity / Security incidents management / ESDC Cyber Threat Intelligence and Information Sharing using MISP CTI-IS / Mal ware Analysis / Security Management / Threat Hunting / Nist Framework / Microsoft Defender ATP / NIST CSF / Se rviceNow SecOps
Other Digital Skills
Microsoft Powerpoint / Business Process Modelling Notation ( BPMN ) / ServiceNow ITSM / BPM PUBLICATIONS
Publications
Author of the research: "Intelligence Led Cyber Attack Taxonomy", proced by the Spanish cybersecurity guvernamental institute, INCIBE, the Universities Complutense and Extremadura as one of the best cybersecurity researches on 2019. JNIC 2019. Intelligence-Led Cyber Attack Taxonomy Publications
Co-author of the guide: " Cybersecurity Operations Center for Industry " published by the Spanish Industrial Cyber security Center, CCI, 2019. http://www.redseguridad.com/actualidad/info-tic/el-cci-publica-una-guia-para- la-creacion-de-un-centro-de-operaciones-y-respuesta-de-ciberseguridad-industrial NETWORKS AND MEMBERSHIPS
Independent cybersecurity expert at the International Electrotechnical Commission, IEC
[ International, 2016 – Current ]
linked to ISO/IEC JTC 1/SC 41
Map the main Use Cases over the relevant systems architectures within the Smart Energy domain. This includes: Provide guidelines in offering standard users ways to select a most appropriate set of standards/ specifications (either existing or coming, from IEC but possibly coming from other bodies) fulfilling the set of Use Cases. This includes the breakdown of Smart Energy scope into typical systems and system architectures.
Work with ISO/IEC JTC1 SC41 to introduce IoT concepts into the smart energy domain and co-ordinate their integration into Smart Energy standardisation
Identify and rank possible standard gaps/overlaps/recommendations Feed the IEC Smart Energy mapping tool with the above findings https://www.iec.ch/dyn/www/f?p=103:14:0 FSP_ORG_ID:12621 IEC Smart Energy Roadmap
Independent Expert, European Information Technologies Certification Institute, (EITCI Institute)
[ Brussels, Belgium, 2019 – Current ]
The Quantum Standards Group hosted by the EITCI Institute brings together international experts of professional backgrounds in cybersecurity, classical or quantum cryptography, networking, communication and computing or in any other areas that relate to quantum standards development, uptake or dissemination. The focus of the EITCI QSG is on quantum technologies related to information processing and communication. The EITCI QSG activity is part of the Horizon 2020 European Commission project and supports the Quantum Flagship initiative. https://eitci.org/node/48/done?sid=14259&token=5ef14e4697be6803962c1d3ead6e243e Digital Forensics expert at the Spanish courts
[ 2015 – Current ]
ISACA member #1011493
ISACA Member Madrid Chapter
CONFERENCES AND SEMINARS
Speaker: "Full Stack Cyber Attack model", 2020
[ Brussels, Belgium, 2020 – 2020 ]
CONTENTS:
APT's digital transformation
Emulated cyberattacks framework, Tiber from the European Central Bank Full-Stack Cyber-Attack layered model
CAT, Cyber attack taxonomy
Cyber Attack Modeling Notation CAMN
EVENT:
Speakers: https://www.enisa.europa.eu/events/2019-cti-eu/2019-cti-eu-bonding-eu-cyber-threat-intelligence Agenda: https://www.enisa.europa.eu/events/2019-cti-eu/2020-cti-eu-agenda https://www.enisa.europa.eu/events/2019-cti-eu/2019-cti-eu-bonding-eu-cyber-threat-intelligence Speaker: Cybertodos ISACA, 2019
[ Madrid, Spain, 2019 – 2019 ]
https://isacamadrid.fikket.com/event/cibertodos-2019 https://isacamadrid.fikket.com/event/cibertodos-2019 Speaker: Nis Summer School 2019, Cybersecurity
[ Crete, Greece, 2019 – 2019 ]
https://nis-summer-school.enisa.europa.eu/
https://nis-summer-school.enisa.europa.eu/
Speaker: Digital Week 2019, Cybersecurity
[ Murcia, Spain, 2019 – 2019 ]
http://www.murciadigitalweek.es/
http://www.murciadigitalweek.es/
Speaker: HACK & BEERS
[ Alicante, Spain, 2018 – 2018 ]
https://hackandbeers.es/speakers/paco-de-andres/
https://hackandbeers.es/speakers/paco-de-andres/
Speaker: EUSKALTEL Cybersecurity
[ Bilbao, Spain, 2018 – 2018 ]
https://www.youtube.com/watch?v=Le82XDWcPJo
https://www.youtube.com/watch?v=Le82XDWcPJo
Contact this candidate