Post Job Free
Sign in

Security Operations Solutions Architect

Location:
Weston, FL
Posted:
May 19, 2025

Contact this candidate

Resume:

Summary

Highly accomplished and strategic Cybersecurity Executive with 15+ years of progressive experience within the IT, Cybersecurity, Consultancy, and Telecommunications industries, including 5+ years in customer-facing leadership roles. Proven ability to translate complex technical visions into successful business outcomes, cultivate CxO-level relationships, and drive product adoption within strategic accounts. Deep understanding of cloud-based models, web-scale architectures, and a strong foundation in Cybersecurity, Security Operations, and IT Risk Governance. A compelling communicator and influencer with a track record of building high-performing technical teams and driving change within dynamic environments.

As a Certified PMP, CISA, and CISM, Mr. Lopez is a member of PMI and ISACA practices. He is highly regarded senior subject matter expert with Governance, Risk, Compliance, Cybersecurity, Audit, Architecture Analysis, intrusion/vulnerability assessments expertise. With demonstrated excellent leadership, communication, and interpersonal skills, Mr. Lopez has managed teams of up to 70 personnel and multi-million-dollar budgets across both the private, federal, DoD and civil sectors. Bi-lingual: Speak, read, and write in Spanish and Portuguese. Possesses strong leadership, communication, and collaboration skills with a deep understanding of Financial and Federal security standards, NIST frameworks, and emerging cybersecurity trends.

Key Skills

Cybersecurity: Security Architecture, Security Operations, Threat Intelligence, Vulnerability Management, Incident Response, Cloud Security, Data Security, Network Security, Endpoint Security

Cloud Computing: SaaS, PaaS, IaaS, AWS, Azure, DHS CISA-Gov Cloud, GCP

GRC: IT Risk Governance, Compliance (e.g., SOC 2, ISO 27001, GDPR, CCPA, NIST)

Technical Leadership: Strategic Planning, Vision Articulation, Team Building, Mentoring

Communication & Influence: Executive Presentations, Public Speaking, Stakeholder Management, Negotiation

Business Acumen: Go-to-Market Strategy, Pipeline Generation, Deal Closure, Market Analysis

Technical Expertise: [List specific technologies and tools relevant to web-scale environments and cybersecurity]

Professional Experience

CISO/AWS/Azure Solutions Architect Director Cyber Resilience Group (CRG) LLC,

Department of Homeland Security CISA – Remote 2020 - Present

Professional Cybersecurity leader and solutions architect lead. Certified CISA & CISM, passion for Zero-Trust principals and Identity Management (IDAM) for federal government clients; well versed in government contracting and internal IT Security support. Excels at creating high functioning team environments with customers, suppliers, and employees. An out of the box thinker able to translate technical information for non-technical customers or executives. Consistently able to bring tough projects in on time and on budget with maximum efficiency and effectiveness.

Spearheaded the development and execution of technology-informed go-to-market strategies for AWS Landing Zone IaaS resulting in 30% increase in regional pipeline generation within the first year.

Cultivated and maintained strong CxO-level relationships at key strategic accounts, driving a 30% increase in product adoption across the top 5 clients at DHS

Shaped and translated a complex cybersecurity vision into the delivery of successful business outcomes, leading the company through a full migration to a secure cloud-based infrastructure both in Azure and AWS cloud.

Defined and simplified the organization's offerings to key market segments, delivering compelling messaging that resonated with enterprise-level clients.

Built and managed a high-performing technical team of 15 security and solution engineers, fostering a culture of collaboration and excellence.

Served as a key technical voice for Cyber Resilience Group (CRG), LLC, working closely with solution engineering to evolve the full product roadmap based on market needs and customer feedback.

Represented the company as a speaker at GRC Conferences and public forums and industry events, significantly increasing brand awareness and generating leads.

CISO - Cybersecurity Director Cyber Resilience Group (CRG) LLC,

Pension Benefit Guaranty Corporation (PBGC) – Remote 2020 - 2022

Led the design and implementation of complex cybersecurity solutions for web-scale organizations and large service providers, ensuring robust security postures.

Developed and presented executive-level demonstrations of security concepts and solutions to prospective clients.

Provided expert guidance and support to customers through their digital and cloud transformation journeys, ensuring secure adoption of SaaS, PaaS, and IaaS models.

Conducted thorough assessments of customer environments to identify security needs and recommend tailored Cloudflare, CyberArk, and SailPoint for IDAM solutions.

Forged and sustained effective partnerships both internally (e.g., Sales, Engineering, Product) and externally (e.g., customers, partners).

Built and managed a high-performing team of 25 cybersecurity professionals, fostering a culture of collaboration, innovation, and continuous improvement.

Conducted risk assessments, vulnerability assessments, and penetration testing to identify and mitigate security risks.

Developed and implemented security policies, standards, and procedures in alignment with industry best practices and regulatory requirements (NIST CSF, PCI DSS, SOX, GDPR).

Managed security technologies and tools, including SIEM, IDS/IPS, endpoint protection, encryption, and access control systems.

Collaborated with stakeholders across the organization to ensure security awareness and compliance

Technical Audit Director/Lead Cyber Resilience Group (CRG) LLC, Fiserv, Inc. – Latin America – Remote 2016 - 2022

As a Sr. Technical Audit Advisor/SME for the CISO at Fiserv lead the IT Security Compliance program for the Latin American and Caribbean Region. As Sr IT Security leader and liaison between auditors; completed over 10 comprehensive reviews for the organizations’ data security controls with executive teams, internal stakeholders, PCI auditors, audit firms (Deloitte/KPMG) providing IT Audit training with recommendations, direction and development for the LATAM region IT Audit and Cybersecurity Program.

Scheduled and coordinated over 15 annual PCI Audits with LATAM Auditors for access to people and resources to perform reviews with (0) PCI DSS findings.

Assessed and remediated over 25 Point of Sale (POS) vulnerable applications after implementation with the technical vulnerability management teams during PCI quarterly scans

Completed over 10 comprehensive documentation reviews, technical evidence for the organizations’ data security controls with senior management teams, internal stakeholders, SOX auditors, audit firms (KPMG) in scoping SOX environments and evaluating those environments against SOX.

SailPoint IAM System administration of LATAM Employee Lifecycle management of over 200 privilege user system engineers, developers, network engineers, and system administrators.

SailPoint Compliance Management in the Fiserv LATAM Region (Brazil, Argentina, Panama, Colombia):

Tracked, enforced, and certified access across the enterprise.

Collaborates with Enterprise Security Operation Directors, Managers, and Supervisors to oversee the evaluation and implementation of tools and applications required to investigate anomalies and respond to and remediate incidents.

Ensure the implementation of cyber security incident response projects and security solution implementations, such as Trusted Internet Connection (TIC), Vulnerability and Patch Management.

Provides oversight in implementing comprehensive risk management strategies, ensuring alignment with the Department’s risk management policy, for continuous monitoring, security data analysis, and Federal Risk Authorization Management Program (Fed RAMP) cloud sponsorships.

Sr. Information System Security Officer/Lead U.S. Department of State, Diplomatic Security Bureau, office of the CTO, Arlington VA 2009 – 2016

Led the cybersecurity strategy for the Diplomatic Security Bureau, ensuring the protection of U.S. diplomats, to over 450 embassies, and sensitive information systems worldwide.

Developed and implemented a new cybersecurity framework to address the unique challenges of operating in diverse and often hostile environments.

Spearheaded initiatives to secure critical infrastructure, protect sensitive data, and educate diplomats about cybersecurity threats and best practices.

Played a key role in mitigating a major cyberattack targeting U.S. embassies, preventing data breaches, and enhancing international collaboration on cybersecurity.

Successfully defended against 7500 number of cyberattacks; Secured over 400+ embassies in over 120 countries

Worked with developers in testing migrating and implementing Software:

Ensure compliance with DS CTO policy and standards/regulations (FISMA/NIST/CIS/FAM/FAH) on providing gap analysis on current security policies which include asset classification, security controls, incident management, vulnerability management plans

Education

Adjunct Professor (Cybersecurity/MIS Program), Bowie State University, Bowie MD

M.S. Master of Business Administration (MBA), DeVry University, Arlington VA

M.S. Management Information Systems (MIS), Bowie State University, Bowie MD

B.A. Communications, Trinity International University, Miami, FL

Certification

Project Management Professional (PMP) PMI # 430368, Villanova University

ISACA Certified Information Security Manager (CISM)

ISACA Certified Information Security Auditor (CISA)

Certified AWS Cloud Practitioner

ITIL 2011 – Certification# 0232071501QG4F

CYBERSECURITY TOOLS EXPERIENCE & SKILLS:

Cyber Kill Chain Methodology – Reconnaissance, Weaponization Delivery, Exploitation Command & Control (C2), Actions on Objectives

Defense-in-Depth – Barracuda, Palo Alto Network, NextGen Firewalls, FireEye, CarbonBlack, Cisco Sourcefire IDS/IPS, HBSS+HIPS, CMRS, ACAS, Solera, ArcSight, SPLUNK

Authorization & Accreditation (A&A) – DOJ CSAM, DHS Trusted Agent, Tripwire, XACTA, Rapid 7, SPLUNK FISMA, NSAT, RSA Archer

Best Practice Frameworks – PCI DSS, SOX, SOC2, COSO, CMMI, ITIL, FedRAMP Cloud Architecture (AWS, Azure, Google), HHS EPLC, NIST 800 SP 800 Series, FITARA, DevSecOps.

oCybersecurity Strategy and Planning

oRisk Management and Governance

oThreat Intelligence and Incident Response

oCloud Security (AWS, Azure, GCP)

oData Loss Prevention (DLP)

oVulnerability Management

oSecurity Architecture

oCompliance (NIST, ISO 27001, SOC 2, GDPR, CCPA)



Contact this candidate