Cloud Security Architecting, Zero Trust architecture Management, ZTNA (Zero Trust Network Access), DLP ((Data Loss Prevention), CASB (Cloud Access Security Broker), Cloudflare. AWS & Azure security. Datadog for cloud security monitoring. CrowdStrike for EDR and CSPM management. Firewall & Network security architecting and monitoring. Security scanning and Incident Response.

Cloud security management, monitoring and Improvement of AWS infrastructure for Dev and Production multi- region and multi-account environments. AWS tools security management and improvement, management and integration of security tools with the cloud environment of the company (CrowdStrike -Mantaining and monitoring more than 5k Falcon Crowstrike sensors gobally deployed-, Sumo Logic, Trend Micro, Tenable and others). Use of Puppet and CloudFormation for integrations and infrastructure security improvement deploys and for specific accounts on AWS uniquely for security management. Security architecting reviews and improvements. Vulnerability management lead, security third-party relationships, FedRAMP, PCI DSS & SOC implementations and audits management. Incidents and alert monitoring, forensics.

Management of ISO 27001 and PCI DSS certifications and standards in the company, leader in information security, incident and risk management, infrastructure penetration testing, cloud security management of AWS environment for the company, providing improvements on cloud security and leading gathering of evidence from AWS for PCI DSS audits. Infrastructure as Code security improvements with Terraform. AWS IAM. AWS integration with open source security tools for improvements (Prowler, AWS Network Access Analyzer, Terraform AWS Secure Baseline and others).

General information security management, vulnerability analysis and management, internal security monitoring (SIEM - Splunk), pen-testing to infrastructure and web / mobile applications (iOS & Android), general management of security standards applied in the company (ISO 27001, HIPAA, GDPR, NIST), successful implementation to achieve FedRAMP authorization (Federal Risk Management and Authorization Program, a United States government program that provides a standardized approach to security assessment, authorization and continuous monitoring of cloud products and services). Process management leader with IT security providers (Tenable, Etek, Hackerone, among others). Security management with Azure, Tenable.sc (Nessus), AppSpider, Burp Suite, Kali Linux.

(Short Freelance Project) IT security outsourcing company for multiple companies and projects (2019): Ethical hacking to ICBF (Instituto Colombiano de Bienestar Familiar), Ethical Hacking to SIM (Servicios Integrales para la Movilidad), Information Security Manager - HOCOL.

Security engineer performing ethical hacking, vulnerability analysis, event correlation, computer audits, implementation and monitoring of security policies, information security awareness, Cloud security in GCP and AWS. Risk management, firewall management, antivirus, update of software patches, investigation and disclosure of new threats and social engineering threats. ISO 20071 Internal Auditor.