Aug 2025 – Present · 9 mos · Madrid · Remote

• Team8 CISO Village is an exclusive community of senior CISOs (Chief Information Security Officers) from global industry leaders, brought together by Israeli venture group Team8.
• It serves as a collaborative space where top security leaders share insights, discuss emerging threats, and influence the direction of cybersecurity innovation.
• The community is also a key part of Team8’s startup-building process — helping shape solutions based on real-world enterprise needs.

Jan 2024 – Present · 2 yrs 4 mos · Madrid · Remote

• The CISO Society is a private community of CISOs collaborating on everything from security strategy, industry challenges, project roadmaps, technology partners, talent acquisition, leadership and investments.
• They promotes trusted, peer-reviewed decision-making and strategic collaboration, facilitate vendor due diligence backed by actual CISO feedback, supports leadership development—transforming technical roles into strategic business enablers and help members stay ahead on hot topics like AI risk governance, third-party resilience, and team well-being.

Nov 2023 – Sep 2025 · 1 yr 10 mos · Madrid, Community of Madrid, Spain · On-site

• Accountable for the cybersecurity strategy and policies for HORSE, in line with HORSE strategy and regulations. In charge of defining, driving and promoting the relevant level of cybersecurity, striking the right balance with business challenges. Strategic Point of Contact for the CIO of HORSE and the Heads of IS/IT Departments. The scope of work also includes all geographical HORSE perimeter. Member of IT Committee.
• Main responsibilities are:
• 1. Cybersecurity Strategy
• Define and execute HORSE Cybersecurity Strategy with focus on:
• Management of the cybersecurity organization and resources
• Compliance with applicable regulations
• Sustainability of cybersecurity
• Relationships and interactions with internal partners inside the JV (Geely, Aramco)
• Relationships and interactions with the mother company Renault Group
• Specific relevant strategy to secure the production in HORSE plants (8 sites in 7 countries).
• 2. Cybersecurity Programs and Projects Management
• Ensure the cybersecurity strategy and roadmap implementation
• 3. Cybersecurity Ambassador
• Guide and train the HORSE organization in cybersecurity
• Take on the role of active ambassador for cybersecurity within HORSE organization
• 4. Cybersecurity Team Management
• Build an efficient Cybersecurity team in line with HORSE strategy
• Develop team skills and knowledge and encourage participation in internal and external cybersecurity communities
• Build trust and works with peers to improve overall effectiveness and avoid silos
• Encourage original ideas and innovation
• Report regularly to stakeholders and play an advisory role
• 5. Cybersecurity IT Budget and Vendor Management
• Accountable for HORSE Cybersecurity RUN (recurring) and BUILD (project) budgets
• Manage Cybersecurity budget in alignment with HORSE strategy
• Approve purchases of technological equipment and software and establish partnership with IT providers

Jul 2022 – Nov 2023 · 1 yr 4 mos · Madrid

• Main responsibilities:
• Lead daily operations of the Security Operations Center including managing relationship with managed SOC service providers.
• Develop a roadmap and a programme to develop and grow the unit including the on-boarding of new platforms, identifying automation opportunities, and development of service level agreements
• Improve the ruleset, playbooks and reduction of false positives
• Report to leadership the performance of the SOC through the establishment of KPIs including operational and risk-based metrics.
• Coordinate, analyze, and escalate security incidents in partnership with vendors, business units, customers and partners.
• Investigate malware artifacts in response to incidents, coordinate network scans to cover the perimeter and internal networks and assist with coordination and provide input into incident management plan activities.
• Lead the remediation, vulnerability and patch management across the the enterprise.

Aug 2018 – Jul 2022 · 3 yrs 11 mos · Madrid Area, Spain

• Manage the services provided by the Technical Security Centre team (four headcounts) across the three pillars of application, system and network security in addition to the cross functional security assessment and cloud security roles, with the core objective of ensuring consistency and quality of the overall activities provided by the team. These services are delivered globally across the company dealing with IT stake holders at both Global IT and Local/Market IT. The objectives are to manage the analysis and assessment requests and provide security guidance for both new and currently existing infrastructure, projects and systems and to ensure that company security standards are consistently maintained and applied globally. The scope includes solutions delivered both internally and externally. The incumbent is also responsible for managing the budget for security technologies provided globally by the Technical Security Centre team as a whole, for example anti-malware and internet defences.
• Main responsibilities:
• Manage the security assessments for both currently existing and new infrastructure, projects and systems to mitigate security risks due to insecure implementations. This is conducted as part of the standard change management process by means of providing security guidance and playing an advisory and quality control role towards the global and local technical teams for implementing security best practices for new solutions.
• Ensure the robustness of JTI systems/solutions internet perimeter defences in line with the risk level of the business.
• Provide a cost-effective set of perimeter defences driven by the technical information security strategy and business requirements.
• Support the Security Operations Centre team in analysis, evaluation and response to security incidents including but not limited to: Internal/external attacks, malware attacks, fraudulent emails and internal issues

Mar 2017 – Aug 2018 · 1 yr 5 mos

• Main responsibilities:
• Planning and managing diagnosis and assessment activities and defining high-level program/action plans.
• Identifying opportunities to drive more value from an organization’s IT strategy through technology strategies in targeted areas, including technology infrastructure and technology architecture.
• Ensuring technology requirements will allow modeling and address performance and security.
• Ensuring high level design supports a robust technology solution, taking into account the user requirements, technical requirements, etc.
• Planning and managing technology design activities.
• Troubleshooting and performance tuning of security products/solutions.

May 2016 – Feb 2017 · 9 mos · Madrid Area, Spain

• Main responsibilities:
• Design of electronic banking services in Cloud for bank industry companies.
• Review of security infrastructure of Iaas / Paas according to privacy requirements in Spain / UK.
• Pre-Sales and Project Management of Information Security Developments / Implementations / Audits.

Feb 2012 – May 2016 · 4 yrs 3 mos · Torre PwC

• Main responsibilities:
• Risk Management and monitoring demands sparked by the growing use of social media, cloud and smart-device technologies.
• Data security and privacy compliance regarding personal data (medical records).
• Big Data audit management and audit analytics.
• SAP GRC implementation supports and Re-Design of security infraestructure and role management process design.
• Software Asset Management Processes and methodology design.
• Fraud Analysis regarding Insurance Business Processes / Fraud methodology designs for insurances companies.
• Identity Management and Criptograhy projects: implementation of digital signature to several business processes in insurance companies and development of Identity Management Framework in several countries for insurances companies. Maintenance of Oracle Identity Manager and Oracle Identity Analytics.
• Business Continuity Plan Audits for Market Unit / Business Unit for insurances companies.
• Security Plan / Information Security Strategy for insurance companies considering Return of Investments.
• Medical devices security audits in insurance companies.
• Implementation of SIEM tools and big data benchmarking analysis.
• Risk Model Definition and Data classification for finance companies and insurance companies.

May 2011 – Feb 2012 · 9 mos · Madrid y alrededores, España

• Main responsibilities:
• Project management. Risk Assurance Services projects and SAP HCM Rollouts:
• Telefónica SAP Global HCM Rollout for several countries (LATAM, SPAIN, EUROPE).
• Risk Analysis for Telefónica SAP Roadmap defined.
• Definition of Governance Model to manage projects for Project Management Office.

Oct 2005 – May 2011 · 5 yrs 7 mos · Madrid y alrededores, España

• Main responsibilities:
• SAP Data Processes using SAP PI Integration, SAP HR Info types, Personnel Administration Dynamic Actions and IMG Customizing.
• Modification of SAP HR Payroll rules, functions and operations for SAP Spanish Payroll Schema.
• Payroll Data, Organizational Management and Personnel Administration Customizing.
• Archive Link (Content Server) and Document Finder Tool Administration.
• Design and Development of an application for Material Management using Web Services and
• Abap proxies.
• Design and Implementation of Contingency Management System connected to internal mailings (SAP
• Business Workplace), SMS Systems and Log Management Systems.
• Personnel Qualifications and Organizational Management developments and customizing.
• Identity Management and Structure Profiles customizing within SAP HR / FI / SD components.
• Project Management of the following SAP HR Components:
• Training and Event Management (PE),
• Personnel Recruiting (ER),
• Development Plans (DP),
• Qualifications and Requirements (QR),
• Career and Succession Planning (SP) - Talent Management,
• Personal Evaluation (PE),
• Environment, Health and Safety (EHS).

Dec 2004 – Oct 2005 · 10 mos · Madrid

• Main responsibilities:
• Development, Planning, Design and Integration tasks on HR SAP Personnel Cost Planning.
• Customer Data Management Interface Development for Customer Contracts.
• Customer Purchase Orders Management (SAP MM) and SAP MM System Migration.
• Application Maintenance / Database Tuning for Logistics and Sales Distribution SAP System (SAP SD/LO).
• Quality assurance and Database Benchmarking, Modification of Intermediate Documents (IDocs) for Electronic Data Interchange.
• Application Performance Analysis, SAP Queries and data analytics.

Jun 2003 – Dec 2004 · 1 yr 6 mos · Madrid y alrededores, España

• Main responsibilities:
• Development and management of Barclays Bank SAP Enterprise Employee Portal with the following functionalities:
• Personnel Data & Work Schedule Management.
• Employees Promotions and Career Planning.
• Fringe Benefits Management.
• Authorization and Identity Management.