Cybersecurity Expert

Main Activities:

• Responsible for ensuring compliance with Sanofi's security and IT privacy policies and procedures for CHC(Consumer Health) Business Unit projects.
• Analyse the possible cybersecurity and IT privacy risks and define and design the controls to be integrated and implemented during the life cycle of the projects.
• Cybersecurity Lead in all Mergers, Acquisitions and Divestitures projects of Sanofi in charge of identifying all the possible cybersecurity and IT privacy risks and define the strategy to be follow (budget, team, planning, etc). In charge of determining all the cybersecurity activities that must be covered, coordinate the various cybersecurity and ITS teams to ensure that all cyber framework is correctly designed, implemented and executed.
• Provide communication, awareness and consulting services to the company for the understanding and mitigation of risks, as necessary.
• Responsible to help the CHC Business unit to comply with all GDPR and privacy compliance activities specially in regard to security measures including risk analysis, third party’s security assessments, security clauses in contracts, PIAs, etc.Main Achievements:
• Development of a whole methodology and strengthening it for cybersecurity and privacy risks and activities in Mergers, Acquisitions and Divestitures projects (Cybersecurity M&A&D playbook).Coordination, review, project management of different teams from different countries and specialties such as IT, legal and business to execute strategic projects for the Company (M&A&D).

‍

Senior Manager Cybersecurity & Privacy

Main Activities:

• Implementation of privacy projects, focused on the execution and analysis of privacy risks in the organisation, design, development and implementation of policies, procedures, controls, tools to establish data protection and privacy programs based on various regulatory requirements at national level and with other regulations such as GDPR, HIPAA and other privacy and information security regulations applicable in Latin America.
• Development of information security projects (cyber security) with a focus on risks and alignment with various security standards such as: ISO 27001, IS0 29100, NIST, COBIT and ITIL.
• Attend RFPs and develop proposals and deliver documentation according to RFPs requirements.

‍

Data Privacy and Cybersecurity Manager

Main Activities:

• In charge of all the privacy practices and development of the privacy practice in other countries.
• Analysis of different business areas, to detect and analyse the information transfer, mapping and relationship with the IT operations to ensure the correct data protection and prevent information loss. Analyse the best IT technology systems to implement and ensure information protection.-Develop privacy management strategies and frameworks to align to the country regulations and international best practices
• Security audits with an approach to review that the systems and infrastructure ensure the correct management and protection of the information used in the daily operation and ensure the confidentiality of the organisation's clients’ information.
• Analyse the IT areas involved with the daily operation. Design of IT policies, procedures and processes aligned with ISO 27000.
• Analysis, design, and implementation of Digital Invoice solutions and incorporate them in the business operations and systems.
• Execute compliance audits with a risk approach. Design and effectiveness review of the control for the different IT areas involved during the audit, to determine the maturity level of the company based on risks.
• Attend RFPs and develop proposals and deliver documentation according to RFPs requirements.

‍

Project Manager

Main Activities:

• Evaluate existing business systems to show strengths and weaknesses; analyse the business and implement IT and business solutions for daily and key operations, define and implement business performance metrics, process documentation and mapping.

‍

Project Manager

Main Activities:

• Handle construction permits and licenses, Social Security requirements and permits, Social Security payments, managing payroll, inventory management, materials purchasing, suppliers’ negotiations and payments.

‍

Investigation Assistant and Business Analyst

Main Activities:

• Analysis, design and development of project proposals and courses, job requirements analysis and profile design for the projects, review resumes, interview applicants, applicants’ reports, and check documentation for hiring.
• Participate for more than one year in a project with Cadena Comercial OXXO, where I performed activities for analysing, mapping processes and redesign of the supply chain. As well as analysis, design and implementation of control and monitoring tools for the operation and execution of the company’s information technology systems.