* Modelo Tecnologia - Strategy in Technology and Information Security: Senior consultant to information security management projects based on ISO / IEC 27001 guidelines. I have exntensive knowledge in NIST Cybersecurity Framework model for cyber security, in IT process mapping, ITIL and IT Governance.
I am lead auditor in information security management systems (ISMS) based on ISO / IEC 27001.
* Tribunal de Justiça do Estado de Mato Grosso do Sul: It was responsible for elaborate the risk analysis manual in information security based on the practices of ISO/IEC 27005 standard. Also, It implemented the internal information security awareness and education program throughout the court, conducting the follow actions: - Conducting internal lectures for new employees; - Creation, in partnership with judicial school, the course of best practices in information security for magistrates; - Elaboration, in partnership with a communications area, of information security awareness papers, like e-mails marketing, training manuals and education booklets; - Creating the Information Security Day. It conducted internal audits on information security with a focus on compliance with superior standards and industry best practices. It was responsible for the elaboration of several information security policies and standards, including an Information Security Policy (ISP), access control policy, information classification policy, IT resource policy, email policy, confidentiality and digital signature policies. Technically, it designed of the technical vulnerability management process, implementing the Nessus Security Center as the scanner tool for critical network assets.
* EasyNet: Senior instructor for the following courses:
- ITIL V3 Foundation official training;
- IT Governance with COBIT 4.1;
- Training for Information Security Officers.