Juan Jose Santos Prieto

Angestellt, Senior Security Analyst | GRC | Project Manager | Business Developer, Expleo Group
Madrid, Spanien

Fähigkeiten und Kenntnisse

IT Security
IT Project Management
Information Security
OSINT
IT Risk Management
IT Governance
IT Compliance
Business Development
Cyberintelligence
IT Strategy
Cybersecurity
ISO 27001

Werdegang

Berufserfahrung von Juan Jose Santos Prieto

  • Bis heute 1 Jahr und 7 Monate, seit Jan. 2024

    Senior Security Analyst | GRC | Project Manager | Business Developer

    Expleo Group

    *Compliance Advisory (ISA62443, 27001, NIS2...) *Cyberintelligence Investigation & Research *Business Development *Product development (with AI implementation)

  • 7 Monate, Juni 2023 - Dez. 2023

    CISO | Strategy | Management | SecOps | Compliance | IT Risk

    Aiuken Cybersecurity

    *ISMS strategy development assistance *Cybersecurity control implementation, management and monitoring *Incident response management

  • 4 Jahre und 9 Monate, Apr. 2019 - Dez. 2023

    Intelligence & Security Analyst | Threat Intelligence | OSINT | Cybint

    Aiuken Cybersecurity

    * Threat & vulnerability monitoring, evaluation and reporting (both executive and technical level) * Fraud monitoring and reporting (both executive and technical level) * Incident management and reporting (both executive and technical level)

  • 4 Jahre und 1 Monat, Juni 2019 - Juni 2023

    Intelligence Manager | Strategy | Multi-client Service | Business Developer

    Aiuken Cybersecurity

    * Service management with high billing volume * Management of intelligence and counterintelligence service for multiple clients * Executive reports crafting * Execution planning of objectives set and effort assignment to the team * Threat & vulnerability monitoring, evaluation and reporting (both executive and technical level) * Fraud monitoring and reporting (both executive and technical level) * Incident management and reporting * Process, procedure and documentation development (ISO 27001)

  • 6 Monate, Okt. 2018 - März 2019

    Cybersecurity Analyst (SOC) | Incident Detection & Response

    Sogeti Luxembourg

    SOC analyst (protection - detection - response) * Network flow & endpoint analysis * Incident response and reporting * Elaboration of threat cyber intelligence reports * Management of SIEM tools and other information and threat intelligence aggregators * Management of ticketing tools

  • 5 Monate, Apr. 2018 - Aug. 2018

    Cybersecurity Consultant | Control Design & Development | Threat Intelligence

    Aiuken Cybersecurity

    *Requirement Management, Design & Provisioning in cyber security consulting (large budgets) *Relationship establishment with, at least 50 international enterprises *CSOC (Cyber Security Operations Centre) Process Engineering *ITIL Development (to comply with ISO 27001 y NIST800-53)

  • 4 Jahre und 10 Monate, Juli 2013 - Apr. 2018

    Intelligence Analyst | OSINT | Forensic Investigations

    Alpa Forensic Investigators

    Level 1 & 2 intelligence analysis *Economic: OSINT & Accounting reporting review *Intellectual property: OSINT *Digital footprint investigations: OSINT *Intelligence consumption, structured analysis, critical thinking & intelligence reporting.

  • 7 Monate, Apr. 2017 - Okt. 2017

    Intelligence Analyst | OSINT | National Security Monitoring

    Intelligence Fusion

    Level 1 & 2 intelligence analysis *Social network, news & law enforcement monitoring (OSINT, IMGINT & GEOINT) *Intelligence tooling for data collection (exif, lookup, rss & atom channels, social networks, images) *VDI (Virtual Desktop Interface) GNU/Linux administration & cyber security (Baseline configuration & hardening) *Intelligence consumption, structured analysis, critical thinking & intelligence reporting

  • 9 Monate, Sep. 2016 - Mai 2017

    Accountant | Operations Registry | Tax Formulation | IT Asset Ownership

    Admiplanor

    *Daily corporate accounting (purchases, sales & debt operations) & review *Document classification & archive *Tax reporting *End-point baseline configuration and cyber security (GNU/Linux & Windows) *Economic Forensic Evaluation (financial intelligence (FININT)): one case *Cloud infrastructure management (NAS website hosting) *Web project management: business requirements, website conceptual design & provisioning *VDI (Virtual desktop interface) usage *IT strategic planing, reporting & documentation

  • 3 Monate, Juli 2015 - Sep. 2015

    Accountant | Operations Registry | Tax Formulation | IT Asset Ownership

    Admiplanor

    *Daily corporate accounting (purchases, sales & debt operations) & review *Document classification & archive *Tax reporting *Web project management: business requirements, website conceptual design & provisioning *VDI (Virtual desktop interface) usage *IT strategic planing, reporting & documentation

  • 4 Monate, Okt. 2014 - Jan. 2015

    Tax Technician | Income Quality Assurance | Process Engineering

    REGTSA

    *Tax incoming review. Analyzed by type & trend. Up to 300 regional "city" councils, declaring up to 10 different types of taxes. *Statistical modeling build-up from scratch for fraud detection using Excel. *Semi automatic reporting build-up from scratch using Excel. *Business processes documentation review and update. *Internal organization & reporting documentation review and update.

  • 3 Monate, Juli 2014 - Sep. 2014

    Accountant | Operations Registry | Tax Formulation | IT Asset Ownership

    Admiplanor

    *Daily corporate accounting (purchases, sales & debt operations) & review *Document classification & archive *Tax reporting *Web project management: business requirements, website conceptual design & provisioning *VDI (Virtual desktop interface) usage *IT strategic planing, reporting & documentation

Ausbildung von Juan Jose Santos Prieto

  • 10 Monate, Okt. 2017 - Juli 2018

    Master in Cyber Security

    IE Business School

    * ISMS Implementation (Information Security Management System), and in accordance with the standards ISO 27001, ISO 27701, ISO 22301, GDPR and NIST 800-53 * Preparation of risk assessment based on the principles defined by ISO 31000, and threat modeling Miter ATT & CK, Cyber-killchain ... * Compliance and RCM (ISO 27001, GDPR...) * Auditing principles (ISO19011): ISO 27001, PCI-DSS y COBIT5 * Implementation of network security controls, endpoint, cloud, IoT, OT ... * Communication & leadership

  • 6 Monate, Feb. 2017 - Juli 2017

    SAP Business One Consultant

    Universidad Pontificia de Salamanca

    *User interaction (purchases, sells, equity and debt operations and reporting) *Interface usage & customization (tweaking according to business needs) *Configuration & parameterization (wizard & SQL) (basic data import and export) *Software installation & configuration (wizard-guided)

  • 1 Jahr und 1 Monat, Sep. 2016 - Sep. 2017

    Security Director

    UDIMA

    *Threat Modeling, risk Management & recovery (according to ISO 31000 and ISO 22301) *Business impact *Security & safety law & regulation *Anti-social security *Environmental security *Labor safety *IT management overview (cyber security)

  • 3 Jahre und 1 Monat, Sep. 2010 - Sep. 2013

    Private Detective

    University of Salamanca

    *Intelligence process structure *Physical & electronic surveillance *Labor law, Civil Law, Mercantile Law, Administrative Regulations. *Scientific crime investigation: collection & analysis *Economic & on-line investigation overview *Digital forensics overview (cyber security) *Reporting consumption & creation

  • 3 Jahre und 1 Monat, Sep. 2010 - Sep. 2013

    Criminology

    University of Salamanca

    *Crime theory *Criminal psychology & psychiatry *Criminal sociology *Medical forensics *Criminal investigation using statistics *Organized crime: economic, digital (cyber security), prostitution, drug dealing and weapon dealing

  • 7 Jahre und 9 Monate, Sep. 2008 - Mai 2016

    Business Administration Bachelor

    University of Salamanca

    *Mathematical & economic thinking *Internal and external accounting *External accounting audits *IT management overview (including cyber security) *Strategic, commercial and financial analysis & management (corporate & competence intelligence) *Operational, tactical & strategic planing (corporate & competence intelligence) *Organizational management (Structural design) (corporate and competence intelligence) *Civil & mercantile laws *Tax compliance *Quality: ISO 9001

Sprachen

  • Spanisch

    Muttersprache

  • Englisch

    Fließend

  • Deutsch

    Grundlagen

XING – Das Jobs-Netzwerk

  • Über eine Million Jobs

    Entdecke mit XING genau den Job, der wirklich zu Dir passt.

  • Persönliche Job-Angebote

    Lass Dich finden von Arbeitgebern und über 20.000 Recruiter·innen.

  • 22 Mio. Mitglieder

    Knüpf neue Kontakte und erhalte Impulse für ein besseres Job-Leben.

  • Kostenlos profitieren

    Schon als Basis-Mitglied kannst Du Deine Job-Suche deutlich optimieren.

21 Mio. XING Mitglieder, von A bis Z