Monica C.
Cyber Security Engineer
Experience
Apr 2021 - Apr 2024
3 years 1 monthBogotá, Colombia
Cyber Security Engineer
Mercado Libre
- Led security assessments for cloud and on-premise applications/initiatives, embedding automated SAST/DAST scans and threat-model across the SSDLC.
- Ensure compliance with regulatory standards (PCI-DSS, ISO 27001, SOX) by integrating layered controls and closing all external-audit findings.
- Oversee risk detection and management for solutions related to money management, insurance, credit and debit cards and loans.
- Built dashboards and KPIs to monitor squad OKRs, incident SLAs and risk trends; delivered quarterly briefings that secured a US $6 billion portfolio of loans.
- Designed roles vs profiles RBAC matrices for identity and access management of applications.
- Drove third-party risk assessments for 50+ partner integrations, mapping data flows, ensuring technical, compliance, and regulatory alignment.
- Negotiated and embedded security clauses in vendor contracts, aligning SLAs and breach-notification terms with ISO 27001 and local data protection laws.
Nov 2019 - Mar 2021
1 year 5 monthsBogotá, Colombia
Digital Security Professional III
Banco Davivienda
- Mapped and classified critical assets across core banking, payments and digital channels.
- Reviewed cloud architectures (AWS, Azure, GCP) for new digital-banking projects, issuing secure-design patterns that met Financial Superintendency “Circular Básica Externa” requirements.
- Led risk and compliance assessments for initiatives, ensuring alignment with SOX, PCI-DSS, and IT governance frameworks.
- Participated in cybersecurity strategy meetings and monitored the proper implementation of controls for each project to ensure the new services and digital processes.
- Executed real-time security monitoring, identifying and neutralizing cyber threats across digital platforms.
May 2019 - Nov 2019
7 monthsBogotá, Colombia
Information Security Analyst
Laboratorios Legrand S.A
- Managed 900+ Google Workspace (G Suite) accounts, onboarding and off-boarding processes.
- Executed daily full-system and weekly off-site backups, achieving 99.9% backup success rate and validating restores twice per quarter.
- Drove patch-management program for Windows and Linux servers; maintained critical-update compliance.
- Designed and implemented security controls and incident response procedures.
- Managed security monitoring tools to detect anomalies and potential breaches.
- Conducted staff training sessions on security awareness and compliance protocols.
Aug 2017 - May 2019
1 year 10 monthsBogotá, Colombia
Junior IT Security Analyst
Yanbal S.A.S
- Created vulnerability management metrics, tracking and closing security gaps.
- Coordinated external and internal audits (BASC, OEA, PwC); tracked remediation plans and kept zero repeat findings across two audit cycles.
- Developed and implemented contingency plans and security testing strategies to support business continuity.
- Established and maintained security controls, policies, and compliance procedures in alignment with regulations.
Jan 2017 - Jul 2017
7 monthsBogotá, Colombia
IT Intern
Yanbal S.A.S
- Assisted in IT service desk operations, managing technical support requests, overseeing documentation, assessing PQRS processes, and ensuring SLA compliance.
- Participated in the Technology Renewal Project at the Distribution Center, supervising replacement of obsolete network equipment, coordinating change windows and work plans, and updating network diagrams and associated inventory.
- Led network infrastructure updates and configurations, including VoIP systems, routers, and switches.
Summary
Cybersecurity Specialist with 7+ years of experience in Risk management, Compliance, and Security Architecture.
Proven ability to identify, assess, and mitigate risks, ensuring regulatory compliance and robust security frameworks for financial institutions and digital services.
Strong expertise in Cloud security, PCI-DSS compliance, Zero trust strategies, and threat modeling.
Passionate about staying ahead of emerging threats and implementing proactive security measures.
Languages
Spanish
NativeEnglish
AdvancedItalian
AdvancedEducation
Oct 2023 - Jun 2025
Politecnico di Torino
Master of Science · Cybersecurity · Italy
Escuela Colombiana de Ingeniería Julio Garavito
Bachelor of Science · Electronic Engineering · Bogotá, Colombia
Certifications & licenses
Aws Certified Cloud Practitioner
AWS
Cyber Security Foundation - Csfpc
Certiprof
Internal Auditor- Security And Resilience – Business Continuity Management Systems Iso 22301:2019
SGS
Protection Of Personally Identifiable Information (Pii) In Public Clouds Training Course (Iso/Iec 27018:2019)
SGS
Scrum Foundation Certificate
Certiprof
Internal Auditor-Information Security Management Systems Iso 27001: 2013
SGS
Need a freelancer? Find your match in seconds.
Try FRATCH GPT More actions
Similar Freelancers
Discover other experts with similar qualifications and experience
- English
- Deutsch
2025 © FRATCH.IO GmbH. All rights reserved.