Senior Security Analyst, ERNST & YOUNG - ADVANCED SECURITY CENTER
February 2020 - Present
As a Senior Security Analyst I’m responsible for leading and managing a diverse team of 8 security professionals, web and mobile pentesting, infrastructure audits, IoT, wireless, and Cloud (AWS) security reviews for 30+ international clients. Specialized in NIST Framework audits to fortify banking and retail sectors against ransomware threats I Led a year-long mobile security project for an international bank, designed GSM advanced detection framework for Telco sector, and played pivotal roles in ISO27001, GDPR projects, and client privacy enforcement. Orchestrated effective phishing campaigns and led Red Team initiatives, resolving critical security flaws. Proficient in coordinating vulnerability lifecycle with IT teams to ensure timely issue resolution and compliance.
Security Analyst, DELOITTE - OFFENSIVE SECURITY TEAM
July 2018 - February 2020
For over a year, I operated within a prominent bank's Technical Security Office, assuming a pivotal role in CISO reporting, assessing vulnerability significance and business impact, conducting PCI-DSS and GDPR technical reviews, and fostering alignment between technical and compliance units. My contributions extended to orchestrating patch management conversations between IT Systems and Security divisions, shaping vulnerability lifecycles, and executing Business Risk strategies. My initiatives spanned Security Asset Inventory formulation, harmonizing IT teams, executing SWIFT and ATM security audits, and conducting impactful Mobile and Web penetration tests for 10+ global assurance firms and fintech entities.