Juan José Santos Prieto

Teamplayer with a global mindset. Understanding the technical IT job, I manage corporate resources to solve problems. I work in a very systematic, empirical and pragmatic manner, always oriented towards results.

ISMS (SGSI) and GRC

Aiuken Solutions - Madrid, Spain

Intelligence Manager - 03/2019 - Present
*Developing, engineering and documenting an intelligence program with up to 10 processes.
*Managing a portfolio of 6-digits revenue service, with a 4-8 people team.
*Producing more than 100 reports per year at tactical and strategic levels, for different stakeholders.
*Assessing and handling (cyber) threat actors, technical (IT) vulnerabilities, technical incidents and fraud activity.

Cybersecurity analyst - 04/2018 - 08/2018
 

*Cybersecurity solution design and component provisioning with a budget of 6 digits.
*SOC documentation development (in compliance with ISO27001 and other ISMS frameworks).

Sogeti (Capgemini) - Luxembourg, Luxembourg
 

SOC cybersecurity analyst - 10/2018 - 03/2019
 

*Incident detection & response for up to 17 clients (Banking & Investment Funds)
*Threat intelligence investigation
*Device & network analysis through SIEM and manually (regex searches)
 

Intelligence Fusion - London, UK
 

Intelligence analyst  - 03/2017 - 10/2017
 

ALPA-MK - Madrid, Spain
 

Intelligence analyst - 07/2013 - 04/ 2018
 

Admiplanor - Salamanca, Spain
 

Accountant - 06/2014 - 04/2018

IE Business School - Master in Cybersecurity

* ISMS Implementation (Information Security Management System), and in accordance with the standards ISO 27001, ISO 27701, ISO 22301, GDPR and NIST 800-53
* Preparation of risk assessment based on the principles defined by ISO 31000, and threat modeling Miter ATT & CK, Cyber-killchain ...
* Compliance and RCM (ISO 27001, GDPR...)
* Auditing principles (ISO19011): ISO 27001, PCI-DSS y COBIT5
* Implementation of network security controls, endpoint, cloud, IoT, OT ...
* Communication and leadership
* Team management using agile methodologies.

University of Salamanca - Bachelor of Business Administration

*Mathematical & economic thinking
*Internal and external accounting
*External accounting audits
*IT management overview (incluyendo ciberseguridad)
*Strategic, commercial and financial analysis & management (corporate & competence intelligence)
*Operational, tactical & strategic planing (corporate & competence intelligence)
*Organizational management (Structural design) (corporate and competence intelligence)
*Civil & mercantile laws (compliance and administrative, contractual and tax management)
*Tax compliance
*Quality management: ISO 9001

University of Salamanca - Criminology Degree

*Crime theory
*Criminal psychology & psychiatry
*Criminal sociology
*Medical forensics
*Criminal investigation using statistics
*Organized crime: economic, digital (cyber security), prostitution, drug dealing and weapon dealing

University of Salamanca - Private Detective Degree

*Intelligence process structure
*Physical & electronic surveillance
*Labor law, Civil Law, Mercantile Law, Administrative Regulations.
*Scientific crime investigation: collection & analysis
*Economic & on-line investigation overview
*Visión general de Digital forensics (ciberseguridad)
*Reporting consumption & creation

UDIMA - Security Director Degree

*Threat Modeling, risk Management & recovery (according to ISO 31000 and ISO 22301)
*Business impact
*Security & safety law & regulation
*Anti-social security
*Environmental security
*Labor safety
*IT management overview (cyber security)