Cybersecurity Director

• City: Bogota
• Country: Colombia
• LinkedIn: linkedin.com/in/diazfabian/
• Github: fabiand93

Dedicated and result-driven CISO with a proven track record in the banking sector (13 years), renowned for driving secure business growth. Leveraging extensive expertise in international regulations including NIST, PCI, ISO 27001, and other industry standards, I consistently ensure robust and compliant information security strategies that empower organizations to thrive in a dynamic and risk-conscious landscape.

Provided expert guidance to diverse clients spanning various sectors. Responsibilities encompassed risk assessment, formulation, and implementation of security protocols, as well as supervision and resolution of security incidents. Advised prominent clients such as Banco Azteca, MercadoLibre, and assorted startups, delivering bespoke solutions to safeguard their digital assets and sensitive information. Collaborated closely with Banco de la República in the deployment of state-of-the-art security measures, ensuring the protection of critical infrastructure and financial data, particularly in the context of open-banking and open-finance initiatives. Spearheaded the development and execution of cybersecurity awareness initiatives aimed at fortifying the security posture of client organizations and mitigating risks associated with contemporary threats.

Orchestrate comprehensive cybersecurity strategies, oversee their execution, and safeguard critical financial data and customer assets. Led the Department of Cybersecurity, developing and implementing policies aligned with international regulatory frameworks, conducting regular risk assessments to identify and mitigate threats, and ensuring the protection of critical assets. Maintain compliance with PCI, GDPR, NIST, and ISO 27001 standards.

Director of Security for the bank and its subsidiaries (BAC Credomatic, Almaviva, Porvenir, Fiduciaria Bogota) securing over 50 Billion USD in Assets. Lead the digital transformation on cybersecurity from the Board of Executives to the team members and its analysts. Led & trained over 500 devs on better code practices & DevSecOps. Created an Automation team improving the response of internal SLAs by 75%. Changed the process of security management with Agile practices. Reduced the cost of the area and the use of third-party vendors (CapEx & OpEx) by optimizing internal teamwork and new processes such as training & developing tools, enhancing the team's morale.

Director of Security for the company in Latin America. Managed 4 Security teams SOC, SOX, Regulations, & DevSecOps. Implemented and certified ISO 27001 standards in less than a year. Trained the Sr. Backend Developers on better code practices and improved the agility of response of the services by 40%. Extended the security area with in-house developments to manage tailored needs. Giving fast implementations with high standards helped to merge with a worldwide company and grow corp. valuation of over 200 Million USD.

Secured the accounts of more than 60 thousand users in 7 partners with whom the company is associated around the world. Implementation of Agile & CI/CD practices in 4 partners. Create and implement security policies to achieve ISO 27001 on the company. Managed Budget for the area and related areas such as automation & devs. Secured the company and its interests during multiple external attacks. My implementations helped close deals with partners extremely quickly and with few available resources.

• Generative AI, University of Michigan | 2024
• Enterprise Leadership - PIT, Westfield Business School | 2022
• Construction of Secure Systems, University of Maryland | 2019
• Cybersecurity for Business, University of Colorado Boulder | 2021

• Generative AI Essentials: Overview and Impact, University of Michigan | Jan 2024
• DevOps Engineering on AWS, Amazon Web Services (AWS) | Aug 2022
• Architecting on AWS, Amazon Web Services (AWS) | Jun 2022
• Developing on AWS, Amazon Web Services (AWS) | Jun 2022
• Liderazgo y Gestión de equipos, Udemy | Jun 2022
• Seguridad Informatica en Python, Udemy | Jun 2022
• AWS Cloud Practitioner Essentials, Amazon Web Services (AWS) | Jan 2022
• Concientización sobre Seguridad Informática, Amazon Web Services (AWS) | Nov 2021
• Banking as a Service, Micro Focus | Apr 2021
• Python, HackerRank | May 2020
• Introduction to AWS WAF, Amazon Web Services (AWS) | Nov 2019
• Usable Security, Coursera | May 2019
• Experiencias digitales seguras, Ministerio de Tecnologías de la Información y las Comunicaciones | Dec 2017
• Desarrollo nativo en IOS 8, Ministerio de Tecnologías de la Información y las Comunicaciones | Jun 2015

• Spanish - Native
• English - Bilingual