Allan Ramirez C

• Participate in the definition of new projects, providing IT/OT cybersecurity concepts to ensure that all new projects are aligned with Philips policies and standards.
• Carry out the OT security assessment in the Philips Costa Rica and Philips Brazil plants, identifying cybersecurity gaps and/or risks that need to be addressed according to their level of criticality and exposure.
• Collaborated with stakeholders across the organization to ensure compliance with relevant regulations related to information security within the OT environment.
• Made recommendations to improve security procedures and systems.
• Managed user accounts including authentication systems such as Active Directory, LDAP.

• Introduction to tooling used within Citrix infrastructure required a full technical risk analysis performed (OnPrem, Cloud, SaaS, IaaS, Paas) Based on the existing controls I performed a full risk analysis and determination of how implementations could potentially be utilized, with recommendations as to best practices based on security benchmarks (NIST)
• Process security exception requests, performing risk analysis and proposing risk mitigation mechanisms for any exceptions to be approved

Led the cybersecurity team for 10 years, driving strategic initiatives that strengthened the bank’s security posture.

Led the PCI DSS and SOX compliance program for Bac Credomatic, CR.

Spearheaded the implementation, optimization, and continuous enhancement of critical cybersecurity solutions, including:

• IAM (Identity and Access Management): Established robust access control frameworks, improving identity governance, and reducing unauthorized access risks.
• NAC (Network Access Control): Implemented advanced network security measures, ensuring that only authorized devices could connect to the corporate network.
• DLP (Data Loss Prevention): Deployed comprehensive data protection strategies, significantly reducing data leakage incidents.
• DAM (Database Activity Monitoring): Enhanced database security by implementing real-time activity monitoring, mitigating insider threats, and compliance risks.
• SOC (Security Operations Center): Led the development of a fully operational SOC, improving threat detection, incident response, and security monitoring capabilities.
  

Under my leadership, the bank successfully executed key cybersecurity projects that improved regulatory compliance, strengthened resilience against cyber threats, and enhanced overall security operations.