Liliana Acosta Johnson
Wilmington,NC
Summary
Cybersecurity professional with 8+ years of experience in risk management, IT compliance, and cybersecurity assurance across global organizations, including AstraZeneca and HP. Proven expertise in implementing controls aligned with NIST and ISO 27001 standards, leading audits, managing security programs, and engaging with internal and external stakeholders. Demonstrated ability to bridge business and technical needs, drive cybersecurity maturity, and lead cross-functional teams. Fully bilingual (Spanish/English).
Overview
9
9
years of professional experience
1
1
Certification
Work History
Cyber Security Assurance Manager
AstraZeneca
Guadalajara, Jalisco
09.2022 - 08.2024
- Led adoption of global cybersecurity controls, aligning with NIST CSF.
- Conducted cybersecurity maturity assessments and regular reporting.
- Performed risk assessments for cloud, on-prem, apps and solutions.
- Collaborated with internal teams and supported external audits.
- Developed cybersecurity strategies and improvement programs.
Senior IT Risk and Compliance Analyst
AstraZeneca
Guadalajara, Jalisco
04.2020 - 08.2022
- Advised risk owners on identification, assessment, and mitigation.
- Created dashboards and tolerance thresholds for key risk indicators.
- Trained stakeholders on ServiceNow GRC (OneGRC).
- Defined and documented exception handling processes.
Internal Auditor - IT Compliance & SOX
HP (Hewlett Packard Inc.)
Tlaquepaque, Jalisco
01.2018 - 04.2020
- Executed global internal audits for IT operations and SOX compliance.
- Conducted IT risk assessments and control evaluations to ensure compliance with global standards.
- Collaborated with cross-functional teams to identify control gaps and recommend remediation strategies.
- Supported continuous improvement of audit processes, documentation, and reporting for IT governance
Information Security Specialist
Teleperformance
Guadalajara, Jalisco
06.2015 - 01.2016
- Monitored and maintained ISMS in compliance with ISO 27001 standards.
- Developed comprehensive security policies, procedures, and training materials.
- Chaired committee meetings and conducted risk review sessions to identify vulnerabilities.
Education
M.Sc. Information Technology - Information Technology
Universidad De Guadalajara
Guadajalara, Jalisco, Mexico12-2017
B.Eng. Industrial Engineering, - Engineering
Universidad De Guadalajara
Guadalajara, Jalisco, Mexico12-2013
Skills
- Cybersecurity compliance and strategy
- NIST and ISO 27001 Frameworks
- IT Risk Assessment and Governance
- Policy and procedure development
- Vulnerability and Threat Management
- Internal and external audits
- Stakeholder engagement
- Team leadership and collaboration
Affiliations
Volunteering
ISACA Guadalajara Chapter Sep 2020 - Present
I'm in charge of social networks & internal communications of ISACA Guadalajara Chapter.
Certification
- ISO/IEC 27001 Auditor
- Certified Information Systems Auditor (CISA), ISACA
- Additional Training: Project Management, SAP ERP
Languages
5,3
Education and Training
other,other
Languages
English
Full Professional
Spanish
Native/ Bilingual
Timeline
Cyber Security Assurance Manager
AstraZeneca
09.2022 - 08.2024
Senior IT Risk and Compliance Analyst
AstraZeneca
04.2020 - 08.2022
Internal Auditor - IT Compliance & SOX
HP (Hewlett Packard Inc.)
01.2018 - 04.2020
Information Security Specialist
Teleperformance
06.2015 - 01.2016
M.Sc. Information Technology - Information Technology
Universidad De Guadalajara
B.Eng. Industrial Engineering, - Engineering
Universidad De Guadalajara
Similar Profiles
Jasmine JohnsJasmine Johns
Project Management Associate (Medical Affairs) at AstraZenecaProject Management Associate (Medical Affairs) at AstraZeneca
Courtlyn WheelerCourtlyn Wheeler
Pharmaceutical Sales Specialist at AstraZenecaPharmaceutical Sales Specialist at AstraZeneca
Meghna MehtaMeghna Mehta
Global Marketing Director, IO Lung at AstraZenecaGlobal Marketing Director, IO Lung at AstraZeneca