Senior Principal Analyst with a focus on risk management & Security for different areas like Change Management, Operational Resilience, Platform Security, etc.
Prior to Gartner, Pedro Pablo has worked for Deloitte as a Consultant and for ING as IT Risk Expert.
The main tasks during that time were:
-IT support in Financial Audits: performing General IT Controls of different technologies over 4 levels
(application, database, operating system, network), identifying and testing automatic controls,
integrity and accuracy validation of relevant reports extracted from systems.
-Designing and implementing IT Control Models based on several standards and legislations. For
instance: SOC I, II, III defined by AICPA (American Institute of Certified Public Accountants), law
Sarbanes-Oxley (SOX), ISO 27001, SII (legislation of Spanish Tax Agency), etcetera.
-Leading and performing deep dives and process reviews in different entities around the world in order to see the level of compliance with the IT Security best practices and regulations.
-Documenting, preparing and reporting the results of the reviews to the high management and
different stakeholders of the entities.
-Reviewing, validating and challenging as 2nd Line of Defense the design and implementation for all the controls for the different areas of the ING IT Security Standards.
-Participating in the new Global initiatives about IT Risk, new standards and new technologies to be
IT risk experienced senior
IT Security & Risk Management expert
Security of Applications and Data
Computer Science at Complutense University of Madrid
Certifications: CISA, CISM
1SOC 2 Certification
3Risk Management issues
4IT risk policies and standards