Profiles search

Carlos Rodriguez

Fractional CISO & CTO | vCISO | Cybersecurity Risk Transformation | CISSP, CISM, CDPSE
Orlando, FL, United States

Details

Education: NA

IT Leadership Academy

CEB

2015 : 2015

Unitek College



BS

Computer Engineer

Universidad Rafael Belloso Chacín

1992 : 1998
Experience: Building Continuous, Adaptable & Actionable Cybersecurity Programs and Solutions.

Security is CONTINUOUS. Attacks can fail many times, one defensive failure means Game Over!

Security is ADAPTABLE. Risk, organizations, and adversaries' motives change.

Security is ACTIONABLE. We build incremental and achievable security roadmaps.

Our approach :

1. DISCOVER : Working with your team we discover your assets, controls, governance, critical processes.

2. CONTEXTUALIZE : Collaborate with stakeholders to categorize assets based on business criticality.

3. IDENTIFY RISK : We help your business identify cyber risk related to critical assets and business processes.

4. MITIGATION PLAN & ROADMAP : We create an actionable and adaptable risk mitigation plan and roadmap to reduce risk.

5. REPORT & MONITOR : We build feedback loops to ensure your team can adjust and risk is being managed.

6. OPTIMIZE : We prepare your team to consume input and continue to optimize risk mitigation results.

2021 : Present

CA2 Security

CEO & Fractional Chief Information Security Officer - vCISO - Sr. Cybersecurity Consultant

Provide strategic direction to build Cybersecurity Risk Management Programs for different clients as a Fractional Chief Information Security Officer and Cybersecurity Consultant (vCISO).

2021 :

OnDefend

vCISO / Sr. Cybersecurity Consultant

Provide strategic direction to build Cybersecurity Risk Management Programs for different clients as a Fractional Chief Information Security Officer and Cybersecurity Consultant (vCISO)

2022 :

AGT | Cybersecurity Services | Digital Trust | Compliance | Risk Management

Fractional CISO / Cybersecurity Consultant

Architect and lead a multiyear IT Security Risk Management program at $1B Property & Casualty Insurance carrier. Accountable for all enterprise data protection, including information security policy; identity and access management strategy; incident response; cloud security; compliance and audit; vulnerability and threat management; regulatory compliance; controls assurance; and attack simulation. Board, executive and senior leadership advisor on Cybersecurity matters

2018 : 2021

Citizens Property Insurance Corporation

Director, IT Security & Risk (CISO)

Member of the CISO team building out and managing the core cybersecurity operations processes. Responsible for areas such as incident management and incident response; vulnerability and patch management; threat intelligence and analysis; penetration testing; and data loss prevention (DLP) while managing large sets of data specific to threats and vulnerabilities to apply accurate risk weighting, prioritization and remediation efforts.

2017 : 2018

Kemper

Sr. Manager of Information Security, Cybersecurity Operations
Company: CA2 Security
Years of Experience: 23

Skills

Active Directory, Blackberry Enterprise Server, Business Continuity, Cisco Technologies, Citrix, Cloud-Native Architecture, Cloud Administration, Cloud Computing, Cloud Security, Compliance Management, Computer Security, Cybersecurity, Data Center, Data Security, Disaster Recovery, Encryption, Enterprise Network Security, Executive Leadership, Firewalls, Information Security Management, Information Technology, IT Management, IT Operations, IT Strategy, Leadership, Management, Microsoft Azure, microsoft exchange, Network Architecture, networking, Network Security, Project Management, Project Planning, Risk Assessment, Risk Management, Routers, SaaS, Security, Self-confidence, Servers, Switches, Team Leadership, Technical Support, Unified Communications, Virtualization, virtual private network (vpn), VMware, VPN, Windows Server, Wireless, Information Security, Blackberry Enterprise, Business Analysis, IT Service Management, Incident Management, Vendor Management, Project Portfolio, Infrastructure, System Administration, Governance, PMBOK, Business Intelligence, Program Management, Process Improvement, Business Process, PMI, Outsourcing, IT Audit, Enterprise Architecture, Project Portfolio Management

About

Enabling cyber risk management transformation, balance and simplification.



Building Continuous, Adaptable, and Actionable cybersecurity programs.



Services include:

- Information and Cybersecurity Strategy Development that align with your stratigic objectives

- Identity and Access Management Strategy (Including Zero Trust, Privileged Access, MFA, Single Sign-On, etc.)

- Cloud Security Strategy and Assessments

- Security, IAM, and Cloud Architecture

- Incident Detection and Response

- Risk, Control, and Compliance Assessments (i.e. Ransomware Preparedness Assessments; HIPAA Risk Assessments; CMMC Preparedness Assessments, and more.)

- Policy and Control Development

- Security and Risk Metrics Development

- Security Culture and Awareness

- Process Improvement

- Cost Consolidation