Serena Villalobos
Details
UC Berkeley School of Information
2018 : 2020
Certificate in Cybersecurity
Computer and Information Systems Security/Information Assurance
UCLA Extension
2017 : 2018
Systems Engineer
Computer Science / Business Administration
Universidad Nacional de Colombia
1991 : 1998
Cisco Meraki
Product Manager Security and Compliance
Invited to be a part-time lecturer for working professionals with 5 - 20+ yrs of experience pursuing their Master in Information and Cybersecurity (MICS).
Developed curriculum and updated course content to provide master degree candidates providing problem solving skills using programmatic tools in Python including asynchronous learning videos.
2021 :
UC Berkeley School of Information
Cybersecurity Programming Fundamentals Lecturer | Master of Information and Cybersecurity (MICS)
• Identified cyber security improvement opportunities for tools and processes used by blue team (end user) to better defend organization against all threat actors ranging from basic-skilled attackers to highly skilled nation state actors by gathering requests, problem assessment, and prioritization of implementation of critical features with objective to achieve 100% SLA for incident response and 50% improvement of security events triage.
• Co-led Security Orchestration and Automation Response (SOAR) project resulting in costs saving of 6+ FTE by automating triage, response, prioritized of requests and response automation in 5.5 months; program identified as the model for reducing cybersecurity triage time.
• Coordinated with global Agile security engineering team specifications of scope, development, and implementation of requests from 250+ blue team end users as prioritized.
• Served as Product Owner in scrum team composed of engineering team employing Agile software development methodology for leading Agile ceremonies and participating as stakeholder in scrum team’s events.
• Held dual roles of Technical Program Manager and Product Manager for Security Response Center including Customer Incident, Product Vulnerability, Security Incident Response, Operational Readiness and Threat Management teams.
• Co-developed annual strategic plan using V2MOM process with engineering team for Threat Detection and Response Team and approved by SVP and submitted to Chief Trust Officer.
• Collaborated in global installation of end detection and response (EDR) tools (CrowdStrike, Tanium) in ~1M end point devices.
• Agile Product Owner Certification.
2021 : 2023
Salesforce
Senior Product Manager, Threat Intelligence, Detection and Response
• Co-led the customer security assurance process roadmap and dashboard by defining and capturing metrics, delineating year-long action plans for quarterly reporting to senior executives to streamline sales and contract renewals and improve customer relationships for a $1.8B company global organization with 49 offices worldwide with products used by 50%+ of Fortune 500 companies.
• Partnered on new HIPAA compliance project for product and consulting services by demystifying HIPAA law to Enterprise Security team to support cross-functional organizational readiness and ability to serve a growing healthcare market.
2021 : 2021
Esri
Enterprise Information Security Specialist
• Identified strategic and functional inefficiencies in customer security assurance process by analyzing its effectiveness and presented recommendations to CISO and CIO resulting in change of ownership from GBD to Enterprise Security; CIO praised report quality highly and implemented recommendations that had previously not been accepted.
• Recommended process changes to improve efficiency of customer security assurance program to support 350,000+ customers security requests regarding privacy, risk management, compliance and product security features.
• Invited by Senior Vice President to lead a special project to assess information security within GBD by directing team of six cross-functional manager across sales, engineering, and program managers to conduct an information security gap analysis that required enterprise stakeholders’ input. Wrote final report and delivered to SVP which contributed to defining strategic business plan by global directors.
• Presented customer security assurance process improvements at quarterly GBD All Hands meeting to 1,000 sales directors, account managers and program managers by invitation of the Senior VP for the launch of an internal product security website developed in collaboration with the Product Security team.
2020 : 2021
Esri
Global Business Development Security Specialist
Skills
Active Directory, Agile Leadership, Application Security, Business Intelligence, CIOs, Cloud Computing, Compliance Management, Cross-functional Team Leadership, Cryptography, Customer Service, Cybersecurity, Databases, Data Privacy, Disaster Recovery, Executive Management, Governance, Governance, Risk, and Compliance (GRC), Healthcare Information Technology (HIT), Information Security, Information Security Management, Information Technology, IT Business Strategy, IT Executive Management, IT Governance, IT Management, IT Operations, IT Project & Program Management, IT Service Management, IT Strategy, JSON, Leadership, Legal Compliance, Microsoft Excel, Microsoft SQL Server, Network Security, Oracle Database, Privacy Compliance, Privacy Regulations, Product Management, Project Management, Python (Programming Language), Regulatory Compliance, Risk Analytics, Risk Assessment, Servers, SharePoint, SQL, Strategic IT Management, System Administration, Technology Management, Windows Server, VMware, ITIL, Networking, Microsoft Exchange, Healthcare Information Technology
About
Talented Cybersecurity and Information Technology professional skilled in developing and implementing new security product development and industry tools through effective organization-wide leadership and program and project management.
Focused on Governance, Risk and Compliance (GRC) covering customer security assurance, third-party risk management, and compliance with different security and privacy frameworks and regulations at local, national, and global levels.
Successfully drives the SDLC development and implementation of security platforms, products, and applications to reduce risk for internal and external customers with record of continuous promotion to positions with greater accountabilities.
Effectively collaborates cross-functionally and with executive leadership to achieve organization-wide cyber security goals.
Completed the Master of Information and Cyber Security (MICS) at the University of California, Berkeley
AREAS OF EXPERTISE
Governance, Risk and Compliance (GRC) | SaaS | Cloud Computing | IT Strategy | Privacy (GDPR, CCPA, CPRA) | HIPAA NIST Cyber Security Framework | NIST 800-53, 800-171, CIS | Risk management | Data Security | Customer Service | Product Management
TECHNICAL SKILLS AND TOOLS
Programming: SQL, PL/SQL, C, Python, and Agile Methodology.
Security: QRadar SIEM, Wireshark, SOAR, Volatility, and Sleuth kit.
Operating Systems: Windows, Linux, Solaris, and MacOS.
Databases: Oracle and MySQL.
Governance, Risk and Compliance:(GRC): National Institute of Standards and Technology (NIST) Cybersecurity Framework, Center for Internet Security (CIS) Controls, and Health Insurance Portability and Accountability Act (HIPAA).
CERTIFICATIONS
Certified Information Systems Security Professional (CISSP), (ISC)2 In-process
Agile Product Owner Certified 2022
Technical Management Program, University of California, Los Angeles 2016
NextGen Certified Professional, NextGen 2014
Oracle 8i Certified Professional, Oracle 2001
Profile Photo
