CRAbout Cristina
I am an Cybersecurity professional with over a decade of experience in IT audits, cybersecurity, and governance. I specialize in SOx compliance, ITGC, SAP security, and segregation of duties, helping organizations strengthen their control environments and reduce risk exposure.
With hands-on expertise in assessing, designing and implementing security control frameworks, I bridge the gap between technical and business teams, ensuring compliance while enabling innovation.
With great analytical skills, I am passionate about driving collaboration across stakeholders, mentoring teams, and building resilient security programs that enable sustainable growth.
English
Native or bilingual
Portuguese
Native or bilingual
Spanish
Conversational
Can work on-site
Barcelona (up to 50km)
Experience
- Booking.comIT Risk & Control Officer InterimNovember 2023 - Today (2 years and 7 months)• Lead IT SOX Audit for Financial Systems (E.g. SAP) and ensure are compliant with SOX requirements• Stakeholder Management• Support risk identification and control mapping for key EMEA systems• Manage audit remediation and provide consultation to tech teams• Provide Subject Matter Specialist to IT process and controls across multiple technology teams SAP's Access Management, SoD and ITGCs.• Report SOX audit status and issues to leadership
- ASMLProcesses & Methodology ManagerFebruary 2023 - October 2023 (8 months)• Lead the implementation of unique Security Control Framework based on (ISO27001 , NIST CSF, CIS and others) while customizing to the companies' requirements.• Function lead to Service Now GRC modules project implementation. Act defining requirements, testing and training to end-users.• Expertise in Integrated Risk Management and to provide insight and oversight on end-to-end processes and how it should be translated to Integrated Risk Management way of working.• Responsible for maintaining integrated risk management processes, taxonomy and means & methods.• Stakeholder Management• Support team management and governance key to being successful (vision, goals, planning, communication, collaboration, interaction).
- NikeSenior IT Compliance AnalystFebruary 2019 - December 2022 (3 years and 10 months)• Manage SOX EMEA compliance program and ensure teams are compliant with SOX requirements.• Manage audit cycles and support audit execution (e.g. scoping, risk discussion)• Support risk identification and control mapping for key EMEA systems• Manage audit remediation and provide consultation to tech teams - Provide Subject Matter Specialist to IT process and controls across multiple technology teams• Report SOX audit status and issues to leadership Assignment to lead the design and implementation of a system to support Risk Assessment execution in an automated manner, while integrating policy requirements, controls improvement roadmap and application lifecycle.- Gather requirements from multiple stakeholders and translate into development user stories under agile way of working. Cyber Landscape Assessment- Lead EMEA Risk assessment following the CIS framework- Design the methodology and planning to execute this risk assessment.- Provide training to multiple resources to execute risk assessment with evidence based approach.- Report on EMEA landscape risks and controls to leadership.
Recommendations
Be the first to recommend Cristina
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- System development and analysisFATEC-SP2012System development and analysis
Certifications
- CISAISACA2018
- CISMISACA2022
Skill set
Categories
- Other