You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
Sara Izquierdo FelipeSI

Sara Izquierdo Felipe

Senior Consultant – IT Security Governance, Risk &

On-demand
Abu Dhabi Island and Internal Islands City, AE
3-7 years
ISO 27001
Cybersecurity
IT-Security
compliance
it compliance

Average response time: 1 hour

About Sara

Cybersecurity and GRC specialist with over 8 years of professional experience, including the last 5+ years focused on IT governance, compliance, and risk management across the financial and fintech sectors. Completed latest academic training at The Bridge’s Cybersecurity Bootcamp.
• Huge expertise in regulatory frameworks such as ISO 27001, NIST, SOC 2, and DORA, with proven experience designing and implementing security control frameworks, leading cloud compliance initiatives, and supporting international audit processes.
• Proficient in AWS, ServiceNow, Jira, Hyperproof, MS Office, and GSuite, applying Agile and Scrum methodologies to execute governance and risk programs efficiently.
• Recognized for her analytical thinking, structured mindset, and high standards of execution. With a collaborative and communicative leadership, enabling to effectively bridge technical teams and executive stakeholders across complex regulatory environments.

  • Spanish

    Native or bilingual

  • English

    Fluent

Can work on-site
Abu Dhabi Island and Internal Islands City (up to 50km)

Experience

  • ERNST & YOUNG (EY)
    Senior Consultant – IT Security Governance, Risk & Compliance
    October 2022 - November 2024 (2 years and 1 month)
    Madrid, Spain
    • Design and implement robust IT security frameworks from scratch based on ISO 27001, NIST, and CIS, ensuring alignment with corporate policies, compliance mandates, and operational risk management objectives across cloud and on-premises environments.
    • Lead and coordinate regulatory compliance and governance efforts during Openbank's expansion, translating cross-border requirements into actionable technical deliverables and facilitating evidence collection for external assessments.
    • Manage and execute control testing cycles and internal audits, engaging stakeholders across business, risk, and tech to validate control design, assess gaps, and monitor remediation through structured action plans.
    • Promoted from Junior to Senior after successfully leading the GRC project for Openbank (Santander) during its international expansion, taking over client communications, structured deliverables, and drove team leadership under pressure.
    • Reduced control volume by over 40%, optimizing a control inventory to a consolidated framework, leading a redefinition using a custom-built GRC tool and impact-based prioritization.
    • Ensured audit success by aligning the control framework with regulatory expectations in both Europe and the US, acting as the point of contact for external auditors, translating technical compliance into regulatory language.
  • ABANCA
    Digital Anti-fraud Specialist
    May 2019 - October 2022 (3 years and 5 months)
    Madrid, Spain
    • Conduct fraud risk analysis for new digital customers, especially non-residents, validating documentation and identifying red flags during onboarding processes in compliance with banking AML/KYC regulations.
    • Respond to fraud alerts using monitoring tools like BioCatch, investigate suspicious transactions, and escalate verified incidents to internal security teams for further action and containment.
    • Enhance customer protection by guiding clients through secure device enrollment, multi-factor authentication (MFA) setup, and personalized digital hygiene recommendations tailored to user profiles.
    • Earned permanent hire after an internship, recognized for improving onboarding accuracy and fraud detection, applying granular risk profiling and document validation protocols.
    • Reinforced digital client security by deploying MFA and educating senior users on device safety, conducting 1:1 awareness sessions and technical walkthroughs.
    • Increased relevance of fraud alerts by enhancing false positive triage within the BioCatch monitoring tool, developing prioritization criteria and fine-tuned alert escalation processes.
  • MARDOC LEGAL
    Compliance Advisor
    June 2016 - May 2019 (2 years and 11 months)
    Vigo, Municipality of Vigo, Pontevedra, Spain
    • Draft and manage legal documentation for case proceedings, settlements, and formal complaints, working directly with SMEs and individuals seeking compensation or regulatory clarity.
    • Develop long-term legal strategies for client cases, combining legal research, case law analysis, and direct communication with insurance entities to support successful claim resolution.
    • Transitioned from intern to full-time legal advisor through high client satisfaction and legal acumen, building client trust by delivering clear, proactive communication.
    • Improved case closure time and client understanding by translating legal concepts into practical language, using client centric language and educational visual aids.
    • Advise clients legally on insurance-related claims, including personal injury and accident disputes, ensuring regulatory and procedural compliance during negotiations with counterparties and adjusters.

Recommendations

Be the first to recommend Sara

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Cybersecurity Bootcamp
    The Bridge | Digital Talent Accelerator
    2022
    Cybersecurity Bootcamp
  • Master's degree in law
    School of Legal Practice of the USC, S. de Compostela
    2017
    Master's degree in law
Check out Sara's education

Categories