Marco Fernández, Cisa, Crisc, Cism, Csx
About Marco Fernández, Cisa, Crisc, Cism, Csx
Marco Fernández is an IT Compliance Officer with extensive experience in cybersecurity and internal auditing. He currently serves as an instructor at ISACA Madrid Chapter and has worked with various organizations, including KPMG and PwC, across multiple sectors.
Current Position at Glia
Marco Fernández serves as the IT Compliance Officer at Glia since 2023. In this role, he focuses on ensuring compliance with various regulatory frameworks and internal policies related to information technology. His responsibilities include evaluating cybersecurity risks and implementing necessary controls to mitigate those risks. He previously held the position of Information Security Compliance Specialist at Glia from 2021 to 2023, where he contributed to enhancing the organization's information security posture.
Professional Experience
Marco Fernández has extensive experience in IT auditing and compliance. He worked at KPMG España as an IT Audit Manager from 2018 to 2020 and as a Senior IT Auditor from 2017 to 2018. His career also includes positions at PwC España and PwC Venezuela, where he served as a Senior IT Auditor and IT Auditor, respectively. Additionally, he held the role of Cybersecurity Policy Lead at IAG GBS and PMO Manager at Banplus Banco Universal. His diverse experience spans various sectors, including banking, automotive, and telecommunications.
Education and Certifications
Marco Fernández holds a Licenciado en Computación from Universidad Nueva Esparta, completed from 2004 to 2009. He furthered his education with a Master’s in Business Administration (MBA) from IESA, which he completed in 2015. He possesses several professional certifications, including CISA, CRISC, CISM, CSX, and a Certificate of Cloud Security Knowledge v4 from the Cloud Security Alliance. These qualifications support his expertise in cybersecurity and IT compliance.
Expertise in Cybersecurity and Compliance
Marco Fernández has specialized knowledge in evaluating internal control levels over cybersecurity risks and cloud service solutions, including IaaS, PaaS, and SaaS. He is proficient in identifying and evaluating compensatory controls and has experience with compliance frameworks such as HIPAA, PCI DSS, and the Sarbanes-Oxley Act. His skills extend to Big Data and Analytics tools, including ACL and IDEA, which he utilizes to enhance compliance and risk management processes.
Knowledge of Compliance Frameworks
Marco Fernández is knowledgeable in various compliance frameworks and standards, including COSO for internal control, COBIT for IT governance, and ISO 27001 for information security. He is also familiar with the NIST Cybersecurity Framework and ISO 22301 for business continuity. His understanding of these frameworks enables him to implement effective compliance strategies and ensure organizational adherence to regulatory requirements.