Carlos Laporte, Cissp, Cisa, Cism, Crisc
About Carlos Laporte, Cissp, Cisa, Cism, Crisc
Carlos Laporte is a Senior Manager of Information Security with extensive experience in IT risk management and compliance. He has worked for various companies, including Whirlpool Corporation and Achievers, and holds multiple certifications in information security.
Current Role at Achievers
Carlos Laporte serves as the Senior Manager of Information Security at Achievers, a position he has held since 2022. In this role, he is responsible for overseeing the organization's information security strategies and ensuring compliance with relevant standards. His leadership contributes to the development and implementation of security policies that protect sensitive data.
Previous Experience at Achievers
Carlos Laporte has held multiple positions at Achievers. He worked as a Staff Information Security Advisor from 2019 to 2020 and as an Information Security Manager from 2020 to 2022. His tenure at Achievers allowed him to develop expertise in various information security frameworks and standards.
Professional Background
Before joining Achievers, Carlos worked at several organizations in various roles. He was an IT Analyst at Whirlpool Corporation from 2006 to 2008, a Senior IT Risk and SOX Analyst at AlmapBBDO from 2008 to 2014, and an Information Security Analyst Senior at Scotiabank from 2015 to 2016. He also served as an IT Auditor at Intact in 2016.
Education and Certifications
Carlos Laporte holds a Bachelor's degree in Computer Science from Universidade Paulista, which he completed from 2004 to 2007. He furthered his education with a Postgraduate Degree in Cyber Threat Intelligence from DARYUS Consultoria e Treinamento in 2022. He is also certified in various information security disciplines, including CISSP, CISA, CISM, and CRISC.
Expertise in Information Security Standards
Carlos possesses strong expertise in implementing key information security standards, including ISO 27001, CSA STAR, SOC 2 Type I/II, and PCI DSS. His skills extend to incident detection and response, product security, and IT governance, risk, and compliance, making him a valuable asset in the field of information security.