Humberto Luis Salcedo Jara
Download
Recommend
Messages
Share
Humberto Luis Salcedo Jara

Humberto Luis Salcedo Jara

About

Detail

Staff Information Security Risk and Compliance
Lima, Peru
Contact Humberto regarding:Ā 
Flexible work
Starting at USD32/hour
connect_without_contact
Finding mentors
groups
Networking

Timeline

work
Job
school
Education
folder
Project (professional or personal)
flag
Award
auto_stories
Publication

RƩsumƩ

Jobs verified_user 0% verified
  • T
    Information Security Assurance Auditor public Remote experience
    Thoropass
    Aug 2024 - Current (1 year)
    - Work directly with customers in the cloud to verify security controls based on sought-after information security frameworks (SOC 2). - Translate security and compliance requirements into actionable cloud tasks for team members to execute. - Test and review implemented cloud configurations based on established security and privacy frameworks. - Propose novel ideas for product features and ops improvements or opportunities for automation to empower a better customer experience.
  • Qualifacts
    Staff Information Security and Compliance Analyst public Remote experience
    Qualifacts
    Aug 2023 - Aug 2024 (1 year 1 month)
    - Manages the development, evaluation, and implementation of corporate compliance programs and processes to mitigate cybersecurity risks. - Ensure protection of firm and allied assets and information. - Conducts security risk assessments, compliance and cybersecurity audits. - Compliance standards: SOC, HIPAA, HITrust, FedRAMP, FISMA, NIST CSF, NIST 800
  • N
    IT Auditor public Remote experience
    NIUBIZ
    Jul 2022 - Aug 2023 (1 year 2 months)
    - Management of internal audit programs and internal consulting. - Information security and cyber security policy audits - Secure software development audits - Digital solutions development audits - Processing solutions development audits (payment processing and financial operations) - Business intelligence process audits - Machine learning audits - SaaS, PaaS and IaaS audits - Penetration testing report reviews - IT architecture audits - Infrastructure-as-code (IaC) process audits - Critical asset monitoring audits in production, QA, stage, and development environments. - Risk management and Assessment - Analysis of complex processes and related risks. - Lead presentations of audit programs and preparation of audit reports. - An independ
  • E
    Information Security Analyst public Remote experience
    EVOL - TSnet S.A.
    Feb 2022 - Jun 2022 (5 months)
    - Perform management of SOX compliance efforts including internal reviews, management testing, periodic recertifications, designing and refining documentation. - Perform management testing for IT General Controls (ITGC). - Planning, development and implementation of procedures and policies for secure disposal of IT equipment and information (end-user and infrastructure level) - Risk management and assessment (ISO 27001, ISO 31000, NIST CF) - Manage SOX implementation plan in two regions for a Health Sector Corporation: Peru šŸ‡µšŸ‡Ŗ and Colombia šŸ‡ØšŸ‡“. - Manage and perform access reviews: User Access Reviews, Privileged Access Reviews & Critical Application Profiles Reviews. - Plan, Implement and Manage access reviews to critical business appli
  • TRANZACT
    Information & Cyber Security Analyst public Remote experience
    TRANZACT
    Sep 2020 - Feb 2022 (1 year 6 months)
    - Work with IT and Information Security & Cybersecurity teams, supporting audit and compliance coordination, following NIST CSF and HIPAA (Health Insurance Portability and Accountability Act in the United States šŸ‡ŗšŸ‡ø) - Project management for the integration of new privileged access groups to the cybersecurity program. - Participate in meetings with Audit, Legal, Finance, Marketing, Operations and IT to provide guidance on various topics. - Provide SOX auditors with evidence to support policy compliance. Conduct successful Phishing Campaigns. - Project management for the integration of new privileged access groups to the cybersecurity program. - Ensure that security requirements are identified and complied with. - Perform physical access r
  • TRANZACT
    Information Security Intern
    TRANZACT
    May 2020 - Sep 2020 (5 months)
    - Ensure that security requirements are identified and complied with. - Perform physical access reviews, Active Directory reviews, privileged access reviews, privileged VPN admin groups reviews and user access recertification to key business applications. - Document workflows and processes used during the audit process. - Support cybersecurity programs to determine compliance with published policies and standards. - Support the transformation of the current Audit & Compliance program. - Support with daily tasks and process improvement objectives to increase efficiencies.
  • G
    IT Project Management Office (PMO) Intern
    GLOBAL SERVICE INNOVATION S.A.C.
    Jan 2019 - Feb 2020 (1 year 2 months)
    - Lead and participate in the management of software development and implementation projects for startups. - Manage the implementation of technological solutions and elaborate user manuals according to the specified level of detail. Identify efficiency opportunities to maximize business profitability. - Excellent handling of first contact and in weekly meetings with foreign clients in person and virtually. - Improvement in fast and effective learning, due to the changing and agile environment of startups and digital ventures. - Support in market analysis to identify business opportunities and research new technologies for the business and customers. - Organization of workshops, courses and technology events. Design process flows and mockup
  • G
    IT Project Manager Intern
    Global Service Innovation S.A.C.
    Jan 2018 - Jan 2019 (1 year 1 month)
    - - Identify efficiency opportunities to maximize business profitability. - Support in market analysis to identify business opportunities. - Design process flow diagrams and mockups for MVP's (mobile and web). - Propose process improvements by analyzing workflows. - Follow up requirements and change requests from customers (in English and Spanish), - Participate in team and client meetings (in English and Spanish). - Research new technologies for the business and customers. - Manage technological support, technical assistance and functional queries from users of different business areas (in Spanish and English) attending incidents and/or services reported to the Contact Center, complying with service levels established in the service catalo
Education verified_user 0% verified
  • Royal Holloway University of London
    Msc Cybersecurity
    Royal Holloway University of London
    Oct 2023 - Current (1 year 10 months)
  • C
    CCSK - Certificate of Cloud Security Knowledge public Remote experience
    Cloud Security Alliance
    May 2023 - Current (2 years 3 months)
  • Esan - Graduate School of Business
    Postgraduate Degree, International Diploma in Cybersecurity public Remote experience
    Esan - Graduate School of Business
    Mar 2023 - Aug 2023 (6 months)
  • C
    Cloud Computing Security
    Cybersecurity and Infrastructure Security Agency
    Dec 2022 - Jan 2023 (2 months)
  • U
    SPECIALIZED PROGRAM IN CYBERSECURITY MANAGEMENT
    Universidad Peruana de Ciencias Aplicadas ā€“ UPC
    Jan 2021 - Jan 2022 (1 year 1 month)
  • U
    INFORMATION SYSTEMS ENGINEERING
    Universidad Peruana de Ciencias Aplicadas ā€“ UPC
    Jan 2016 - Jan 2020 (4 years 1 month)
Projects (professional or personal) verified_user 0% verified
  • Springer
    U
    Cybersecurity and Privacy Capabilities Model for Data Management Against Cyber-Attacks in the Health Sector
    Springer, Universidad Peruana de Ciencias Aplicadas ā€“ UPC
    Aug 2019 - Dec 2020 (1 year 5 months)
Awards verified_user 0% verified
  • B
    BTSYM'20 Brazilian Technology Symposium - Certificate of Achievement
    Brazilian Technology Symposium
    Dec 2020
    - Research and development of a new maturity model that integrates cybersecurity, privacy and data management. For participating and presenting the research: ā€œCYBERSECURITY AND PRIVACY CAPABILITIES: A MODEL FOR DATA MANAGEMENT AGAINST CYBER-ATTACKS IN THE HEALTHā€ , authored in group by: Humberto Luis Salcedo Jara, Henry Bryan PĆ©rez Navarro and Jimmy Armas Aguirre.
Publications verified_user 0% verified
  • Springer
    Cybersecurity and Privacy Capabilities Model for Data Management Against Cyber-Attacks in the Health Sector
    Springer
    Jul 2020 - Jun 2021 (1 year)
    In this paper, we propose a model of capabilities that identify the reliability degree of Cybersecurity and Privacy elements applied to the Health Sector. The increasing interactions between technology and the health sector have brought a new set of risks to be confronted, such as data breaches and cyberattacks. However, in order to improve, a greater understanding of their current situation is needed. The proposal identifies the capability level for the organizations to know their maturity level comprehensively. This was achieved by selecting existing models, frameworks, and regulations, increasing their complexity, integrating their privacy and cybersecurity capabilities, and health data management. In this way, the proposal is supported