Printing tool Download PDF


Computer Security Engineer by Universidad TecMilenio (México) since 2011 and graduated as MSc Cyber Security in University of Birmingham on 2016. I have been working in the computer security field since 2009 in Alestra, a telecom company based in Monterrey, México. Currently working and living in Monterrey, México.

Work experience


Sr. Cybersecurity Consultant


On Alestra/Axtel I have played several roles in the Information Security Area. During my experience in I have lead and participated in the processes of Security Awareness, Risk Management, Business Continuity, Access Control, Security Audit, Incident Handling, Vulnerability Management and Cybersecurity. Currently, I am leading the Company's internal SOC.

Some of the activities I have been part of:

  • Business Continuity:
    • Direct participation in the development and update of BIA and its related documents, as well as managing and developing the disaster recovery and business continuity plans (BCP/DRP), from the governance point of view.
  • Information Security Awareness
    • Being responsible for the material development, its distribution and the overall participation of employees. Also, train special teams in more specific matters, as incident handling, business continuity, internal auditors, etc.
  • Risk Management:
    • During a couple of years, I was responsible for the overall Risk Management process, from the process documentation and update, the risk identification, assessment, treatment and documentation. During this time, I was given the opportunity to redesign the process in order to make it more efficient and easier to implement for more teams and projects on the company.
  • Development and maintenance of Baselines, Policies, and procedures
    • Development and update of security related guidelines, baselines, procedures, policies and standards for the organization, taking into account the contractual, legal and organizational requirements.
  • Vulnerability Management and Technical Compliance
    • My experience on this area contemplates the whole spectrum of the process, from the definition of the requirements, vulnerability and deviation identification, analysis, prioritization, measurement and validation once they were addressed.
  • Operation under ISO 27001 annual program
    • Operation of the different processes and activities under the scope of an ISO27001 Certified ISMS as well as maintaining different key documents for the ISMS as the SOA (Statement of Applicability) and Information Security Manual.
  • ISO 27001, 20000 and 9000 Internal Audits
    • Participating as part of the internal audits special team.
  • Logical Access Control
    • Responsible for the Logical Access Control Process from 2013 until 2015. The activities included the development and review of access control policies, as well as the maintenance and operation of the companies internal IAM (Identity and Access Management) System.
  • Project Management
    • Being responsible for security architecture projects and implementations.
  • Incident Handling and Response
    • As part of the Incident Response Team, and the Blue Team of the organization.
  • Management of security appliances and applications (VPN, APT, AV, SIEM, FW, IDS/IPS, etc).
    • From 2017, leading the internal security operations team, having the responsibility over the correct operation of the different information security solutions deployed on the organization.
    • During this time, one key goal has been to increase the overall maturity level of the team.

Instructor for CRISC Certification (UK)

Knowledge Academy

Instructor for the ISACA's CRISC Certification in UK.


Instructor for the CISSP Certification


Instructor for a weekly training course for the CISSP certification in Monterrey, México.


Technical Support Engineer

Grupo ViBa

Technical Support Engineer



EC-Council Certified Incident Handler (ECIH)


ISO 27001:2013 Lead Auditor

BSI Group

ISO 22301 Implementer and Internal Auditor

BSI Group

ISO 20000 Internal Auditor


Certified Information Systems Auditor (CISA)


Certified Ethical Hacker (CEH)


ITIL v3 Foundations


Certified in Risk and Information Systems Control (CRISC)


Certified Information Systems Security Professional (CISSP) 



Soft Skills (Leadership, Teamwork, Communication, Commitment, Responsibility)
Vulnerability Assesment
Unix OS
Windows OS
Office Suite



MSc Cybersecurity

University of Birmingham

Relevant Modules: Privacy, Cryptography, Network Security, Operating Systems, Incident Management and Forensics, Secure Programming, Pentesting.


BSc Computer Security Engineering

Universidad TecMilenio

Relevant Modules: Six Sigma, Disaster Recovery, Risk Administration, Information Security, Network Security, Administration of Information Technologies, Planning and Control.