Global ICT Security Manager at iSOFT. CISSP, CISM, SANS GCFA, GCIA, GPEN, ISO 27001 LA, ITIL, MBA and BSi Instructor
Málaga Area, Spain
- Current
-
- Global ICT Security Manager at iSOFT, IBA Health Group
- Past
-
- Information Security Specialist at iSOFT plc
- Information Security Business Manager at Novasoft
- CEO / Founder at G2 Security
- Chief Security Officer at TOPFUTBOL / G2 Group
- Education
-
- SANS Sydney 2008
- SANS Europe 2007 - Brussels
- SANS London 2007
- Bureau Veritas UK
- ITIL FOUNDATION
- IPE Business School
- ISACA
- ISC2
- University of Málaga
- Recommended
-
16 people have recommended Ismael - Connections
-
366
connections
- Industry
- Computer & Network Security
- Websites
Ismael Valenzuela’s Summary
See my latest article on 'Integrating ISO 17799 into your Software Development Lifecycle' published on INSECURE Magazine (get it at http://www.net-security.org/dl/insecure/INSECURE-Mag-11.pdf).
I started at the InfoSec field founding in year 2000 my own company called G2 Security, one of the first security companies founded in Spain.
I was also the Manager for the Information Security Business at Novasoft, a large company with offices in Spain, Chile and the UK, that acquired G2 Security in 2003.
I'm currently working as a Global ICT Security Manager at iSOFT, part of IBA Health Group, one of the world's leading suppliers of software applications for the healthcare sector.
I'm certified in Business Administration, ITIL, CISM, CISSP and SANS GCFA (GIAC Certified Forensics Analyst), GPEN (GIAC Certified Penetration Tester) and GCIA (GIAC Certified Intrusion Analyst). I took the IRCA accredited ISO 27001 Lead Auditor Course at Bureau Veritas offices in London in 2006 and attended the "System Forensics, Investigation & Response" track at SANS Europe 2007 held in Brussels as well as the "Intrusion Detection In-Depth" track at London.
Also I've recently taken the new SANS GPEN (Ethical Hacking and Penetration Testing course) at SANS Sydney, in October 2008.
My lastest achievements: implemented ISMS and obtained the ISO 27001 certification for iSOFT headquarters in Banbury, UK. I've also been doing some security testing at our R&D centres in India (Chennai and Hyderabad) on behalf of our biggest customer in UK, and I'm currently working on building a Global 24x7 SOC to be fully operational in 2010.
I'm also a member of the SANS GIAC Advisory Board and BSi Instructor for the ISO 27001, ISO 20000 and BS 25999 set of courses.
For further info see: http://blog.ismaelvalenzuela.com
Ismael Valenzuela’s Specialties:
Information Security Business: management, strategy, consultancy and sales.
Security Audit, Penetration Testing, Computer Forensics, Compliance, ISO 27001, Risk Analysis, Secure Architecture Design, Security Management.
Ismael Valenzuela’s Experience
-
Global ICT Security Manager
iSOFT, IBA Health Group
(Computer Software industry)
December 2008 — Present (8 months)
Reporting to the Group CIO and member of the ICT Services Management Team. Leading the global IT Security function across iSOFT and the IBA Health Group of Companies organisation. IBA Health Group Limited is a healthcare IT company listed on the Australian Securities Exchange (ASX), and one of the world’s largest healthcare IT companies with offices in 17 countries.
-
Information Security Specialist
iSOFT plc
(Public Company; Computer Software industry)
December 2005 — November 2008 (3 years)
Successfully achieved ISO 27001 certification for iSOFT headquarters in Banbury, UK.
Working with Process Governance Manager on all aspects of Information Security Management within iSOFT. Provided Risk Assessment, Consulting and Strategy to iSOFT units and activities globally:
- ISO 27001 (BS 7799) certification project for UK and global sites
- Security policies, procedures, awareness and training
- Data Protection issues
- Security metrics and best practices (ISO 17799, COBIT...)
- Vulnerability assessment and mitigation
- Network security management & secure architecture design
iSOFT is one of the largest healthcare application software companies in the world, with large market presence in Europe and growing significantly in Asia and Australia. (www.isoftplc.com) -
Information Security Business Manager
Novasoft
(Privately Held; 201-500 employees; Computer & Network Security industry)
July 2003 — December 2005 (2 years 6 months)
Set up and development of the new Information Security Business Area at Novasoft.
Business Plan and Security Sales development. Achieved big deals in Government including Risk Analysis, Penetration Tests, Vulnerability Assesments, ISO 17799 consultancy among other projects. Also participate as a senior consultant for big security projects in Spain, as an instructor, writing articles and promoting security business. Introduced several security products from third-party vendors in the Spanish market. -
CEO / Founder
G2 Security
(Privately Held; 1-10 employees; Computer & Network Security industry)
June 2001 — June 2003 (2 years 1 month)
Co-Founder of the company. Business Plan, Brand and Security Sales strategy development.
While set up, in adittion to managing the company, I performed Information Security duties related with Security Architectures & Models and Security Management Practices domains.
During this period I’ve also been a senior consultant for local, state and federal government like Ministerio de Sanidad y Consumo, Senado de España, Junta de Andalucía and Turismo Andaluz. I’ve also worked as a security instructor many times during this period, wrote several security articles and gave security speechs in many events.
I’ve done many information security assessment, designed many secure architectures and performed many security audits, including penetration tests.
After achieving success in security market, Novasoft bought G2 Security (www.g2security.com) in July 2003. -
Chief Security Officer
TOPFUTBOL / G2 Group
(Privately Held; 11-50 employees; Computer & Network Security industry)
March 2000 — June 2001 (1 year 4 months)
Information Security duties related with Telecommunications, Network & Internet Security domain like: implementing network security safeguards, security analysis, OS, database and server hardening, etc. Also working with Firewalls, Routers, IDS, OTPs tokens, etc…
Ismael Valenzuela’s Education
-
SANS Sydney 2008
GIAC Certified Penetration Tester, GPEN 2008 — 2008
Attended the "Network Penetration Testing and Ethical Hacking" track at SANS Sydney 2008, held in New South Wales, Australia, in October 2008.
Earned GIAC Certified Penetration Tester (GPEN) with a score of 98,67% -
SANS Europe 2007 - Brussels
GIAC Computer Forensic Analyst, GCFA 2007 — 2007
Attended the "System Forensics Investigation and Response" track at SANS Europe 2007, held in Brussels in June 2007.
Earned GIAC Certified Forensics Analyst (GCFA) with a score of 94,67% -
SANS London 2007
GIAC Certified Intrusion Analyst, GCIA 2007 — 2007
Attended the "Intrusion Detection In-Depth" track at SANS London, in November 2007. This is a hands-on course on TCP/IP traffic analysis, attack patterns and network intrusion detection systems.
Earned GIAC Certified Intrusion Analyst (GCIA) with a score of 88,67% -
Bureau Veritas UK
IRCA ISO 27001 Lead Auditor 2006 — 2006
Attended the IRCA accredited ISO 27001 Lead Auditor course at Bureau Veritas headquarters in London.
-
ITIL FOUNDATION
CERTIFIED PROFESSIONAL, ITIL METHODOLOGY , 2005 — 2005
IT Management
-
IPE Business School
Certified in Business Administration (Senior Management Program) 2004 — 2004
in collaboration with Deusto University
-
ISACA
CISM , Certified Information Security Manager , 2006
I successfully passed the June 2006 CISM exam with a total scaled score of 84. Certificate Nº 0707227.
-
ISC2
CISSP , Certified Information Systems Security Professional , 2004
Certificate Nº 67501. Also attend CISSP CBK Review Seminar at Barcelona – 40 hours in 2004.
-
University of Málaga
Technical Engineer in Information Technology Systems , IT Systems
Final Project Degree: Design of ESSIRT Methodology (Information System Security Evaluation in a Telematic Network).
Additional Information
Ismael Valenzuela’s Websites:
Ismael Valenzuela’s Interests:
Travel, golf, football, reading novels, history.
Ismael Valenzuela’s Groups:
GIAC, ISC2 (CISSP), Member nº 356 of CRIPTORED (Iberoamerican Telematic Network for Cryptography and Information Security)
-
Certified Information Systems Security Professionals (CISSP) -
ITSM (ITIL) Professionals -
GIAC, Global Information Assurance Certification -
SANS Institute Alumni -
GIAC Certified Forensic Analyst -
Spanish Connection -
Global Information Security Professionals -
Business Continuity and Disaster Recovery Professionals -
Security Leaders Group -
BSI - Talking Business Continuity -
Business Friends Southern Spain -
Information Risk & Security Job Forum -
Todo sobre ISO27001 -
HAKIN9 IT SECURITY MAGAZINE -
BS25999 Business Continuity Management System
Ismael Valenzuela’s Honors:
Speaker on Information Security issues at conferences and seminars in Europe
Various in-house and external courses and seminars attended throughout my career to maintain my knowledge and skills base.
First Certificate in English with Grade B at Cambridge University.
Achieved Full Time Course in English for Speakers of other Languages at Upper Intermediate Level while staying at London (UK).
Elementary French (written and spoken)
Ismael Valenzuela’s Contact Settings
Interested In:
- career opportunities
- consulting offers
- new ventures
- job inquiries
- expertise requests
- business deals
- reference requests
- getting back in touch
