Luciano Moreira da Cruz
Promote this Nomination
Luciano Moreira da Cruz
|Job title of nominated professional||Cybersecurity Practice Unit Manager|
|Company (where nominated professional or team is working)||Baufest|
|Company size (employees)||450|
In 3 bullets, summarize why this professional or team deserves recognition:
Recognized Cloud Computing Security and Security researcher in Argentina and South America.
Active in professional societies:
Luciano is a welcome guest and speaker at numerous cloud and security events and training
Entrepreneur, coach and consultant in Information Security and Compliance. Luciano has experience in Information Security and Information Technology with expertise in Business Continuity and Cloud Computing Security.
Luciano has been working with Information Technology and Security in the past years in a dozens of projects in all security layers. Responsible for design, implementation and management of projects with activities like risk analysis, gap analysis, compliance, security policies development, disaster recovery, business continuity plan and network security.
Define and implement controls to compliance with SOX, PCI, and ISO 27000.
Support the compliance of laws and standards: Law Protection of Personal Data, Law of Computer crime, PCI-DSS. Adequacy of processes related to the treatment of sensitive and/or confidential information.
In addition to his job as consultant, he also has been working to develop and promote the Information Security to Argentina and South America through activities realized with associations like CSA, ISACA/ADACSI, Owasp, Cloud Standards Customer Council, etc…
Specialties: 15+ years of Corporate and IT/IS experience, including:
• Solid knowledge and experience in projects related to the implementation and improvement of a quality management systems and information security
• Knowledge in auditing and monitoring of compliance with standards and national and international standards
• Solid knowledge in Security on Microsoft technology
• Certified as a Lead Auditor ISO/IEC 27001:2005/2013
• Certified Cybersecurity for Industrial Control Systems – US Department of Homeland Security
• Certified Operational Security (OPSEC) for Control Systems – US Department of Homeland Security
• Certified Insiders’ Guide to PCI DSS v3.0
• Certified Integrator in Secure Cloud Services
• Information Security Governance
• Cloud Computing Security
• IT Risk Management & Audit
• Cyber Risk Strategy & Management
• Data Privacy & Protection
• Cybersecurity Awareness for Boards