Rodrigo Caminha, CDPSE, PDPF, PDPE

Experience

• 

  Intelig Telecom

  Jan 2010 - May 2011

  Analista de Suporte

  Maintain and manage the Operating System Services (Windows 2000, 2003 and 2008), Active Directory and IP addressing (DHCP, DNS, WINS).Administration of the Electronic Mail Service (Exchange 2003, 2007) mailboxes, carrying out the maintenance and security procedures necessary to protect against virus and spam infection (ScanMail, OfficeScan and IMSS / IMSVA, TrendMicro products).Define and design all implementations and specifications regarding upgrades, migrations, version updates and new projects according to the needs of the Company. Manage customer access, in accordance with access and security policies. Maintain and Administer Services for internal customers (IIS Service, WSUS, BlackBerry Service, virtualization of application servers and development with VMWare). Show less

• 

  TIM Brasil

  May 2011 - now

  • Conduct the implementation of the Compliance Assurance Program within the scope of Information Technology and Security, based on the guidelines of the General Data Protection Law (LGPD), civil framework of the Internet, and other sectoral laws and regulations, acting and reporting directly the structure of the Compliance Officer and DPO.• Coordinate and supervise SOX certification (Sarbanes Oxley ACT) in relation to the effectiveness and efficiency of IT General controls, reviewing and documenting the controls listed for certification, with the main activities: covering the associated risks based on the COSO / COBIT framework model , independent tests, management of internal / external deficiencies, support and evaluation of action plans, service and report to external audit.• Ensure the management of IT risks, as a second level of control, through definitions / standards, methodologies and policies for risk analysis and IT management with a focus on information security.• Ensure technological efficiency, through Risk Assessment projects in the company's systems and processes, using laws and regulations, frameworks / good market practices, TIM Brasil and Telecom Itália group guidelines as a basis, generating added value to the business acting in prevention financial losses, systemic weaknesses and improvement of technological processes. Show less Working in TIM's Brazil DPO structure, in the implementation of the Data Protection Compliance Program, advising the company's functions on the guidelines of the General Data Protection Law (LGPD). Gap analysis and creation / adaptation of internal rules and policies for Compliance with laws and regulations, in particular the General Data Protection Law, in addition to good market practices on privacy, and GDPR practices applicable to the Brazilian scenario. Definition of the model for the DPO's compliance with the rights of the holders and implementation of DSRP - Data Subject Rights Platform, as well as supporting TIM functions for managing consent CMP - Consent Manager Platform. Mapping of internal and external data processing activities (suppliers / outsourcer, etc.), and adjustments to data protection contractual clauses and information security requirements. Risk assessments of systems / solutions / services in order to avoid / minimize data leakage and exposure of the TIM Brand through DPIA - Data Protect Impact Assessment models. Ensure technological efficiency, through risk assessment projects in the company's systems and processes, using frameworks / best market practices, TIM Brasil group guidelines generating added value to the business acting in the prevention of financial losses, systemic weaknesses and improvement of technological processes . Supervision of activities related to SOX certification (Sarbanes Oxley ACT) in relation to the effectiveness and efficiency of IT General controls, reviewing and documenting the controls listed for certification, with the main activities: covering the associated risks based on the COSO / COBIT framework model , independent tests, management of internal / external deficiencies, support and evaluation of action plans, assistance and report to external audit. Show less • Supervision of activities related to SOX certification (Sarbanes Oxley ACT) in relation to the effectiveness and efficiency of IT General controls, reviewing and documenting the controls listed for certification, with the main activities: covering the associated risks based on the COSO / framework model COBIT, independent tests, management of internal / external deficiencies, support and evaluation of action plans, service and report to external audit.• Ensure the management of IT risks acting as a second level of control, through definitions / standards, methodologies and policies for risk analysis and IT management with a focus on information security.• Interpretation of the internal / external flows of the IT policy, identification and risk management, including review of the issuance of the respective policies and guidelines of the group in order to improve the structure of internal controls of the IT systems;• Ensuring compliance analysis in the delivery of IT services through activity-based risk;• Mapping of processes and controls, independent tests, evaluation of processes and systems. Show less Oracle Database Administrator (8i, 9i, 10g, 11g) on Unix / Linux operating systems (HP-UX 11.00 and 11.11, IBM AIX 6.0, Linux RedHat). Administrator of Mysql databases (5.1.44) on Linux RedHat, CentO-S and Fedora 12. Installation of Oracle following the good practices of Oracle Universal Installer (OUI). Creation and restoration of databases for Development, Homologation, Pre environments -Production and Production. Plan and implement backup and recovery plans (RMAN and HP Data Protector). Perform adjustments and performance recommendations. Provide support to the development team. Create and apply security policies to the database, following Sox rules. Manage all database objects, such as: Tables, indexes, procedures, packages, triggers, synonyms, cluster, sequences, Dblink and views. Troubleshoot database, application or hardware problems. Show less

  • IT & Security Compliance - Sênior Specialist (Assurance Leader)

    Apr 2021 - now

  • IT & Security Compliance - Specialist

    Oct 2018 - Mar 2021

  • IT & Security Compliance - Sr. Consultant

    Sept 2012 - Sept 2018

  • DBA Oracle

    May 2011 - Aug 2012