Sergio Luna

Experience

• 

  Softtek

  Dec 2010 - Dec 2013

  Global Application Security Leader

  * Responsible for the assessment of applications to find security vulnerabilities.* Lead auditor of the security assessment of over 120 applications.Functional Experience:* WhiteBox assessments for applications (line by line assessments)* BlackBox assessments for applications (review on a live instance of an application)* GrayBox assessments for applications (source code assisted blackbox assessment)* Threat Modeling assessments (Threat detection before the codification process starts)* Developed Softtek’s Security Program web portal using HTML, CSS, Javascript & various image editing software* Responsible for the management and administration of the Application Security team* Responsible for increasing the number of assessment performed by 1,000% without increasing the number of members on the team (achieved 1,200% increase).* Responsible for negotiations on the acquisition of new applications to assess on a daily basis.* Responsible for the training of 7’000 company employees regarding the most common security vulnerabilities (detection & remediation).* Responsible for imparting the Application Security Awareness yearly to all Softtek resources.* Responsible for the creation of Security Campaigns to increase awareness on security within the company.Functional Experience:* Various marketing strategies centered on customer satisfaction.* Development and maintenance of team synergy (won a “Synergy award” as a team)* Development and diffusion of Application Security most common vulnerabilities training* Publicly spoken to groups of over 150 people at a time two times a day for the Security Awareness Campaign* Creation, automation and implementation of process improvements to increase production but not the quantity of resources. Show less

• 

  Softtek

  Mar 2014 - Nov 2021

  * Responsible for the onboarding of various applications from different technologies using the IMG tool from RSA* Integration of RSA IMG platform (tool installation and customization, application onboarding, collectors, roles, entitlements, workflows, etc.) for different customers and markets (Healthcare, Assurance, Banking, Finance, Automotive, and more.).* Leadership in the implementation projects for different customers.* Excellent knowledge in various Identity Management areas (Resource Provisioning, Identity & Access Governance including Role based access control, access request and certification, User Life Cycle Management Processes)* Creation and follow up of new proposals for new customers and projectsFunctional Experience:* Tool installation and configuration* Implementation and support of RSA IMG and platform* Experience leading business requirements gathering and translating those into system requirements* Experience facilitating business process design as it relates to managing identities and access privileges.* Creation, configuration and deployment of Identity, Account and Entitlement Collectors* Creation, configuration and deployment of connectors including Soap Web Services* Information migration including collectors, connectors, roles, entitlements, etc.* Creation of automated reports using Oracle SQL 11* Full Implementation testing* Experience developing identity management governance plans* Understanding of current regulatory environment and related implications to identity management and security/audit complianceTools:* Active Directory, RSA IMG, Microsoft FIM, LDAP, Linux, Oracle Database, JavaScript, Java, Python, Perl, Windows Server, Weblogic, .NET platform, SQL Server, SharePoint, ACF2, different ERP and CRM systems, ITIL Methodology.* Databases: SQL, Toad, Squirrel* Operation systems: Windows, Linux Show less * Responsible for the development of 14 security practice initiatives; including the generation of numerous training courses, middle management skills enhancement, security integration in new developments, dynamic certification, resource, skills and tools inventory, among others.Functional Experience:* Fluid, visually stunning, and effective PowerPoint presentations for managers in all sorts of positions.* Developed a high level vision with the interaction with resources in all sorts of positions.* Learned new ways to work effectively with different managers (and different requests). Show less

  • RSA IMG Implementation Engineer

    Aug 2014 - Nov 2021

  • Security Specialist

    Mar 2014 - Oct 2014
• 

  Deloitte

  Nov 2021 - now

  Cyber Security Manager