Fernando Ezequiel Salvador

As the Director of Cyber Security Operations at Evinova, I am responsible for leading and advancing our cybersecurity strategy to ensure the safety of our digital health solutions and enterprise infrastructure.

Key responsibilities and projects include:

Developing and maintaining Evinova's comprehensive security operations program, covering areas like threat detection, analysis, and incident response.

Collaborating with engineering, product, and platform teams to ensure the integration of security operations across all facets of our technology.

Leading cybersecurity incident investigations, from detection to remediation, and developing lessons learned to continuously improve our security posture.

Overseeing outsourced security service providers, ensuring alignment with service level agreements (SLAs) and key performance indicators (KPIs).

Implementing and maturing security tools, technologies, and processes for vulnerability management, threat intelligence, network security monitoring, and operational resilience.

Conduct tabletop exercises and cyber crisis simulations to prepare for potential risks.

Enhancing threat detection capabilities through advanced technologies, proactive monitoring, and threat intelligence integration.

Driving the operationalization of a vulnerability management program to ensure timely risk identification, assessment, and remediation.

My focus is on ensuring that Evinova's digital health solutions are secure, reliable, and aligned with industry best practices while enabling innovation and growth in our health tech initiatives.

Responsible for guiding information technology (IT) security team members and leading IT analysts, security administrators, and security engineers to coordinate effective security protocols and respond to security breaches.

• • Evaluated, defined, and executed security goals, strategies, and policies according to business strategies.

• • Lead the security architecture of our systems in coordination with tech and product teams.

• • Create and improve security policies, including data breach procedures, internal security policies, and disaster recovery plans.

• • Conducted IT compliance risk assessments: Evaluated the organization's IT systems, processes, and controls to identify potential compliance risks and vulnerabilities.

• • Supported Legal, Privacy, and Risk teams in matters of cybersecurity. Assisted legal teams with on specific requirements when dealing with data authorities or external auditors.

• • Supported DevOps and engineering teams with security initiatives, best practices, code reviews, and SDLC when applicable.

• • Managed internal vulnerability assessment tools and evaluated the reports generated.

• • Evaluate, propose, create, and oversee the implementation of security initiatives within the company.

• • Objectively evaluated cybersecurity risks and proposed technical and non technical controls.

In charge of the design and correct execution of Generali's information security strategy in Argentina, and supporting the other countries in the region with the help of a multidisciplinary team dedicated to the different security fronts.

• • Defined the Information Security Strategy of the company.

• • Implemented the different technical controls required by the Generali Group's cybersecurity transformation program, which include more than ten latest generation technologies for the protection of information.

• • Launched the Security Awareness program and the technical training plan for employees and developers.

• • Carried out the remediation of findings reported by external and internal audits, through the implementation of numerous automatic controls.

• • My team made significant contributions in the constitution of a Central SOC and the formation of a regional Incident Response Team, in charge of the incidents in Argentina, Brazil, Chile and Ecuador.