You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
Mario R.MR

Mario R.

Vulnerability Mgmt, IT Risk, InfoSec & Compliance

On-demand
Madrid, ES
15+ years
Threat and vulnerability
IT-Security
IT Risk
IT Compliance
IT Audit

Average response time: 1 hour

About Mario

I’m Mario, a Information Systems Engineer with over 25 years of experience leading Information Security, IT Risk, Vulnerability Management, Compliance, and IT Audit projects across diverse industries and international markets. I have worked with organizations such as Banco Sabadell, adidas, Sportium, Ladbrokes, and EY, managing complex, regulated environments and delivering measurable security improvements.

My expertise spans end-to-end vulnerability management programs, risk-based prioritization, remediation oversight, and executive reporting. I have successfully implemented and guided ISO 27001 certification projects, developed compliance frameworks, and ensured alignment with regulatory and business requirements.

I approach projects with a combination of technical depth and strategic vision, collaborating closely with IT teams, business stakeholders, and auditors to drive results. My style is pragmatic and results-oriented, focusing on reducing risk, enhancing operational efficiency, and providing actionable insights to leadership.

With certifications including CISA, CRISC, ITIL, and ISO 27001 Lead Auditor, I bring a senior-level perspective that integrates security, risk, and compliance. I am committed to delivering high-value outcomes for my clients, adapting quickly to their environments, and providing guidance that balances technical rigor with business priorities.
Banking and Financial Services
Consulting and Audits
Fashion and Cosmetics
Leisure, Recreation, and Entertainment
Paper and Packaging

  • Spanish

    Native or bilingual

  • English

    Fluent

Remote only
Primarily works remotely

Experience

  • Confidential
    Head of Threat & Vulnerability Management in Cybersecurity in Global IT
    May 2024 - Today (2 years)
    • Assessed and ranked vulnerabilities by severity, potential impact, and exploitability, aligning remediation efforts with business risk.
    • Coordinated with system administrators, developers, and IT teams to ensure timely resolution of security issues from identification to closure.
    • Maintained and enhanced vulnerability management platforms, refining scan configurations and workflows to improve detection accuracy and operational efficiency.
    • Delivered regular reports and dashboards to senior leadership, providing visibility into vulnerability trends, remediation progress, and overall security posture.
    Communication Vulnerability Assessment Vulnerability Management Tenable Presentaciones
  • Sabadell Digital, S.A (Grupo Banco Sabadell).
    Head of IT Security Service Delivery and Vulnerability Management in SecOps
    August 2020 - May 2025 (4 years and 9 months)
    Madrid, Spain
    • Vulnerability Management & Risk Prioritization: Identified and prioritized vulnerabilities based on severity, potential impact, and exploitability. Collaborated with IT and security teams to define and implement effective remediation plans and timelines.
    • Remediation Oversight: Directed the end-to-end remediation process, coordinating with system administrators, developers, and stakeholders to ensure timely patching and mitigation of security threats.
    • Tool Optimization & Process Improvement: Maintained and enhanced vulnerability management platforms, optimizing scan configurations and workflows to improve detection accuracy and operational efficiency.
    • Reporting & Risk Communication: Delivered regular reports and metrics to senior management, providing insights into vulnerability trends, remediation progress, and the organization's overall security posture.
    Qualys Vulnerability Assessment Vulnerability Management Reporting IT-Security
  • Sabadsabaddll digital
    IT Risk of Information Security manager.
    February 2017 - August 2020 (3 years and 6 months)
    Responsible of the global planning, designing, and implementing of the IT Risk Management process, fully integrated into the Banc Sabadell Operational Risk Framework. Key responsibilities included:
    • Presented risk assessments, findings, and mitigation updates to senior management and stakeholders. Advocated for investment in risk management initiatives through clear, data-driven reporting.
    • Oversaw the documentation of control findings, tracked remediation plans, and ensured the quality and consistency of technical risk analyses.
    IT Audit IT Risk Management IT-Compliance Reporting Archer
Check out Mario's experience

Recommendations

Be the first to recommend Mario

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Information System Engineer
    UTN - Universidad Tecnológica Nacional. Argentina
    Information System Engineer
  • in CRISC - Risk and Information Systems Control
    in CRISC - Risk and Information Systems Control
Check out Mario's education

Skill set

skills assessment
Continual improvement
Threat Intelligence
Risk and Vulnerability Assessment
GRC (Governance, Risk and Compliance)
Security Awareness Training
IT Project Management
IT Service Management
CISA
CRISC
ISO 27001 Lead Auditor
Qualys
Tenable

Categories