Description

Freelance SOC Manager & Security Governance Lead

How I help

I help founders, CTOs, and security leaders stand up or level up their security function fast. I build and manage SOC teams, define operating procedures, and implement ISO 27001 and SOC 2 programs that pass audits without slowing the business. I combine hands-on incident response and detection engineering with board-level reporting and governance so you get real risk reduction, measurable KPIs, and audit-ready proof.

Typical projects & deliverables

SOC leadership & operations

SOC blueprint (mission, scope, interfaces) and operating model.
Runbooks & playbooks
Detection engineering roadmap: use-case, ATT&CK mapping.
KPIs & dashboards: MTTD/MTTR, alert volume, false-positive rate, use-case coverage, control health.
Purple-team loop
Tooling alignment: SIEM (Splunk/QRadar/Elastic/ArcSight), EDR (Defender/CrowdStrike), NSM/IDS (Snort/Suricata), ticketing, and case management.

Governance, risk & compliance

ISO 27001
ISO 27005
SoA, policy suite, internal audit plan, management review, certification prep.
SOC 2 Type I/II
Executive artifacts
Secure SDLC
ENS

Build-from-scratch engagements

Greenfield security in 90–120 days: risk baseline, core controls, incident process, detection MVP, on-call rotation, policy set, awareness briefing, and first audit plan.
Hiring & enablement: role specs, interview loops, onboarding pathway, and mentoring program.
Operate & transfer: I run the function initially, then transition to your permanent leader.

What working together looks like

1. Rapid assessment (2–3 sessions). Scope, goals, current tooling, top risks, audit timelines.

2. 90-day plan. Milestones, owners, and KPIs; quick wins + structural fixes.

3. Execution with transparency. Weekly status, risk register updates, and dashboard reviews.

4. Sustain & evolve. Embed metrics, coach leaders, and prep the next audit cycle.

Languages

Spanish
Native or bilingual
Catalan
Native or bilingual
English
Fluent

Workplace preferences

Remote only

Primarily works remotely

Deloitte
SENIOR CYBER SECURITY ANALYST
DIGITAL AND IT
October 2022 - Today (3 years and 8 months)
Madrid, Spain
• Implement a manage endpoint security solution utilizing Crowdstrike and Microsoft Defender to secure workstations and servers.
• Use Splunk, Crowdstrike and Microsoft Defender, among other tools for security response to triage security issues.
• Interrogate and monitor agency network traffic and conduct network vulnerability security assessments on DoD networks.
• Analyze security reports (Appscan, Nessus, Red Teams) to identify vulnerabilities and create mitigation strategies.
• Provide remediation plans for non-compliant servers
• Analyze security and firewall logs and investigate all irregularities as needed.
• Maintain confidentiality of information residing in corporate databases, workstations, servers, and other systems.
• Assist in the development of security policies, plans, and procedures to meet government regulations and industry best practices.
• Train new and current cyber security analysts on existing or new technologies, new or existing processes.
• Maintain SOC Dashboards in Splunk.
• Hunt for current threats on SIEMs based on information provided by news and government sources.
• Act as lead in incident response and analysis.
• Maintain quality control of tickets and overall quality of all SOC related tasks.
Splunk Risk analysis Technical project management Cybersecurity ISO 27001
INCIDE Digital Data S.L.
DFIR ANALYST
TECH
February 2019 - November 2022 (3 years and 9 months)
Barcelona, Spain
• Forensics acquisitions and analysis.
• Threat hunting projects.
• Incident response.
• Remote analysis and acquisition with GRR and F-Response.
• Monitoring and vulnerability analysis of SIEM security events(DLP/TCP/IP/VPN/Firewall/Proxy/Windows events/EDR) through different solutions (Splunk, Qradar, Arcsight, Kibana).
• Development and implementation of event-based security alerts and monitoring (DLP/TCP/IP/VPN/Firewall/Proxy/Windows events/EDR/IPS/IDS) via different solutions (Splunk, Qradar, Arcsight, Kibana).
IT-Security Cybersecurity Technical project management Splunk Risk analysis
GMV
IT SECURITY AUDIT
TECH
December 2017 - April 2018 (4 months)
Barcelona, Spain
• Plan, execute and lead security audits.
• Inspect and evaluate financial and information systems, management procedures and security controls.
• Work with management to ensure security recommendations comply with company procedure.
• Collaborate with departments to improve security compliance, manage risk and bolster effectiveness.
• Report of audit findings.
Audit IT-Security Risk analysis Project Management

Check out Mònica's experience

Be the first to recommend Mònica

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

M.D. IN CYBERSECURITY AND INFORMATION SECURITY
UCLM (Universidad de Castilla la mancha)
2021
M.D. IN CYBERSECURITY AND INFORMATION SECURITY
M.D. IN TELECOMMUNICATION ENGINEERING
UPV (Universitat Politècnica deValència)
2025
M.D. IN TELECOMMUNICATION ENGINEERING

Check out Mònica's education

Cybersecurity Expert

Mònica Martínez Gómez

SENIOR CYBER SECURITY ANALYST

About Mònica

Freelance SOC Manager & Security Governance Lead

How I help

Typical projects & deliverables

SOC leadership & operations

What working together looks like

Experience

Recommendations

These freelancer profiles also match your criteria

Education

Skill set

Categories