Summary
Overview
Work History
Education
Skills
Knowledge
Languages
Timeline
Generic

Luis Diego Solis

Information Security Specialist
Rohrmoser,SJ

Summary

Information Security Specialist with over 20 years of experience in aligning security architecture with business goals. Proficient in developing and testing security frameworks for cloud-based solutions across multiple industries. Skilled at identifying business risks, compliance issues, and implementing proactive solutions to protect critical assets. Extensive expertise in security compliance, audit readiness, and developing layered security strategies.

Overview

20
20
years of professional experience
6
6
years of post-secondary education

Work History

Security Compliance Engineer

Backcountry.com
7 2020 - Current
  • Provide guidance and support for regulatory compliance frameworks, including PCI DSS, NIST, GDPR, and ISO/IEC 27001.
  • Develop annual compliance roadmaps, ensuring security controls are met by stakeholders, partners, and corporate teams to maintain audit readiness.
  • Design compliance work plans and track action items to ensure timely compliance with regulatory requirements.
  • Lead PCI-DSS assessments and risk evaluations, assisting with IT audits as needed.
  • Oversee the execution of security controls per compliance roadmaps on weekly, monthly, semi-annual, and annual cycles.
  • Advise project teams on alternative controls when full security compliance cannot be achieved.
  • Serve as liaison between project teams and InfoSec, coordinating security resources and ensuring project objectives are met.
  • Conduct internal security assessments, providing recommendations for compliance improvements and remediating issues.
  • Streamline annual and ad-hoc audits to comply with PCI-DSS, NIST, GDPR, and ISO/IEC 27001 standards.
  • Coordinate external audits with Qualified Security Assessors (QSA) and manage interactions with vendors and departments.
  • Communicate and track remediation efforts, recommending compensating controls when necessary.
  • Manage the Security Awareness Program and produce quarterly cybersecurity newsletters for organization-wide awareness.
  • Create compliance dashboards and metrics reports to measure security effectiveness and progress.
  • Stay updated on evolving regulations and communicate compliance requirements across the organization.
  • Own and manage security policies, standards, and procedures while leading awareness programs for end-users and technical staff.
  • Implement and oversee programs for Risk Management, Incident Management, Vendor Management, Data Loss Prevention, and Vulnerability Management.

Security Architect and Governance

DXC Technology Co
08.2015 - 06.2020
  • Acted as the main point of contact for security service offerings, advising clients on secure solutions tailored to regulatory and business needs.
  • Designed and developed security architectures for IT projects, ensuring full compliance with industry regulations and standards.
  • Managed risk assessments, identifying potential threats and developing comprehensive mitigation strategies.
  • Led pre-sales activities, responding to RFPs, developing proposals, and estimating costs for security solutions.
  • Guided customers through adopting cloud-based services, ensuring compliance with security best practices.
  • Conducted periodic technical and business meetings with clients to assess opportunities and close deals.
  • Supported contract negotiations, advising on security clauses and ensuring adherence to security frameworks.
  • Developed strategic roadmaps, integrating new technologies to maximize revenue and improve security posture.

Software Solutions Advisor

GBM Corporation
06.2013 - 07.2015
  • Led pre-sales and sales efforts for IBM Tivoli and security solutions, identifying new business opportunities and ensuring timely delivery of services.
  • Managed service renewals and post-sales support, maintaining strong client relationships and ensuring long-term success.
  • Provided security advisory services to customers, tailoring IT and security solutions to their specific needs.
  • Conducted business and technical presentations to promote security products and services, effectively communicating value propositions to clients.
  • Collaborated with partners to deliver integrated security services, ensuring successful project execution.

Security Software Specialist & Technical Lead

GBM Corporation
09.2007 - 06.2013
  • Led a team of 10 security professionals, overseeing the implementation of IBM Security Framework solutions across Central America.
  • Managed full project lifecycles, from deployment to ongoing support, ensuring all customer requirements were met on time.
  • Served as the technical lead for pre-sales and post-sales activities, providing expert responses to RFPs and technical support during client negotiations.
  • Delivered hands-on support for security deployments and configurations, ensuring integration into client IT environments.
  • Conducted client meetings and presentations to identify and pursue new business opportunities, closing deals and driving growth.
  • Provided mentorship to team members, ensuring efficient workload management and professional development.

Security Services Advisor

KPMG
09.2004 - 09.2007
  • Conducted over 50 security audits and risk assessments for clients across various industries, ensuring compliance with security frameworks and regulations.
  • Coordinated audit-related tasks to ensure audit readiness and timely resolution of any findings.
  • Analyzed security incidents, risks, and vulnerabilities, recommending remediation strategies based on compliance frameworks.
  • Developed security roadmaps for clients, improving their security posture and ensuring compliance with industry standards.
  • Managed quality assurance programs, performing on-site evaluations, internal audits, and client surveys to ensure customer satisfaction.

Education

Master - Computer And Information Systems

Universidad Nacional De Costa Rica
Heredia
01.2005 - 08.2006

Bachelor - Information Systems Engineer

Universidad Latina De Costa Rica
San Jose
01.1998 - 05.2002

Skills

    Project and team Management

    Highly motivated professional

    Process management

    Leadership and mediation

    Communication skills

    Detail-oriented

    Security regulations compliance

Knowledge

  • GCP, AWS, Azure
  • IBM, Microsoft, McAfee, Symantec, Oracle, RSA, SailPoint, CyberArk, One Login, PaloAlto, Qualys, ServiceNow, VMWare, Cisco, JIRA, Tenable, QRadar, OpenVas, MS Defender, Azure
  • PCI-DSS, ISO 27001/27002, SSAE 18 SOC 2, GDPR, NIST

Languages

English
Full Professional
Spanish
Native or Bilingual

Timeline

Security Architect and Governance

DXC Technology Co
08.2015 - 06.2020

Software Solutions Advisor

GBM Corporation
06.2013 - 07.2015

Security Software Specialist & Technical Lead

GBM Corporation
09.2007 - 06.2013

Master - Computer And Information Systems

Universidad Nacional De Costa Rica
01.2005 - 08.2006

Security Services Advisor

KPMG
09.2004 - 09.2007

Bachelor - Information Systems Engineer

Universidad Latina De Costa Rica
01.1998 - 05.2002

Security Compliance Engineer

Backcountry.com
7 2020 - Current

Similar Profiles

  • Natalie Mast

    Natalie MastNatalie Mast

    Retail Assistant Manager at Backcountry.comRetail Assistant Manager at Backcountry.com

    View Profile
  • Chelsea McGowan

    Chelsea McGowanChelsea McGowan

    Buyer at Backcountry.comBuyer at Backcountry.com

    View Profile
  • Amy Lym

    Amy LymAmy Lym

    Fork Lift Operator at Backcountry.comFork Lift Operator at Backcountry.com

    View Profile
Luis Diego SolisInformation Security Specialist