Marcelo Ferreira Rodrigues
Cybersecurity & Privacy Lead Partner
PwC Portugal
Marcelo Ferreira Rodrigues is a Partner in the Risk Assurance Services (RAS) area of the Assurance department.
Team coordinator with relevant experience in cybersecurity compliance assessments against different market standards (ISO 27001, NIST CSF, NIST SP 800-53, COBIT, etc.), and/or regulatory requirements (EBA Guidelines, NIS Directive, ESMA Guidelines, PCI DSS, PSD2, SWIFT CSCF, SWIFT SIP, etc.).
At a glance
Areas of focus
- Cybersecurity
- Privacy
Professional background
Definition and implementation of cybersecurity risk management frameworks and execution of cybersecurity risk analysis cycles;
Execution of vulnerability analysis, redteaming, and offensive security testing on various platforms and operating systems (e.g., Windows, Linux, Unix);
Post-attack support, with the implementation of concrete security measures to contain threats;
Multiple cybersecurity capacity building projects, ranging from IDS assessment, Firewalls, MFA, Multi-Factor Authentication (MFA), Security Information and Event Management (SIEM), Backup solution security, Security Operations Center (SOC), and Security Incident Response Plan;
Social engineering testing, with dozens of executions performed in multiple environments and with varying levels of difficulty. Including follow-up intervention that involves end-user awareness;
Development of policies and procedures related to information security;
Cloud adoption, including security and cloud readiness components, as well as evaluation of the most suitable models (e.g., private, public, hybrid); and
Data center migration projects (design and implementation evaluation).
Education
- Degree in Computer Science from the Faculty of Sciences of the University of Porto
- CISA certified
- CISM certified
- CDPSE certified
- ITILv3 certified
