Jose Casinha
Verified Expert in Engineering
Cybersecurity Developer
Lisbon, Portugal
Toptal member since December 21, 2023
Jose is a service-centric professional with extensive experience establishing and maintaining information security programs to protect an organization's data, systems, and assets from cybersecurity threats. With a remarkable acumen for developing security strategies aligning with an organization's goals and objectives, Jose has proven successful in identifying and assessing security risks, defining security controls, and creating a roadmap for enhancing an organization's security posture.
Portfolio
Experience
- IT Service Management (ITSM) - 20 years
- Team Leadership - 20 years
- Management Systems - 15 years
- Information Security Management Systems (ISMS) - 15 years
- Business Continuity - 15 years
- Leadership - 15 years
- Service Management System - 15 years
- Project Management Professional (PMP) - 10 years
Availability
Preferred Environment
Business Continuity & Disaster Recovery (BCDR), Auditing, NIST, ISO 27001, SOC 2, PCI DSS, NIS 2, Trusted Information Security Assessment Exchange (TISAX), ISO 22301
The most amazing...
...thing I've created is a SOC 2-compliant product that generated over €50 million in new ARR leveraging AWS technologies and others.
Work Experience
Managing Director
Innovative Business Resilience Solutions
- Led an ISO 27001, SOC 2, and OWASP gap analysis and maturity assessment with the corresponding improvement plan in a software product company.
- Conducted an interview and evidence analysis and performed the maturity evaluation.
- Oversaw the complete product lifecycle and service supply chain from ideation to the go-live.
Chief Information Security Officer
OutSystems
- Developed and implemented the company's security strategy and program. Reported to the board and audit committee.
- Collaborated with product and R&D teams on strategy, architectural design, and use case definitions to create a SOC 2-compliant new product and generated over €50 million in new annual recurring revenue (ARR) leveraging AWS and other technologies.
- Worked in the multi-regional security office with 35 people working in a follow-the-sun mode with five competencies, including security architecture, application security, operations managing cloud customers' workloads, and corporate assets.
- Administered the creation of a First.org-accredited computer emergency response team (CERT), a computer security incident response team (CSIRT), and a product security incident response team (PSIRT).
- Designed, implemented, and administrated the security operations center (SOC), security information and event management (SIEM), standard operating procedure (SOP), ticketing, incident response, and business continuity.
- Aligned with legal on General Data Protection Regulations (GDPR), the California Consumer Privacy Act (CCPA), and the Health Insurance Portability and Accountability Act (HIPAA).
Managing Director
Oni
- Created and managed the nationwide internet service provider.
- Handled multiple transformation projects in the financial sector, from Frame Relay to multiprotocol label switching (MPLS) with Voice over Internet Protocol (VoIP) and IP telephony.
- Led the managed services and professional services team covering the IP virtual private network (VPN), VoIP, security, IT service management, and critical project management.
Network Engineer
FCCN - Scientific Computing Unit of the National Science and Technology Research
- Managed the Internet for Schools project, connecting 1,600 schools to the internet.
- Spearheaded the National Geographical Information Network.
- Leveraged the adoption of the Integrated Services Digital Network (ISDN) in Portugal.
Systems Administrator
Ministry of Education of Portugal
- Engaged as a member of the user help desk team. Managed the local area networks (LANs).
- Managed the migration of the Virtual Address eXtension/Virtual Memory System (VAX/VMS) to Windows NT systems.
- Migrated over 3,000 users from the X.400 email systems to the Simple Mail Transfer Protocol (SMTP).
- Handled the migration of the X.25 network to Frame Relay and IP networks.
Experience
Inaugural Chief Information Security Officer (CISO) in OutSystems
• Demonstrated success in identifying and assessing security risks, defining security controls, and creating a roadmap for enhancing an organization's security posture.
• Oversaw day-to-day security operations, including incident response, vulnerability management, and security monitoring. Deft at evaluating and managing relationships with security vendors and service providers.
Sentry OutSystems Product Offering
https://www.outsystems.com/sentry/OutSystems Sentry
https://www.outsystems.com/sentry/OutSystems Sentry shares all of the features and benefits of the OutSystems cloud offering but has additional security, risk management, and monitoring in place to meet specific organizations' SOC Type II, HIPAA, PCI DSS, ISO 27001, ISO 22301, ISO 27017, and ISO 27018 compliance requirements.
Education
Master of Business Administration (MBA) in Management
Iscte Business School - Lisbon, Portugal
Bachelor's Degree in Computer Science
Universidade Autónoma de Lisboa - Lisbon, Portugal
Certifications
Certified Information Systems Security Professional (CISSP)
ISC 2
ISO 20000 Lead Auditor
PECB
Project Management Professional (PMP) Certification
Project Management Institute (PMI)
ISO 22301 Lead Implementer
PECB
Certified Information Systems Auditor
ISACA
ISO 27001 Lead Auditor
BSI
ITIL
EXIN
Skills
Tools
Mathematica
Industry Expertise
Cybersecurity, Project Management, Marketing, Telecommunications
Languages
Python, C#
Paradigms
HIPAA Compliance
Platforms
Microsoft
Other
Certified Information Systems Security Professional, Information Security Management Systems (ISMS), Business Continuity, Service Management System, IT Service Management (ITSM), ISO 27001, ISO 22301, SOC 2, ISO/IEC 27017, ISO/IEC 27018, Risk Assessment, Team Leadership, TCP/IP, Auditing, Risk Management, IT Governance, Impact Analysis, Maturity Assessment, GAP Analysis, Incident Response, Business Continuity & Disaster Recovery (BCDR), Management Systems, CISO, Liability Mitigation, GRC, Business Continuity Planning (BCP), Disaster Recovery Consulting, Consulting, Compliance, Organization, Regulatory Affairs, Data Classification, Privacy Impact Assessments (PIAs), Data Protection, Security Policies & Procedures, Data Subject Rights Management, Data Transfers, Regulatory Liaison and Reporting, Monitoring, Record of Processing Activities (ROPA), Data Breach Response, Vendor Management, Data Mapping, Project Management Professional (PMP), Communication, RFPs, RFQs, ITTs, Responses, Proposals & Quotes, Technical Writing, SIEM, Cloud Access Security Broker (CASB), Palo Alto Networks, Strategy, Finance, Operations, Human Resources (HR), Cost Accounting, Leadership, Sales, Programming, Telecom Equipment & Solutions, Algorithms, Statistics, PCI DSS, General Data Protection Regulation (GDPR), NIST, Trusted Information Security Assessment Exchange (TISAX), Operational Excellence, Negotiation, Managed Services, Internet Protocols, Multiprotocol Label Switching (MPLS), IP Telephony, Integrated Services Digital Network (ISDN), NIS 2, IT Project Management, Capability Maturity Model Integration (CMMI), Cloud Services, IT Security
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring