Skip to main content
Juan Carlos Munera

Resume

Juan Carlos Munera
#

Cybersecurity & GRC Professional
#

Miami, FL | jcmunera@cybersecpro.me

Download PDF Resume

Professional Summary
#

Accomplished professional and leader with a blend of hands-on technical expertise and strategic compliance advisory experience. Extensive experience in IT, Cybersecurity, and Compliance with consistent delivery of high-impact results enabling leadership and the business in managing various programs and initiatives.

Languages: Bilingual in Spanish and English, with elementary proficiency in Portuguese.

Professional Experience
#

  1. Sr. IT/IS Systems Engineer / Compliance Advisor

    2025 - 2026

    Martec Technologies (Contract)

    - Advised business on PCI-DSS v4.0.1 compliance initiatives - Aligned with business and implemented PCI compliance as a business-as-usual program - Worked with stakeholders to document people, processes, and technologies - Established scope of environment and compliance applicability - Led scope reduction activities for data processing environment

  2. Sr. Principal, Governance Risk and Compliance

    2022 - 2025

    Ingram Micro, Inc.

    - Served as an advisor to executive leadership on GRC and technical initiatives - Led PCI scope reduction efforts and outsourcing of card operations - Validated point-to-point encryption solutions, resulting in lowered risk and expenditure - Advised stakeholders on transition to PCI-DSS version 4.0 - Provided guidance on new controls and requirements to senior leadership and control owners - Managed continuous compliance across multiple frameworks: NIST CSF, PCI, SOC, SWIFT CSCF, CMMC - Assisted in Third Party Risk Management, facilitated Quarterly Business Reviews, third party audits, and customer audits

  3. Cybersecurity Instructor

    2020 - 2024

    ThriveDX (Part-time)

    - Lead Instructor in Cybersecurity continuing education programs at major universities - Universities: University of Miami, New York University, University of Michigan, California State University - Courses taught: Microsoft Security, Network Security, Cyber Infrastructure and Technology, Ethical Hacking, Digital Forensics and Incident Response

  4. Principal Security Consultant

    2016 - 2021

    Cipher Security, a Prosegur Company

    - Enabled customer bank to obtain initial PCI-DSS certification through combined consulting advisory - Led PCI Compliance efforts across all teams, managing client expectations and timelines - Enabled bank to launch Merchant Services division meeting key business objectives - Engaged with customers to secure Credit Card Data Environments and meet PCI DSS requirements - Conducted on-site assessments, report writing, and compliance attestation - Acted as SOC Tier 3 escalation point, working with SOC Manager on high-priority incidents - Improved processes and stood up new Managed Detect and Response (MDR) setups for MSSP clients - Implemented SIEM setup, custom correlation rules, log ingestion, and SOAR assistance - Lead consultant for Miami office, performed Compliance, Security and Vulnerability Assessments - Used tools: Tenable Nessus, Rapid7 Nexpose and InsightVM, Qualys, OpenVAS

  5. Sr. Information Security Engineer/Systems Engineer

    2006 - 2016

    Telefonica Business Solutions - Datacenter

    - Team Lead for Managed Service Security Provider division in large high-security datacenter - Worked with Systems Engineering, Network Ops, and Infrastructure teams - Designed network topology with NetOps to meet MSP customer requirements - Managed MSP Datacenter carrier-grade firewall serving hundreds of customers - Installed, configured, and managed firewalls, IDS/IPS, web application firewalls - Participated in Technology Steering Committee to evaluate new products and services

Education
#

  1. Bachelor of Science - Information Systems Security

    Completed

    ITT Technical Institute

Certifications
#

CISSP Ex-PCI QSA PCI ISA PCI PCIP ISO 27001 Lead Auditor ISO 27001 Lead Implementer CEH

Professional Certifications:

  • ISC2.org Certified Information Systems Security Professional (CISSP)
  • PCI Security Standards Council DSS Ex-Qualified Security Assessor (QSA)
  • PCI Security Standards Council DSS Internal Security Assessor (ISA)
  • PCI Security Standards Council Certified DSS PCI Professional (PCIP)
  • British Standards Institution ISO 27001 Lead Auditor
  • British Standards Institution ISO 27001 Lead Implementer
  • EC-Council Certified Ethical Hacker (CEH)

Technical Expertise
#

Payments Security
#

PCI DSS, PIN Security, P2PE (Point-to-Point Encryption)

Systems & Infrastructure
#

  • Systems Engineering: Windows Server, Linux/Unix
  • Cloud Platforms: AWS, Azure
  • Virtualization: VMWare, Hyper-V, Proxmox VE
  • Network Security: Firewalls, IDS/IPS, WAF

Security Operations
#

  • SIEM: Splunk, ELK Stack, custom correlation rules
  • Vulnerability Management: Tenable Nessus, Rapid7, Qualys, OpenVAS
  • SOC Operations: Tier 3 escalations, incident response
  • SOAR & MDR: Managed Detection and Response setup

GRC Frameworks & Standards
#

NIST Cybersecurity Framework, PCI DSS, ISO 27001, SOC, SOX, SWIFT CSCF, CMMC

Additional Experience
#

Previous roles at AerSale (formerly Sargent Avborne Aerospace) and The Brand Institute

Contact
#

Email Me LinkedIn Profile PGP Public Key