Diego User
@diegouser12
Security engineering director specializing in application, cloud, and AI security for regulated products.
What I'm looking for
I’m a security engineering leader spanning application, cloud, and AI security, with experience delivering compliance-heavy programs across fintech, SaaS, and financial services. As Director of Security Engineering at Flywire (Spain, Remote), I lead a 15+ person team and align security execution to business priorities while reporting to the CISO.
I build security programs that embed controls into CI/CD and developer workflows—integrating SAST, DAST, SCA, and penetration testing to enable developer-led remediation at scale. I also helped make AI security practical early: I set up guardrails and oversight controls, redesigned the Secure SDLC with AI-driven automation to reduce security review cycles from days to hours, and implemented an AI-built threat modeling process using STRIDE and MAESTRO.
Experience
Work history, roles, and key accomplishments
Led security engineering across application, cloud, and AI security for regulated B2B, healthcare, education, and travel products, reporting to the CISO and aligning security execution to business priorities. Managed a 15+ person security engineering team and drove security roadmap, executive reporting, and auditor/regulator relationships across PCI-DSS 4.0, ISO 27001, SOC 2, and NIST CSF 2.0.
Product Security Engineering Manager
Jan 2019 - May 2023 (4 years 4 months)
Led product security strategy and execution across Heroku PaaS and Salesforce product lines, including SDB, Apex, and Core. Established SDLC security review intake, security metrics, and threat modeling adoption, and led security disclosures and remediation guidance for security findings.
Senior Security Operations Manager
Base4 Security
Jan 2015 - Jan 2019 (4 years)
Led offensive and defensive security teams across 200+ penetration testing and red team engagements for clients across financial services, telecommunications, retail, and technology sectors. Directed Telefónica Argentina’s security hardening initiative and delivered training programs covering incident handling and secure development lifecycle management.
Head of Security Controls
Itaú Bank
Jun 2013 - Oct 2015 (2 years 4 months)
Managed access governance for 5,000+ users and delivered monthly security KPIs and dashboards to the executive committee. Directed security incident detection and response using SIEM and GRC platforms and led BCRA-regulated audit engagements, while defining and enforcing security policies and controls for new business projects.
Head of Security
DineroMail
Jan 2011 - Jun 2013 (2 years 5 months)
Built the information security function from scratch across five Latin American countries as founding security leader. Led PCI-DSS certification across regional entities and deployed a SIEM platform with automated event correlation to provide centralized security visibility.
Managed role-based access controls and segregation of duties across company systems. Collaborated with infrastructure teams to enforce baseline hardening configurations across servers, workstations, and network devices.
Performed malware analysis and reverse engineering to assess threat behavior and inform product development. Delivered ethical hacking and offensive security assessments and conducted BCRA-regulated compliance audits for Argentine financial institutions.
Information Systems Auditor
PKF
Jan 2005 - Jan 2006 (1 year)
Executed IT security and compliance audits for regulated industries and prepared formal findings reports for internal, external, and BCRA regulatory stakeholders.
Education
Degrees, certifications, and relevant coursework
IESE Business School, University of Navarra
Program for Management Development (PMD), Management
2024 - 2025
Completed the Program for Management Development (PMD) at IESE Business School, University of Navarra in Barcelona, Spain.
Universidad de Palermo
Master of Business Administration (MBA), Business Administration
2021 - 2023
Earned a Master of Business Administration (MBA) at Universidad de Palermo in Buenos Aires from 2021 to 2023.
Universidad Abierta Interamericana
Master’s Degree, Systems Engineering
Completed a master’s degree in Systems Engineering at Universidad Abierta Interamericana in Buenos Aires.
Tech stack
Software and tools used professionally
Availability
Location
Authorized to work in
Job categories
Interested in hiring Diego?
You can contact Diego and 90k+ other talented remote workers on Himalayas.
Message DiegoGet matched with your dream remote job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
