Skip to main content
EG
Open to opportunities

Enrique Gallardo

@enriquegallardo

Security Architect specializing in Zero Trust cloud and operational security.

Germany
Message

What I'm looking for

I’m looking for a Security Architect role where I can design Zero Trust, cloud and OT security architectures, lead threat modeling and incident-response readiness, and partner across IT/OT/GRC to deliver audit-ready controls.

I’m a Security Architect based in Germany, focused on designing secure architectures that hold up in real-world pressure: degraded scenarios, jamming and signal manipulation, and fast-changing operational conditions. I turn security strategy into practical, audit-ready systems—spanning architecture, threat modeling, governance, and execution.

In my most recent work, I implement Zero-Trust architecture for containerized environments using VMware & Tanzu, with a strong emphasis on securing communication, workload protection, and data access. I use tools like LeanIX for enterprise and solution security architecture, and I apply IriusRisk for architecture-driven threat modeling to derive security requirements, countermeasures, and design gaps.

I’ve also led security governance and control delivery—mapping risk and compliance into structured, measurable actions. I’ve supported ISO 27035-based digital forensics, built governance reporting, and improved Security Operations by tuning SIEM detections and response workflows (including incident handling, Root Cause Analysis, and audit support).

Earlier roles strengthened my end-to-end security mindset across cloud governance, privacy, and SOC build-out—translating NIST/ISO requirements into operational programs, documentation, and monitoring. Whether it’s identity and privileged access, data protection, threat intelligence, or incident readiness, I collaborate across IT, OT, Engineering, and advisory teams to deliver security that’s an enabler, not a blocker.

Experience

Work history, roles, and key accomplishments

CA

Security Architect

Jan 2022 - Feb 2026 (4 years 1 month)

Implemented a Zero-Trust architecture for maritime container mini data centers to secure containerized GIS workloads, including communication protection, workload protection, and data access in contested environments. Defined enterprise/solution security architecture, threat modeling, governance/compliance, and end-to-end OT security strategy aligned to multiple frameworks and standards.

Sopra Steria logoSS

Lead Security Architect

Sopra Steria

Aug 2019 - Jan 2022 (2 years 5 months)

Provided governance and control across risk monitoring, digital forensics, data governance, access control policies, and security strategy aligned to regulatory requirements. Led security operations and threat management work, including SIEM alert analysis, MITRE ATT&CK usage, policy enforcement integration, microsegmentation/SD-perimeter solutions, and incident/forensic workflows.

Fujitsu logoFU

Security and Data Protection Consultant

Sep 2015 - Jul 2019 (3 years 10 months)

Performed security and privacy governance using NIST controls, privacy risk assessments, data retention/deletion policies, data mapping, and GDPR/CCPA-aligned documentation and handbooks. Implemented security monitoring and DevSecOps-oriented controls including DLP/CASB, encryption/tokenization, vulnerability management, endpoint protection, SIEM support, and secure access/AAA using tools and secu

CF

Security Project Governance Consultant

Computer Futures

Apr 2010 - Aug 2015 (5 years 4 months)

Centralized security governance for European sites and designed security policy programs across AWS/Azure with focus on IAM, encryption, and network controls. Built SOC capabilities, implemented Zero Trust and microsegmentation approaches, deployed security controls (including WAF and VPN architectures), and supported audits and security assessments using multiple security tools.

Randstad logoRA

Cybersecurity Auditor

Randstad

May 2007 - Mar 2010 (2 years 10 months)

Helped establish and operate an IS Governance, Risk and Compliance committee, translating regulatory and contractual requirements into security policies, frameworks, and procedures. Led information assurance vulnerability management processes including POA&Ms and continuous scanning/remediation reporting, and supported security projects with SIEM/WAF integration and vulnerability assessment tools.

Ernst & Young logoEY

Senior Consultant, Governance

Feb 2004 - Apr 2007 (3 years 2 months)

Managed NIST-aligned security governance including RMF/POA&M execution, security plans/directives, risk and business-impact analyses, and remediation milestones across locations. Supported compliance activities (PCI DSS self-assessments and ISO evidence audits) and implemented security engineering controls including ArcSight SIEM monitoring, DLP solutions, access control combinations, and analytic

Education

Degrees, certifications, and relevant coursework

UM

Universitaet Madrid

Bachelor of Science (B.Sc.), Telekommunikationstechnik

1999 - 2003

B.Sc. in Telekommunikationstechnik at Universitaet Madrid from 1999 to 2003.

Availability

Open to opportunities

Location

Germany

Authorized to work in

Interested in hiring Enrique?

You can contact Enrique and 90k+ other talented remote workers on Himalayas.

Message Enrique

People also viewed

View all talent

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan