Enrique Gallardo
@enriquegallardo
Security Architect specializing in Zero Trust cloud and operational security.
What I'm looking for
I’m a Security Architect based in Germany, focused on designing secure architectures that hold up in real-world pressure: degraded scenarios, jamming and signal manipulation, and fast-changing operational conditions. I turn security strategy into practical, audit-ready systems—spanning architecture, threat modeling, governance, and execution.
In my most recent work, I implement Zero-Trust architecture for containerized environments using VMware & Tanzu, with a strong emphasis on securing communication, workload protection, and data access. I use tools like LeanIX for enterprise and solution security architecture, and I apply IriusRisk for architecture-driven threat modeling to derive security requirements, countermeasures, and design gaps.
I’ve also led security governance and control delivery—mapping risk and compliance into structured, measurable actions. I’ve supported ISO 27035-based digital forensics, built governance reporting, and improved Security Operations by tuning SIEM detections and response workflows (including incident handling, Root Cause Analysis, and audit support).
Earlier roles strengthened my end-to-end security mindset across cloud governance, privacy, and SOC build-out—translating NIST/ISO requirements into operational programs, documentation, and monitoring. Whether it’s identity and privileged access, data protection, threat intelligence, or incident readiness, I collaborate across IT, OT, Engineering, and advisory teams to deliver security that’s an enabler, not a blocker.
Experience
Work history, roles, and key accomplishments
Implemented a Zero-Trust architecture for maritime container mini data centers to secure containerized GIS workloads, including communication protection, workload protection, and data access in contested environments. Defined enterprise/solution security architecture, threat modeling, governance/compliance, and end-to-end OT security strategy aligned to multiple frameworks and standards.
Lead Security Architect
Sopra Steria
Aug 2019 - Jan 2022 (2 years 5 months)
Provided governance and control across risk monitoring, digital forensics, data governance, access control policies, and security strategy aligned to regulatory requirements. Led security operations and threat management work, including SIEM alert analysis, MITRE ATT&CK usage, policy enforcement integration, microsegmentation/SD-perimeter solutions, and incident/forensic workflows.
Performed security and privacy governance using NIST controls, privacy risk assessments, data retention/deletion policies, data mapping, and GDPR/CCPA-aligned documentation and handbooks. Implemented security monitoring and DevSecOps-oriented controls including DLP/CASB, encryption/tokenization, vulnerability management, endpoint protection, SIEM support, and secure access/AAA using tools and secu
Security Project Governance Consultant
Computer Futures
Apr 2010 - Aug 2015 (5 years 4 months)
Centralized security governance for European sites and designed security policy programs across AWS/Azure with focus on IAM, encryption, and network controls. Built SOC capabilities, implemented Zero Trust and microsegmentation approaches, deployed security controls (including WAF and VPN architectures), and supported audits and security assessments using multiple security tools.
Cybersecurity Auditor
Randstad
May 2007 - Mar 2010 (2 years 10 months)
Helped establish and operate an IS Governance, Risk and Compliance committee, translating regulatory and contractual requirements into security policies, frameworks, and procedures. Led information assurance vulnerability management processes including POA&Ms and continuous scanning/remediation reporting, and supported security projects with SIEM/WAF integration and vulnerability assessment tools.
Managed NIST-aligned security governance including RMF/POA&M execution, security plans/directives, risk and business-impact analyses, and remediation milestones across locations. Supported compliance activities (PCI DSS self-assessments and ISO evidence audits) and implemented security engineering controls including ArcSight SIEM monitoring, DLP solutions, access control combinations, and analytic
Managed managed security services for banks in Spain, including implementation of anti-phishing solutions and perimeter defense management. Handled SLA governance and VIP customer support/escalations and worked hands-on with the Verisign Teraguard SIEM system.
Education
Degrees, certifications, and relevant coursework
Universitaet Madrid
Bachelor of Science (B.Sc.), Telekommunikationstechnik
1999 - 2003
B.Sc. in Telekommunikationstechnik at Universitaet Madrid from 1999 to 2003.
Tech stack
Software and tools used professionally
Postman
Splunk
BrowserStack
BeyondTrust
GitLab
SonarQube
Veracode
Kubernetes
Jenkins
CircleCI
Forcepoint
F5
DB
Dependabot
Lucidchart
Structurizr
Okta
Terraform
Azure DevOps
Jira
Splunk Enterprise
Loki
OpenTelemetry
Sysdig
Wireshark
Windows
Falco
Microsoft Office 365
Prisma
Mimecast
Checkmarx
Black Duck
Qualys
Zscaler
CrowdStrike
Palo Alto Networks
Blue Coat
Cisco Firepower
Ansible
Auth0
Varonis DatAdvantage
RSA NetWitness
ArcSight
Root Cause
Symantec DLP
Endgame
ServiceNow
AWS KMS
TestRail
BitSight
Burp Suite
Nmap
Metasploit
Trivy
Plane
Wiz
Syft & Grype
Invicti
Evidence
Anchore
Black
Imperva
Dependency-Track
Aqua Security
Checkov
Radius
Claroty
Prowler
Censys
Make
Wazuh
Matrix
Check
Helix
Drei
Jan
Matter
Netskope
Microsoft Purview
Saviynt
Grip Security
Falcon
Availability
Location
Authorized to work in
Job categories
Skills
Interested in hiring Enrique?
You can contact Enrique and 90k+ other talented remote workers on Himalayas.
Message EnriqueGet matched with your dream remote job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
