À propos de Jordi
GRC Senior Consultant & Project Manager: I ground regulations into operational reality.
I'm Jordi, a Senior OT Cybersecurity Consultant and PMO with over 18 years of experience bridging the gap between IT infrastructure and industrial OT infra. My mission is to transform theoretical security into operational reality on the plant floor. By speaking the language of both IT and OT operations, I help organizations seamlessly integrate corporate security standards like ISO 27001 and NIS2 with specialized industrial frameworks like IEC 62443, ensuring robust protection across the entire converged environment.
Espagnol
Bilingue ou natif
Catalan
Bilingue ou natif
Anglais
Capacité professionnelle complète
Accepte de travailler sur site
Barcelona (jusqu’à 50 km)
Expériences
- JG OT Cyber ConsultingSenior Cybersecurity OT GRC ConsultantENERGIEjanvier 2026 - Aujourd'hui (5 mois)I provide specialised technical and strategic consulting services focused on securing critical environments and industrial infrastructures (OT/ICS). My approach combines more than 18 years of hands-on experience in industrial instrumentation and control with a solid specialisation in cybersecurity applied to high‑criticality sectors (Nuclear, Railway, Pharmaceutical, and Logistics).Services and areas of expertise:
- OT Governance and Compliance: Definition of security policies and control frameworks based on IEC 62443 and NIST SP 800‑82. Certified ISO 27001 Lead Auditor.
- Asset Management and Visibility (NIDS): Technical consulting for the deployment of industrial network visibility infrastructure, with a focus on Nozomi Networks for asset discovery and network monitoring.
- OT Vulnerability Management: Design and implementation of the OT vulnerability lifecycle in plants, prioritising risks according to their impact on process availability and safety.
- Secure Network Architecture: Design of IT/OT network segmentation using zone and conduit models, implementation of industrial DMZs and secure remote‑access solutions.
- Industrial Risk Analysis: Execution of technical and functional risk assessments to identify security gaps affecting SCADA, PLC and DCS systems.
Industry focus:Oil & Gas, Nuclear, Pharma, Railway, Logística y Automatización Industrial. - AG SolutionCybersecurity OT EngineerCHIMIEavril 2025 - décembre 2025 (8 mois)Led OT security assessments across 3–5 manufacturing plants in Spain as part of a large-scale security architecture implementation project for a multinational client. Worked within a team of 5 OT Cybersecurity & GRC specialists, focused on critical infrastructure protection.
- Conducted end-to-end OT security assessments, identifying and prioritizing critical vulnerabilities across industrial environments.
- Designed and implemented a new security architecture aligned with IEC 62443 standards and the Purdue Model, ensuring compliance with global security guidelines.
- Defined remediation roadmaps and segmentation strategies in coordination with migration and infrastructure teams.
- Supported the transition from legacy OT environments to hardened, segmented architectures following multinational GRC guidelines.
Key skills: OT Security · IEC 62443 · Purdue Model · GRC · Critical Infrastructure · Vulnerability Assessment · Security Architecture · Industrial Cybersecurity · SCADA/ICS - IZERTISCybersecurity OT Engineer | Crit. Infra. Nuclear SectorENERGIEfévrier 2024 - avril 2025 (1 an et 2 mois)Responsible for ICS vulnerability management within a nuclear critical infrastructure environment, significantly strengthening the security posture of production OT systems.
- Led vulnerability management activities across ICS/OT environments, increasing the number of analyzed and managed CVEs by 300%.
- Prioritized and remediated critical vulnerabilities, achieving an estimated 87% risk reduction across OT assets.
- Implemented new OT assets in full compliance with internal cybersecurity requirements and nuclear sector regulations, ensuring secure configuration, hardening, and baseline alignment.
- Managed change control processes and system updates within live production environments, ensuring operational continuity and regulatory compliance.
- Collaborated closely with operations, engineering, and GRC teams to balance security requirements with plant availability and safety constraints.
Key skills: ICS Security · Vulnerability Management · CVE Analysis · Risk Reduction · Nuclear Infrastructure · OT Hardening · Secure Configuration · Critical Infrastructure · Change Management · Regulatory Compliance
Recommandations
Soyez le premier à recommander Jordi
Contribuez à la réussite de ce freelance en partageant votre expérience de collaboration avec lui.
Ces profils de freelance correspondent également à vos critères
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Formations
- CP3 Computer Security (500h)Ironhack2024CP3 Computer Security (500h)
- Higher Technician in Industrial Automation and Robotics2017Higher Technician in Industrial Automation and Robotics