Today at Inprosec Human Capital we introduce you to Ana Sofía Castañeda, Information Security consultant of the Inprosec team.
What is your function within Inprosec?
I am an information security consultant, I participate in all kinds of projects within the IS department. I mainly carry out information security audits for companies based on the ISO 27001 standard. Within strategic security, I have also been involved in other projects such as business continuity plans.
On the other hand, I also participate in personal data protection consulting, performing adaptations and audits based on the General Data Protection Regulation and the Organic Law.
Also, internally, part of my time is dedicated to the maintenance and improvement of Inprosec’s Information Security Management System and I also dedicate it to legal issues, as I provide advice and support to other departments.
What would you highlight about your role in the company?
What I would highlight most in my functions is the relationships with the different types of clients and projects, since everything is a continuous learning process and all projects are different.
What has Inprosec meant to your professional career?
Working at Inprosec has meant a lot in my professional career since I have been with the organization for more than a year and they have given me the opportunity to develop as a consultant in various areas of information security. I consider it a pride to be part of the Inprosec team, as well as to help it grow.
How do you manage to reconcile your personal and professional life?
Inprosec offers many possibilities to reconcile both personal and professional life, so I have not encountered any obstacles. In addition, the flexible working hours offered by Inprosec allow me to achieve both my personal and professional goals.
Tell us an anecdote that has caught your attention at some stage in Inprosec.
Shortly after completing an Inprosec training on security, I received suspicious messages from a bank saying that they had seen unusual movements in my account (clearly it was smishing) so I started to think that I had not given the importance to this issue and that surely if it had been another time, I would have clicked on the link that appeared in the text message.
What do you value most about working for a company like Inprosec?
Apart from what I mentioned before about the flexible hours, I also value the opportunity that Inprosec gives us to keep training continuously and to be better every day.
I also value the work environment because at the end of the day we spend many hours with our co-workers and it is important to have a relationship with them and so far I have met very good people.
As an employee of a company that specializes in cybersecurity, what is your advice to any entrepreneur who is starting out with respect to their systems?
My advice is that, to start working on it, you don’t need to be a medium-sized company, but in this matter you need to start building your house from the ground up. Information leaks/cyber-attacks” are the order of the day and any problem can cause you to lose customers or have significant financial losses that could have been avoided or mitigated by implementing security measures or raising employee awareness of cybersecurity.
Often the actions taken that prevent problems from arising are not sufficiently valued, we only value actions when there has already been a problem and that money can be quantifiable, that is why preventive measures are so important.
What are your hobbies at the end of the working day?
I really enjoy traveling, going out with my friends and watching series. In the summer I like to go to the beach. I also usually go to the gym at the end of the workday, although I have to say that many times I prefer to stay in and watch movies or series rather than go.
Who do you “nominate” to interview next and why?
Yoel Rodriguez because from his point of view of Marketing and Finance he can contribute a lot.