Francisco is the Director of the Cyber Consulting team at MDR Cyber, the cyber practice at Mishcon de Reya. He has over 20 years' experience in advising clients on cyber security, data protection and resilience issues. His experience includes cyber security governance, risk management, cyber strategy, cloud security, technical security assessments and data privacy. He is a firm believer in cyber security as a business enabler that aligns with business goals and supports growth.
Francisco has experience across a wide range of sectors and organisations of all sizes and has been more recently focused on the Financial Services, Fintech, Professional Services and Media sectors.
Through a variety of consulting and audit roles he has helped organisations assess and manage cyber risks. He started his career working for a software house in the space sector. Other previous roles include security consulting services at a global software integrator and working for two of the Big Four accounting firms.
- Reviewing the cyber maturity, strategy and operating model of several organisations and advising on structure and future strategy.
- Assessing the ransomware readiness of a large UK pension provider.
- Reviewing the current PCI-DSS compliance and advising on improvements for a large UK service provider.
- ISO 27001 gap analysis and consulting support to several organisations on their path to become ISO 27001 accredited.
- Lead multiple security assessments for large UK/PT organisations.
- Data centre architecture and implementation and the security and communications infrastructure supporting the new Angolan identity card.
- Design and implementation of an intrusion prevention system for a large bank.
- Disaster recovery plan development for the Portuguese insurance regulator.
- Data centre physical and environmental risk assessments to financial institutions.
Cyber Consulting Director (non-lawyer), Mishcon de Reya LLP
Head of Cyber Security Services, Mazars LLP
Information Protection Manager, KPMG Portugal
Enterprise Risk Services Manager, Deloitte Portugal
Security Consultant, Unisys Portugal
(ISC)2 Certified Information Systems Security Professional (CISSP)
ISO 27001 Lead Auditor
ISACA Certified Information Security Manager (CISM)
ISACA Certified Information Systems Auditor (CISA)
ISACA Certified in Risk and Information Systems Control (CRISC)
Member of Information Systems Audit and Control Association (ISACA)
Member of International Information Systems Security Certification Consortium (ISC)2
Instituto Superior Técnico (IST) of Universidade Técnica de Lisboa (UTL), Computer Science Engineering