Ricardo Coronel Lemus, GRC/vCISO consultant and PECB trainer

Ricardo Coronel Lemus

Practising GRC / vCISO consultant · PECB Certified Trainer (CT6496)

20+ years protecting organisations in banking, payments and regulated sectors. I'm not an academy: I'm the professional who applies the standards I teach every single day.

Why I train

Over more than twenty years in cybersecurity and compliance, I've learned an uncomfortable truth: standards are easy to read and hard to implement. Anyone can recite what ISO 27001 or DORA requires. What really costs — and what separates someone who passes an exam from someone who is useful at work — is knowing how to build the governance, the controls and the evidence that hold up in front of a real auditor.

I've been on the other side: leading the implementation of DORA in a payments company, preparing PCI DSS certifications, driving NIS2, building continuity plans in banking. That's why, when I train, I don't teach theory: I pass on what works in real projects.

"Most academies sell content and leave you alone facing the exam. I support you until you're ready to certify — and, above all, to apply it."

I built Risk Resilience Security Group's training activity around a simple idea: that a professional should be able to get PECB-certified learning from someone who lives these standards every day, rather than in a purely theoretical setting. That's the whole difference.

Career

Today Senior Security Officer · vCISO / GRC

Cybersecurity governance, risk management (ISO 27005), compliance (ISO 27001, NIS2, DORA, GDPR, PCI DSS) and operational resilience for regulated organisations.

Banking and payments Business Information Security Officer (BISO)

Leading the implementation of DORA, PCI DSS certification processes, third-party risk management and business continuity in the payments and banking sector.

Consulting Security & Business Continuity Consultant

Strategic banking transformation projects in information security and continuity: risk analyses, BIA, continuity and recovery plans, security committees.

Education Executive MBA · ESSEC Business School & Mannheim

Computer Systems Engineer (networks and distributed systems), with executive education bridging the technical and the business perspective.

Trainer PECB Certified Trainer (CT6496)

Delivering official PECB training in cybersecurity, GRC and compliance. Trainer working with PECB partner training organisations, including Global Knowledge France, ACG Cybersecurity and PLB Consultant.

Certifications and accreditations

The expertise behind the training: the same certifications I teach, I live and apply.

PECB Certified TrainerCT6496 · DORA, GDPR, ISO 27005 (NIS2 in progress)
DORA Lead ManagerPECB
Data Protection Officer (DPO)PECB
ISO/IEC 27005 Lead Risk ManagerPECB
ISO 27001 Lead Auditor / Lead ImplementerISO/IEC 27001:2022
CISSP(ISC)²
CISM · CRISCISACA
CCISOEC-Council
PCI DSS - PCIPPCI Security Standards Council
PMPPMI
CCSKCloud Security Alliance
Executive MBAESSEC Business School

Trilingual and international

I train and work fluently in Spanish, English and French. My career has been spread across France, Spain and Mexico, which lets me support professionals and teams on both sides of the Atlantic and at the heart of European regulation.

🇬🇧 English 🇫🇷 French 🇪🇸 Spanish Europe · International · Latin America

Training and coaching are available in English, French and Spanish, whichever you prefer.

Shall we talk about your certification?

Tell me your professional goal and I'll personally point you to the best path. No commitment.