Spain’s public sector operates some of the country’s most critical digital environments. From national defense and emergency services to city councils and regional governments, government administrations manage sensitive citizen data, essential services, and infrastructure that must remain secure, resilient, and continuously available. The leaders below are shaping how cybersecurity is governed and executed across different layers of public administration, balancing strict regulatory requirements with real-world operational demands.
Jesus Ángel Ramírez Rodríguez — Chief Information Security Officer, Ministerio de Defensa Español
Jesús Ángel Ramírez Rodríguez serves as CISO within the Spanish Ministry of Defence, combining deep technical expertise with long-term public service experience. His background spans active cyber defense operations, vulnerability analysis, secure network deployment, and incident prevention across sensitive environments. In addition to operational security, he plays a key role in developing procedures, updating security documentation, and advising units through training and awareness initiatives, contributing to both technical resilience and organizational preparedness.
José Ángel Álvarez — Head of Cybersecurity Centre, Ayuntamiento de Madrid
José Ángel Álvarez leads the Cybersecurity Centre for the City of Madrid, bringing decades of experience in national and municipal cybersecurity. His work focuses on protecting one of Europe’s largest city administrations, where digital services support millions of citizens daily. Known for building and managing teams through example, he combines strategic leadership with a strong commitment to public-sector collaboration and community building within government cybersecurity.
David Esteban — Chief Information Security Officer, Barcelona City Council
David Esteban is the CISO of Barcelona City Council, with a career that bridges physical security, cybersecurity, and enterprise risk management. His experience includes leading ISO 27001 programs, managing incident response, and developing unified security strategies in large, complex organizations. Beyond his role in municipal government, he actively contributes to the wider security community through ISMS Forum leadership, reinforcing collaboration between public bodies, professionals, and researchers.
Tomás Gómez P. — Chief Information Security Officer, Gobierno de La Rioja
Tomás Gómez P. leads cybersecurity strategy for the Government of La Rioja, overseeing protection of critical systems and sensitive citizen information at the regional level. His responsibilities include security operations, detection and response teams, and business continuity planning. In parallel, he serves as Data Protection Officer for the regional public health system, where he has guided GDPR compliance and data protection strategy, particularly in highly sensitive healthcare environments.
Francesc Roca Tugas — Chief Information Security Officer, Ajuntament de Gavà
Francesc Roca Tugas combines the CISO role with responsibility for networks, systems, and IT infrastructure at the Gavà City Council. With a long career in public administration and deep technical expertise, he oversees cybersecurity alongside infrastructure modernization, systems administration, and network operations. This dual role enables a highly practical approach to security, embedding controls directly into day-to-day IT operations and municipal services.
Carlos García Batista — Chief Information Security Officer, Gobierno de Canarias
Carlos García Batista is CISO for the Directorate General of Emergencies within the Government of the Canary Islands. His role is defined under European and Spanish critical infrastructure regulations, positioning him as a key coordinator for cybersecurity in essential services. He is responsible for aligning technical and operational security with regulatory compliance, acting as a central point of contact for incident management, and protecting systems that support emergency response and public safety.
Securing the Digital Backbone of Public Services
Cybersecurity in government administration goes far beyond compliance. It is about protecting democratic institutions, safeguarding citizen trust, and ensuring continuity of essential services under all conditions. The leaders featured here represent a cross-section of Spain’s public-sector cybersecurity landscape, from national defense and emergency management to regional governments and city councils. Their work highlights the growing maturity, professionalism, and strategic importance of cybersecurity across public administration in Spain.