Senior IT Security and Privacy ManagerTDCXJanuary 2020 to Present
– The Security and Privacy Directly Responsible Individual (DRI) manage and implements security requirements and standards. A Security and Privacy DRI must be a champion and ambassador of security activities and philosophies.
– Security and Privacy DRI must read, understand, and implement the responsibilities and measures provided by
– Security and Privacy DRI is a dedicated security role for the client and must have sufficient seniority and
expertise to close findings and corrective actions in a timely manner.
Security and Privacy DRI must be supported by a cross-functional business team composed of staff members
within site management, physical security and IT security. Security and Privacy DRI must keep a current list of
local and corporate/client members.
– Security and Privacy DRI must provide to the client the documentation of all policies, procedures, and protocols
used to fulfill the responsibilities and Measures described in the client security policies.
– Security and Privacy DRI must be responsive, by responding to the client in less than 24 hours from initial
Account Security OfficerDXC TechnologyDecember 2017 to January 2020
– Assist on Compliance, quality, and optimization
– Creation, implementation, and optimization of security governance processes, practices and standards specific to ENTSERV services in scope
– Relationship management between ENTSERV and DXC client, also overseeing any ENTSERV’s in-scope third party services.
– Manage IT Security projects until it is completed and accepted
– Oversee IT Security operations and ensure that business systems are accessible 24×7 and delivered in a
Information Security ConsultantGlobeMarch 2017 to December 2017
– Identifies high-risk security issues and recommends the appropriate solutions to eliminate or mitigate these before services are promoted to production to minimize revenue loss/leakage and for brand protection.
– Conducts review sessions with Security SPOCs of Enterprise Technology Groups (NTG, ISG, IG, EG, Digital Media, Prodman, GXI)
– Conducts periodic Logical Access Review (LAR) on all critical production systems clean up systems/applications of all expired/dormant accounts, as well as user access belonging to resigned employees
– Ensures that all users defined in Globe applications/systems are authorized and active, and assigned with correct access rights per user profile
– Review of proper user account profile assignments that reflect user’s currently performed function
Information Security ConsultantVerizon Communications IncorporationJune 2014 to January 2017
– Responsible for the operations and administration of the organization’s information security activities including systems and data security, disaster recovery, and archiving
– Responsibilities include developing, implementing, and communicating information security standards, policies, procedures, and tests
– Provides technical and/or analytical support to solve a wide range of complex issues/problems. Periodically
makes recommendations that aid in the successful completion of projects within a product or functional area; works with limited supervision; typically reports to Supervisor or on occasion Manager
– Manage, coordinate and track mitigation to ensure appropriate progress within recommended time frame
Quality Analyst Oversight Team LeadCitibankSeptember 2012 to June 2014
– Perform the process control compliance activities for the global security devices
– Log Review and confirmation that all GSO-managed devices are reporting and escalate to any inconsistency reported
– Raising compliance issues on deficiencies and performance to the relevant teams and/or team managers, and
the action plans to resolution Interact with the Global teams to manage the timely execution and completion of compliance activities and remediation tasks
BSBA EconomicsDe La Salle University - Dasmariñas2004 – 2007