Information Security It Manager

Estrella Quintos

Phone# 401-***-****

Email: ********.*********@*****.***

OBJECTIVES

Dedicated Information Security professional with extensive experience in governance and compliance. Seeking to leverage expertise in developing and implementing security policies, conducting comprehensive audits, and ensuring adherence to industry regulations to enhance organizational security posture and achieve compliance objectives. EDUCATION

Angeles University Foundation

Mc Arthur Highway, Angeles City, Philippines

Master’s in Business Administration

Completed Comprehensive Written Examination

October 1999

Systems Plus College Foundation

Balibago, Angeles City, Pampanga, Philippines

Bachelor of Science in Computer Science

April 7, 1995

WORK EXPERIENCES

IT Manager

January 2012 – June 07, 2024

RMS Collect Philippines, Inc., An iQor Company

2F-4F BPO bldg. 1&2, SM City Clark, M.A. Roxas Highway, Malabanias, Angeles City, Philippines

Job Responsibilities:

• Develop, review, and maintain information security policies, standards, procedures and audit reports.

• Conduct risk assessments and gap analyses to identify vulnerabilities and areas for improvement.

• Ensure adherence to applicable regulations, including the Payment Card Industry Data Security Standard (PCI-DSS), HITRUST, and ISO 27001, while meeting industry standards and best practices.

• Lead and manage the company's annual SOC 1 Type 2 and SOC 2 Type 2 assessments.

• Lead and manage the company’s annual PCI DSS and HITRUST certifications.

• Responsible for setting the strategic goals and overseeing the execution of information and IT security audits. This involves regularly conducting audits to review and evaluate the effectiveness of security measures and implementing changes as needed to improve security.

• Implement governance frameworks related to information security to ensure alignment with business objectives.

• Provide guidance and support to business units on security best practices and compliance requirements as needed.

• Develop risk mitigation strategies and action plans to address identified risks.

• Collaborate with stakeholders to implement security controls and remediation measures.

• Assist in responding to audit findings and implementing corrective actions.

• Collaborate with IT and business units to address compliance-related issues and concerns.

• Coordinate with the company’s third-party auditing partner to conduct external audits and secure certifications.

• Collaborate with various clients, including first party and third-party, to conduct regular compliance inspections and quality checks.

• Support the team in collecting data and coordinating with various company stakeholders for the ISO 27001 and SOC2 Type 2 external audit and certification. Software Compliance Supervisor

January 2009 - January 2012

Job Responsibilities:

• Accountable for the section's operations in achieving the established KPIs.

• Compliance with local and internal IPR laws and adherence to software usage as outlined in the license agreement.

• Maintain a record-keeping system or inventory control of all company software.

• Carry out software installations and uninstallations as requested or follow a license audit.

• Conduct an immediate audit check

• Execute an annual software compliance audit for all company machines.

• Oversee team performance and provide assistance and supervision as needed. Skills

• Understanding of ISO 27001 for managing IT governance, risk management, and compliance

• Familiarity with relevant regulations and standards such PCI-DSS and Hitrust.

• Proficient in managing SOC 1 Type 2 and SOC 2 Type 2 audits.

• Ability to identify, assess, and mitigate risks, including cybersecurity threats and data security concerns.

• Skills in developing, implementing, and monitoring policies and procedures to ensure adherence to legal and regulatory requirements.

• Proficient in managing projects, including planning, execution, and monitoring, to ensure that IT initiatives comply with governance and compliance standards.

• Understanding of IT systems and infrastructure, and security technologies to assess and manage compliance and governance issues effectively.

• Strong verbal and written communication skills

• Skills in identifying issues, analyzing root causes, and developing solutions to address compliance and governance challenges.

• Ability to manage and adapt to changes in regulations, technology and organization needs ensuring governance and compliance practices evolve accordingly.

• Attention to detail

• Skills in leading and managing teams, providing guidance and support to ensure effective implementation of governance and compliance practices.

• Strong sense of ethics and integrity to ensure that all IT practices are conducted in a legal, ethical and transparent manner.

• Proficient in MS Office applications

REFERENCES

References Available Upon Request

Contact this candidate