Descripción

Global Cybersecurity Leader | CISM | 11 Years Enterprise Expertise

Bridging the gap between high-scale operations and executive security governance.

I build and manage resilient security ecosystems for global organizations. From securing national telecom infrastructure for 80M+ users to orchestrating operations across North America, EMEA, and APAC, I protect critical assets while enabling business agility.

Strategic Value & Experience:

Global SecOps Governance: 11-year track record managing multi-continent operations with 24/7 "Follow-the-Sun" protection.

Critical Infrastructure Hardening: Expert in high-availability environments, including national-scale IT and global retail networks.

Policy & Process Engineering: I author the governance. Specialized in creating Information Security Policies (ISP) and audit-ready operational processes from the ground up.

Incident & DR Leadership: Expert in end-to-end Incident Management and Disaster Recovery (DR) orchestration for global business continuity.

CISM-Certified Strategy: I translate technical risks into business insights, aligning security roadmaps with ROI and international regulations.

Technical Expertise:

Frameworks: NIST CSF, ISO 27001, and Global Regulatory Standards.

Operations: Incident Response (IR), Threat & Vulnerability Management.

Network & Cloud: Zero Trust (Zscaler), Global Governance, and Cloud Security.

Tech Stack: CrowdStrike, SentinelOne, Splunk, MS Sentinel, and MFA Deployment.

"I provide the senior-level leadership and technical oversight needed to secure complex, multi-regional infrastructures in an evolving threat landscape."

Ámbito de especialización en el sector

Idiomas

Inglés
Bilingüe o nativo

Preferencias de lugar de trabajo

Solo teletrabajo

Lleva a cabo sus proyectos principalmente en remoto

Jollibee Group
Global Cybersecurity Manager
RESTAURACIÓN
agosto de 2024 - Hoy (1 año y 10 meses)
Full-Stack Security Management: Leading Global Security Operations for 3 major regions, maintaining high-availability for over [50,000] endpoints and cloud environments.

Crisis Response & Recovery: Managed the lifecycle of high-priority security incidents, from initial detection to Disaster Recovery execution and post-mortem hardening.

Regional Security Architect (NA): Acting as the primary security architect for the North American expansion, ensuring 100% alignment with local compliance and technical standards.

Active Threat Hunting: Developing and implementing advanced threat detection rules and monitoring strategies to neutralize risks before they impact the business.
Cybersecurity Security Architecture ISO 27001 Inteligencia de amenazas Security Governance
Jollibee Group North America
Information Security Manager
RESTAURACIÓN
octubre de 2023 - agosto de 2024 (10 meses)
Security Program Architecture: Designed and implemented the foundational security framework for the North American business unit, aligning local operations with global enterprise standards.

Tooling & Infrastructure Deployment: Spearheaded the selection and rollout of the regional security tech stack (EDR, MFA, Cloud Security), ensuring 100% visibility across the NA network.

Policy & Governance Framework: Authored and enforced the comprehensive Information Security Policy (ISP) library, covering data privacy, acceptable use, and access control for all US-based staff.

Network Governance: Established rigorous network security protocols and automated monitoring processes to ensure continuous compliance and threat mitigation.
Cybersecurity Operations Security Governance Policy Governance Security Architecture Security Risk Assessment
Cognizant
Global Senior Security Manager | BISO | TISO
noviembre de 2022 - agosto de 2023 (9 meses)
•Strategic Leadership:
Integrated Risk Management: Expert in aligning security architecture with business risk, ensuring every strategy supports core organizational goals and client expectations.

Security Function Design: Designed and governed large-scale security programs, bridging the gap between technical SecOps and corporate governance.

Data Privacy & Protection: Specialist in Data Leakage Prevention (DLP), secure data flow architecture, and advanced encryption strategies.

Infrastructure & Automation: Led complex implementations for security infrastructure, focusing on automated risk management and resilient operational workflows.

Compliance & Advocacy: Ensured 100% adherence to legal and regulatory requirements while facilitating regular assessments to eliminate non-compliance and contractual breaches.

Incident Management: Orchestrated high-pressure response strategies for large-scale, complex global programs.
Security Architecture GRC (Gobernanza, Riesgo y Cumplimiento) Análisis de riesgos y vulnerabilidades