m
marciaga29

Michael A

@marciaga29

Senior Leader in GRC, Privacy, and Cyber Security and Information Risk

Philippines
English, Tagalog
About me
Experienced Senior Manager in GRC, Privacy, Cybersecurity, and IT with over a decade of experience supporting multinational companies, banks, and BPOs. Proven track record in building and enhancing enterprise GRC, privacy, risk, and compliance programs aligned with GDPR, ISO 27001, SOC 2, and NIST. Skilled in risk management, incident response, audit readiness, vendor risk, and operational resilience. Certified CIPP/E and ISC2 Certified in Cybersecurity (CC).... Read more

Skills

m
marciaga29
Michael A
Offline • 
Average response time: 1 hour

See my services

Data Governance & Protection
I will be your grc, privacy cybersecurity, risk compliance expert
From$35 / projectMore details

Work experience

Facebook

Senior GRC Manager

Facebook • Full-time

Jun 2024 - Nov 20251 yr 5 mos

ead strategic Governance, Risk & Compliance (GRC) initiatives across global operations. Manage and mentor a team of GRC, cybersecurity, and audit professionals across multiple geographies. Oversee cybersecurity, privacy, compliance, and operational risk management for large-scale enterprise environments. Develop and implement enterprise risk mitigation strategies and governance frameworks. Ensure compliance with GDPR, CCPA, ISO 27001, SOC 2, NIST, and other regulatory standards. Lead audit readiness, technical compliance reviews, and regulatory engagements. Conduct vendor security assessments and third-party risk management activities. Drive incident response, privacy breach management, and remediation initiatives. Partner with Legal, Engineering, Security, Product, and executive leadership teams on compliance and risk programs. Deliver executive-level risk reporting, governance dashboards, and board updates. Improve operational resilience through process optimization, workflow automation, and continuous improvement initiatives. Establish fraud detection, monitoring, and compliance control measures to reduce organizational risk.

EY

Senior Data Privacy and Protection Consultant

EY • Full-time

Aug 2022 - Sep 20231 yr 1 mo

Collaborated with Product Managers to analyze privacy metrics and mitigate risks in products and services. Managed internal controls for privacy legal frameworks and coordinated internal/external audits. Established guidelines for global legal obligations and managed privacy impact assessments and intake management while overseeing privacy training programs.