Summary
Overview
Work History
Education
Skills
Additional Information
Certification
Timeline
Minamin Marcelo

Minamin Marcelo

IT Compliance Officer
Rodriguez

Summary

Detail-oriented IT Compliance Officer dedicated to improving policies and procedures in all business areas. Hardworking and driven with quality-focused and proactive approach. Bringing 12 years of experience in Information Technology.

Overview

16
16
years of professional experience
4
4
Certifications

Work History

IT Compliance Officer

iSupport Worldwide
04.2025 - 02.2026
  • Lead the planning, execution, and maintenance of compliance initiatives for PCI DSS, SOC 2, and HIPAA.
  • Maintain and update the Risk Registry with current threats, vulnerabilities, and remediation status.
  • Develop and monitor risk mitigation plans in coordination with the Infrastructure, DevOps, and Helpdesk teams.
  • Assisted with internal and external audits to confirm compliance with applicable laws and regulations.
  • Maintain all security and compliance-related documentation.
  • Own the Knowledgebase repository for IT Security and Compliance, ensuring that all stakeholders have access to updated and well-documented procedures.
  • Ensure that documentation is version-controlled and aligned with audit requirements.
  • Oversee and report on the implementation of security controls, incident responses, and compliance status.
  • Assist with Vulnerability Assessment and Penetration Testing (VAPT) projects.
  • Support the IT onboarding/offboarding compliance process for employees and contractors.
  • Developed comprehensive training programs to increase employee awareness of compliance requirements and expectations.
  • Collaborated with cross-functional teams to address compliance concerns, fostering a culture of shared responsibility.
  • Designed risk assessment frameworks to evaluate organizational vulnerabilities and prioritize areas requiring attention.
  • Enhanced regulatory compliance by auditing and revising company policies and procedures.
  • Developed risk assessment models to identify potential compliance risks.
  • Identified gaps in existing compliance processes and recommended updates.

IT Compliance Analyst

Computer Professionals Inc. (Allianz PNBLife)
05.2024 - 12.2024
  • Facilitate the audit and assessment conduct for internal and external auditors/assessors.
  • Evaluate and analyze any audit findings and work with stakeholders to plan remediation activities.
  • Identify and report control nonconformities that affect strategic compliance objectives and make recommendations to stakeholders, aimed to reduce the likelihood of system failure.
  • Participates in audit conducts to ensure IT Compliance.
  • Communicate audit findings to stakeholders to ensure compliance and adherence to standards.
  • Assess, validate, document and support the implementation of internal controls as part of ongoing compliance efforts (Internal/External/Regional/Security Audit).
  • Assist the compliance team with reviewing and tracking outstanding information security findings and remediations, especially as they relate to policy, procedures, and risk gaps.
  • Participate in making recommendations to ensure effective and consistent control implementations and testing procedures to achieve Continuous Monitoring and Continuous Audit capabilities.

IT Quality Assurance Lead

DITO Telecommunity
10.2021 - 03.2022
  • Responsible for developing, implementing, and managing test plans and test strategy.
  • Reviews and re-evaluates the test strategy to adjust for new information, changing risks, priorities, and schedules.
  • Assess the services/products to ensure quality standards are met.
  • Coordinate with the team tasks and plans for testing in coordination with team leaders/managers.
  • Assist in formulating QA standards and best practices, policies, processes, and strategic plans.
  • Assist management in setting the direction for quality assurance within the IT Group.
  • Ensure the team are coordinated with the timelines, project scopes, and objectives.

IT Risks, Standards, and Policies Lead

St. Luke’s Medical Center (BGC)
05.2021 - 10.2021
  • Provide regular reporting on the status of the IT risks to enterprise risk teams and senior business leaders.
  • Lead IT standards and policies/quality procedures activities. In relation to Joint Commission International Accreditation, I have worked with Quality Management department in setting improved performance and outcomes.
  • Liaise with relevant stakeholders outside of the Information Technology organization. Including but not limited to internal auditors, process owners, and all levels of management.
  • Ensure that deliverables related to risk, standards & policies, and audit from IT are submitted on time to the appropriate stakeholders.
  • Lead cadence meetings within IT to address concerns related to risk, standards & policies, and audit.
  • Lead project/s within the IT organization when needed.

IT Quality Analyst

St. Luke’s Medical Center (QC)
04.2017 - 07.2020
  • Implement IT controls and new policies as required.
  • Liaise with relevant stakeholders outside of the Information Technology organization. Including but not limited to internal auditors, process owners, and all levels of management.
  • Develop, update, and review quality procedures in compliance with the IT policies as the Quality Documentation Control Officer for the entire IT Department of St. Luke’s Medical Center.
  • Ensure that the processes and practices are identical with industry standards such as COBIT framework and ISO27001 standard.
  • Provide the assistance in identifying and monitoring potential risks in the overall performance of IT Group as Risk Champion seconder.
  • Coordinate and organize requests by monitoring and preparing the project timeline and resources for St. Luke’s Medical Center-College of Medicine.
  • Review, manage, and monitor IT projects as an interim Project Management Officer.
  • Initiated the Vendor selection phase for ISO27001 certification and planned and coordinated the gap assessment activity with the selected vendor.

SQA Specialist

SLI (St. Luke’s Medical Center)
02.2015 - 03.2017
  • Create test cases based on the given specifications and business requirements.
  • Analyze system/applications being developed with System Architects and Project Managers.
  • Assess, document, validate, and communicate software defects found across various system applications such as Healthcare System, EHub, and Corporate HMO.
  • Revise test cases with new test scenarios according to the given new features/enhancements.
  • Perform testing such as End-to-End, Regression, and Full Cycle Testing.
  • Create and execute test scripts for Automation Testing using Ruby and Selenium RC.

SQA Analyst

Icomteq Solutions Inc.
05.2013 - 08.2014
  • Analyze software requirements and all related project documents.
  • Participate in Project Meetings, Sprint Demos, and Sprint Retrospective and uses Leadership, Analytical, and Problem-Solving Skills to contribute to the quality of a product.
  • Communicate effectively, documents, and validates software defects across departments.
  • Create table queries to collect and analyze data as back-end testing for data integrity and validating business rules.
  • Perform different types of testing including but not limited to the following: stress, regression, functional, and smoke testing.
  • Review requirements, design documents, and creates Test Plans, Test Scenarios, Test Cases, and Test Matrices to validate business logic and software functions.

Programmer Analyst

SLI (BDO Unibank Inc.)
04.2012 - 05.2013
  • Design and create reports based on the provided technical specifications.
  • Plan, execute, and monitor the SIT phase to ensure product quality.
  • Update and review the reports that are currently in the production.
  • Investigates user complaints and non-conformance issues.
  • Trains end-users on how-to’s and know-hows and other related activities when using the system deployed by the team.
  • Review and analyze unnecessary/redundant test scenarios from the test cases given by the QA team.

IT Instructor

STI College Muñoz-EDSA
06.2010 - 03.2012
  • Teach subjects such as Systems Analysis and Design, Project Management, Software Engineering, Data Structures and Algorithm, and other programming subjects.
  • Check the students’ project documentation and scheduling of students’ project presentations.
  • Assign faculty members to facilitate the project debriefing.

Education

Master of Science - Information Technology

Technological University of the Philippines
03.2011

Bachelor of Science - Information Technology

STI College Muñoz-EDSA
05.2010

Skills

Compliance monitoring

Risk Management

Internal Controls

Auditing Processes

Policy analysis

Data Privacy

Internal Audits

Compliance Procedures

Policy Design

Policy Enforcement

Additional Information

  • Age: 35 years old
  • Status: Married
  • Birthday: May 10, 1990
  • Languages: English, Tagalog

Certification

Foundations of Project Management Certification, GOOGLE, MARCH 2022

Timeline

IT Compliance Officer - iSupport Worldwide
04.2025 - 02.2026
IT Compliance Analyst - Computer Professionals Inc. (Allianz PNBLife)
05.2024 - 12.2024
IT Quality Assurance Lead - DITO Telecommunity
10.2021 - 03.2022
IT Risks, Standards, and Policies Lead - St. Luke’s Medical Center (BGC)
05.2021 - 10.2021
IT Quality Analyst - St. Luke’s Medical Center (QC)
04.2017 - 07.2020
SQA Specialist - SLI (St. Luke’s Medical Center)
02.2015 - 03.2017
SQA Analyst - Icomteq Solutions Inc.
05.2013 - 08.2014
Programmer Analyst - SLI (BDO Unibank Inc.)
04.2012 - 05.2013
IT Instructor - STI College Muñoz-EDSA
06.2010 - 03.2012
STI College Muñoz-EDSA - Bachelor of Science, Information Technology
Technological University of the Philippines - Master of Science, Information Technology

Similar Profiles

CREATE PROFILE
Minamin MarceloIT Compliance Officer