Microland - Manager - Risk & Compliance

Responsible and Accountable for Compliance posture of Account

Plan and implement the Compliance and Security requirements

Able to understand and interpret the compliance and security requirements

Provide periodic updates on Compliance posture to Steering Committee and Client

Single point of contact for all Compliance requirements - Review and approve the SOPs

Work closely with the Corporate Support Functions to implement the Client requirements

Review the KPIs with the Compliance team members and suggest process changes

Provide pre-audit and post-audit support for both internal audits and external audits

Facilitate / Drive Root Cause Analysis (RCA), identification of corrective and preventive actions and follow-up for closure

Responsible & Accountable for ensuring smooth audit, security and compliance functions - Liaison between parent organization IT team and client IT Risk team/PMO

Maintain and monitor IT Security Metrics for Account

Ensures tracking of assets allocated to the Account

Ensures incidents are tracked and report to client appropriately and take required actions

Obtain technical vulnerability assessment and software license agreement approval for Freeware / Open Source software required for Service Delivery

Ensures tracking of the software utilization within Account

Perform Annual Risk Reviews & Update status of Risks to the management

Compliance and Security Lead will assume responsibilities for risk, compliance and regulatory activities within an account.

The candidate must have a firm understanding of Account risk and compliance standards, policies, tools and technology to nurture, motivate, and retain a strong bench of risk, security and compliance skills and talent. The candidate must also be able to passionately communicate about risk, compliance and security innovation, and delivery excellence to multiple levels of management including external clients as required.

Lead different kinds of Compliance & Audit testing, deep dives, reviews and activities

Lead Compliance related Projects & Initiatives as assigned

Ensure the account remains green on Issues, Patches, Security Health Checks, User ID primary / secondary controls and driving these items before they become overdue

Provide early warnings on potential non-compliances

Review/Verify the health of critical processes such as Health check, Patch Management, User id & Shared ID management

Do gap analysis and drive action plans to ensure the account is compliant and audit ready

Engage and take ownership for implementation of global initiatives in the controls / compliance areas and ensure that the initiatives are implemented on time

Conduct compliance education / awareness programs for delivery teams on a periodic basis or as per delivery teams requirement

Ensures Business continuity requirements of the client are met Qualifications

Have a good understanding of Industry Best Practices & Regulatory Requirements; ISO27001, ISO20000, Cobit, PCI, etc

Have experience and be knowledgeable in Reporting, PowerPoint and Excel

Knowledge and preferred experience on security policy and implementation

Relevant IT Security Certifications (CISA, CISM, CISSP, ISO27001 LA, ISO22301 LA, ISO2000 LA & Cobit Etc.) preferred