TVS Next - Consultant - IT Audit Compliance

Description:

Annual Policy Refresh:

- Review security policies and procedures for necessary changes from the internal and external factors.

- Publish the refreshed and approved content on the company's website.

Scrum meetings/sprint planning:

- Drive weekly sprint planning and retrospection meetings to process recurring security and compliance workflow needs.

Compliance Program:

- Create monthly/quarterly compliance tasks and assign to the appropriate process owners (via JIRA bulk tickets).

- Follow-up to secure evidence and validate for completeness and accuracy.

Vendor Management:

- Work with the Data center vendors and key Cloud/Operation vendors to obtain their security certificates/SIG Lite annually for compliance review and records.

- Update the compliance portal with the Third-partys security and compliance certs.

Customer Audits and Security Control Questionnaire:

- Review incoming customers security and compliance control questionnaires and update them with relevant evidence.

- Showcase various policies and supporting artifacts as asked during the audit, and provide necessary evidence for the follow-up request to close the audit.

Certification audit experience:

- Drive the ISO27001/SOC2/PCI security audits by coordinating with internal and external stakeholders, including auditors.

- Remediate post-audit findings by working with the process/control owners across the company.