Job Description

DesignationMANAGERNo. of Positions1Experience4.5-8 YearsSkill (Primary)Information Security-GRC-Regulatory Compliance ManagementQualificationB-Tech (Posting).Off-Shore Compliance TeamLocation Position Overview: This position is responsible for InfoSec endeavor for the account. The role would involve in performing activities in support of creating and maintaining PCI, SOX, SOC2, ISO 27001, or other similar standards, technical architecture review, ensuring resiliency and redundancy is built in the architecture to the engagement s requirement, Business Continuity and other contractual compliance obligations. This position is responsible for ensuring documentation of compliance and security related Policy, process, guidelines, standards for compliance to the requirement of. The requirement of the role would encompass around:1. Effectively lead the seamless implementation of contractual compliance requirements in the OMC setup and delivery model including HIPPA, SOX, Privacy and InfoSec controls.2. Lead, review and guide the development of InfoSec related policy (ies) and supporting process, guidelines, standards to ensure execution of policy framework3. High level understanding of technology enablers for implementation of Network Security like IDS, IPS, Proxy, Web Proxy, Firewall, Database, various flavor of Operating Systems, and other servers, etc.4. Adept in guiding the development, review of Secure Configuration Documentation/Standards for varied technology bouquet in the HCL service offerings.5. Development of templates for capturing the transactions for abidance6. Plan and ensure conducting of compliance audits, reviews and reconciliation as part of compliance abidance.7. Creation of Business Continuity and Disaster Recover (BC/DR), Risk Assessment (RA) framework and ensure execution of further process in abidance to such frameworks.8. Participates in Corrective and Preventive Action (CAPA), Maintains quality metrics.9. Participates in Security Incidence investigation and reporting.10. Develop and records KRAs and KPIs for ensuring process effectiveness measurement, as needed.11. Utilization of various meaningful inputs for updating and presenting Management Dashboards.12. Participate in HCL and Client management reviews13. Resourcing Compliance14. Internal audits on varied security controlsDesired skills / certifications / training1. 4 -8 years experience in Compliance, Quality and Information Security with exposure to Medical/Pharma Industry.2. Desirable to have Industry approved Certifications like ISO 27001 (Lead Auditor), CISA, CISM, ITIL v3, certifications in BCP and DR.3. Understanding and experience of development and implementation of Policy framework in complex organizations. 4. Strong knowledge of developing BCP/DR framework.5. Strong knowledge of developing RA framework for enterprise RA.6. Exposure to Vulnerability assessment and application (1.) To independently resolve tickets and esnure that the agreed SLA of ticket volume and time are met for the team. (2.) To provide support for on call escalations orL3 level support and doing incident and problem management (3.) Work on value adding activities such Knowledge base update and management, Training freshers, coaching analysts and conducting interviewsorparticipation in hiring drives. (4.) To adhere to quality standards, regulatory requirements and company policies (5.) To ensure positive customer experience and CSAT through First Call Resolution and minimum rejected resolutions or Reopen Cases (6.) To participate or contribute on EN business in creation of proposals to drive Service improvement plans.

HCLTech