Job Description

Responsibilities:
Primary Responsibilities: * Tracking all the policy process documents are up to date as per standard requirement. [e.g. Annual review of ISMS, ITSM & SOPs]

• Amend the policy process documents along with necessary version updates whenever required
• Interview and monitor the process effectiveness with internal team members periodically and ensure compliance is meeting standard requirements.
• Track & update the training dashboard, attendance records and assessment records at the SharePoint
• Collect and store the documented evidence at central SharePoint folder regularly at least monthly [e.g. to fulfill the SOC1, SOC2 & PCI DSS control requirements]
• Coordinate with team members and ensure the KPI metrics for ISMS & ITSM are updated periodically. Test the data points for sample controls.
• Review and respond to the RFPs against the compliance requirements and arrange supporting documents
• Maintain the statutory compliance legal register up to date. Alert team to initiate process 120 days in advance.
• Maintain the certificate tracker up to date and share it if a request comes from sales marketing or other internal stakeholders.
• Coordinate with onboarded third party consultants and extend support towards the understanding of on ground practices.
• Coordinate customer audits and ensure customer audits are in line with agreed terms & services provided.
• Coordinate with group level audits and collaborate with auditees to ensure the audit completes successfully.
• Coordinate third party external audits in arranging travel, accommodations, auditee details & audit venue etc.
• Ensure the audit findings are agreed by the stakeholders before publishing
• Ensure the audit reports are tracked down and closed before the expected closure date.
• Create the inputs to MIS report for fortnightly and monthly review with management on timely basis

• Education: Bachelor's degree in information technology, Computer Science, or a related field. Advanced degree or certifications (e.g., Lead Auditor in ISO27001 & ISO20000, and added advantage if certified in CISA, CISM, CISSP) preferred.
• Experience: Minimum of 5 years of experience in governance, risk management, and compliance within data center or IT services.
• Skills: Strong understanding of regulatory requirements, risk management principles, and data security best practices. Excellent analytical, communication, and leadership skills.
• Experience with data governance tools and technologies
• Knowledge of data center infrastructure and operations.
• Ability to work in a fast-paced, dynamic environment.