Senior Analyst

Job Summary

• To work as first point of contact for all Information Security & Compliance, Data Privacy, Business Continuity and Technology related requirements for the assigned vertical
• Oversee and manage security and compliance issues of process/account to adhere to the Mphasis (ISMS) & client requirements
• Coordinate development and implementation of the security assurance program at a project / Unit level.
• Implement corporate-wide training and communication programs to ensure that all employees and affiliated parties are educated on the Standards of Conduct and the Corporate Compliance Program.
• Coordinate with other departments and facilitate conduct of inquiries and/or investigations when deemed necessary.
• Perform reviews on audit controls and measurements and conduct Risk Assessments to ensure correct practices are established and adhered to.
• Facilitate internal/external audits to ensure nil/minimum non-compliance.
• Report at pre-defined intervals to the appropriate stakeholders on the status of compliance program.
• Respond appropriately to Business, Chief Risk Office - Investigations Team, if a violation or deviation is uncovered.
• Understand, establish, and monitor adherence to the Business Continuity Plan.
• Undertake and close the BCP testing activities in close coordination with the delivery SPOC/BCMS team.
• Proficiency in Stakeholder management and senior leadership communication/reporting
• Proficiency in Client engagement
• Establish value added analytics and initiatives within the function.
• Technically sound and proficient to identify and help remediate technical failures in coordination with internal stakeholders
• Self-driven with project management skills to lead internal projects and be the face for the function at an account / location level.

Qualification / Education Requirements; Competencies:

• B.E. / Science Graduate / Masters-Information Security
• Advanced knowledge of Information Security Management System
• Minimum relevant work experience in the Information Security domain
• Experience in implementing, facilitating audits for ISO 27001:2005; SOC1 Type-2 (SSAE), PCI
• Knowledge of SOC- ITGC, HIPAA, Data Privacy (DPA, GDPR)
• Exposure to BCM / DR; SOC 2 requirements and control implementation strategies
• Preferred: Certified: ISO 27001:2005, ISO-22301, PCI-DSS, IT/Network - Security +, CCNA, PMP
• Desired: CISA / CISM / CISSP
• Proficiency with MS-Excel/VB/PowerPoint