Senior Analyst
Job Description
Job Summary -
(What is the job - role etc. min of 50-100 words)
Years of experience needed -
3-5 years
Technical Skills:
To work as first point of contact for all Information Security & Compliance, Data Privacy, Business Continuity and Technology related requirements for the assigned vertical
Oversee and manage security and compliance issues of process/account to adhere to the Mphasis (ISMS) & client requirements
Coordinate development and implementation of the security assurance program at a project / Unit level.
Implement corporate-wide training and communication programs to ensure that all employees and affiliated parties are educated on the Standards of Conduct and the Corporate Compliance Program.
Coordinate with other departments and facilitate conduct of inquiries and/or investigations when deemed necessary.
Perform reviews on audit controls and measurements and conduct Risk Assessments to ensure correct practices are established and adhered to.
Facilitate internal/external audits to ensure nil/minimum non-compliance.
Report at pre-defined intervals to the appropriate stakeholders on the status of compliance program.
Respond appropriately to Business, Chief Risk Office - Investigations Team, if a violation or deviation is uncovered.
Understand, establish, and monitor adherence to the Business Continuity Plan.
Undertake and close the BCP testing activities in close coordination with the delivery SPOC/BCMS team.
Proficiency in Stakeholder management and senior leadership communication/reporting
Proficiency in Client engagement
Establish value added analytics and initiatives within the function.
Technically sound and proficient to identify and help remediate technical failures in coordination with internal stakeholders
Self-driven with project management skills to lead internal projects and be the face for the function at an account / location level. Certifications Needed:
B.E. / Science Graduate / Masters-Information Security
Advanced knowledge of Information Security Management System
Minimum relevant work experience in the Information Security domain
Experience in implementing, facilitating audits for ISO 27001:2005; SOC1 Type-2 (SSAE), PCI
Knowledge of SOC- ITGC, HIPAA, Data Privacy (DPA, GDPR)
Exposure to BCM / DR; SOC 2 requirements and control implementation strategies
Preferred: Certified: ISO 27001:2005, ISO-22301, PCI-DSS, IT/Network - Security +, CCNA, PMP
Desired: CISA / CISM / CISSP
Proficiency with MS-Excel/VB/PowerPoint About Mphasis
Mphasis applies next-generation technology to help enterprises transform businesses globally. Customer centricity is foundational to Mphasis and is reflected in the Mphasis' Front2Back Transformation approach. Front2Back uses the exponential power of cloud and cognitive to provide hyper-personalized (C=X2C2TM=1) digital experience to clients and their end customers. Mphasis' Service Transformation approach helps 'shrink the core' through the application of digital technologies across legacy environments within an enterprise, enabling businesses to stay ahead in a changing world. Mphasis' core reference architectures and tools, speed and innovation with domain expertise and specialization are key to building strong relationships with marquee clients.
