Job Description

Job Summary –

(What is the job – role etc. min of 50-100 words)

Years of experience needed –

3-5 years

Technical Skills:

 To work as first point of contact for all Information Security & Compliance, Data Privacy, Business Continuity and Technology related requirements for the assigned vertical

 Oversee and manage security and compliance issues of process/account to adhere to the Mphasis (ISMS) & client requirements

 Coordinate development and implementation of the security assurance program at a project / Unit level.

 Implement corporate-wide training and communication programs to ensure that all employees and affiliated parties are educated on the Standards of Conduct and the Corporate Compliance Program.

 Coordinate with other departments and facilitate conduct of inquiries and/or investigations when deemed necessary.

 Perform reviews on audit controls and measurements and conduct Risk Assessments to ensure correct practices are established and adhered to.

 Facilitate internal/external audits to ensure nil/minimum non-compliance.

 Report at pre-defined intervals to the appropriate stakeholders on the status of compliance program.

 Respond appropriately to Business, Chief Risk Office – Investigations Team, if a violation or deviation is uncovered.

 Understand, establish, and monitor adherence to the Business Continuity Plan.

 Undertake and close the BCP testing activities in close coordination with the delivery SPOC/BCMS team.

 Proficiency in Stakeholder management and senior leadership communication/reporting

 Proficiency in Client engagement

 Establish value added analytics and initiatives within the function.

 Technically sound and proficient to identify and help remediate technical failures in coordination with internal stakeholders

 Self-driven with project management skills to lead internal projects and be the face for the function at an account / location level.





Certifications Needed:

 B.E. / Science Graduate / Masters-Information Security

 Advanced knowledge of Information Security Management System

 Minimum relevant work experience in the Information Security domain

 Experience in implementing, facilitating audits for ISO 27001:2005; SOC1 Type-2 (SSAE), PCI

 Knowledge of SOC- ITGC, HIPAA, Data Privacy (DPA, GDPR)

 Exposure to BCM / DR; SOC 2 requirements and control implementation strategies

 Preferred: Certified: ISO 27001:2005, ISO-22301, PCI-DSS, IT/Network – Security +, CCNA, PMP

 Desired: CISA / CISM / CISSP

 Proficiency with MS-Excel/VB/PowerPoint



About Mphasis

Mphasis applies next-generation technology to help enterprises transform businesses globally. Customer centricity is foundational to Mphasis and is reflected in the Mphasis’ Front2Back™ Transformation approach. Front2Back™ uses the exponential power of cloud and cognitive to provide hyper-personalized (C=X2C2TM=1) digital experience to clients and their end customers. Mphasis’ Service Transformation approach helps ‘shrink the core’ through the application of digital technologies across legacy environments within an enterprise, enabling businesses to stay ahead in a changing world. Mphasis’ core reference architectures and tools, speed and innovation with domain expertise and specialization are key to building strong relationships with marquee clients.