Quality and Risk Management

The person will be part of the “Quality and Risk Management” team of Infosys McCamish. The person has to co-ordinate with IT / Business Operations, Corporate and Client Stakeholders to implement all necessary Risk and Information security best practices, ensuring compliance to organization policies and procedures, and client requirements with respect to products, platforms, Business Services at all Infosys McCamish locations across the globe.Responsibilities may include but are not limited to:Risk Assessment and Security Controls implementationConduct Risk Assessment and help stakeholders in closing the assessment gapsImplementation of Infosec controls, testing of evidences, and reporting, across IT development and Business OperationsWorking knowledge on Secure Software Development Life Cycle (SSDLC) and Secure Release ManagementDefine and implement policies and procedures with respect to Risk / Information security, Business Continuity and Data Privacy.Co-ordinate with internal stakeholders to get the right information and publish metrics, status reports and initiatives dashboard to all internal and external stakeholders.Review client contracts and provide right inputs for decision making, map organization controls, track and ensure contractual compliance.Implementation knowledge of Information Security, Business Continuity, Data Privacy, Cloud Security Management System standards like ISO , ISO , ISO , ISO , ISO , NIST, CISA, SOC 1, SOC 2 etc. is preferable. AuditsAuditing Suppliers / Vendors periodically in terms of their compliance to Information security standards as per MSA/contract.Auditing the IT infrastructure components, say, servers, networks, applications (both internal and third party), scanning the vulnerabilities, define appropriate controls and certify them to use it in our business.Conduct Internal Information Security Audits, Risk Audits and Compliance Audits and work with the teams to ensure closure of Audit findings.Facilitate external audits with certifying bodies and ensure certification / Recertification (ISO , SSAE 18 – SOC1, SOC2, etc.,)Facilitate Client audits, responses to Client questionnaires, create and demonstrate audit evidences, artifacts and documentation on Information security controls by coordinating with all internal / client stakeholders. Handling Security Incidents, Audit Non-conformities, Process deviations and Complaints pertaining to Risk / Information Security and ensure that the process owners are defining and implementing the relevant corrective / preventive actions and close the same. Change Management / Process Improvements / Quality Assurance Define and implement change initiatives in the areas of Risk / Information Security, Business Continuity and Data Privacy to meet organizational goals.Identify continuous process improvement opportunities, define and implement best practices, and drive an improvement culture across the organization.Knowledge on Quality Assurance processes, creating Standard Operating Procedures / templates / records is preferable. Soft skillsProfessional working proficiency in English is a must.Working knowledge on MS-Office productivity tools or equivalent is a must.Knowledge on using AI tools is preferred.Qualifications:Basic:• Minimum of a bachelor's degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education. • At least 7 years of experience related to the job description.PreferredCertifications in the areas of Information Security, Cyber Security, Business Continuity and Data Privacy such as CISA, CISSP, CRISC, COMPTIA, ISO / / Lead Auditor or equivalent. Note: Applicants for employment in the U.S. must possess work authorization which does not require sponsorship by the employer for a visa (H1B or otherwise).The job entails sitting as well as working at a computer for extended periods of time. Should be able to communicate by telephone, email or face to face.About UsInfosys McCamish Systems, () located in Atlanta, Georgia, is the Life Insurance and Retirement Services subsidiary of Infosys BPO Limited. () Infosys McCamish was started in as a virtual insurance company and went to market as a commercial services provider in . It has an outstanding business perspective and an exemplary track record that no other outsourcer of business solutions can claim – generating US$16 billion of recurring premium in less than five years as a virtual insurance company. Infosys McCamish has expert technology and outsourcing credentials, along with a proven business model for re-engineering systems and performing back-office services at a reduced cost, while reinforcing accuracy, speed and security. Seven of the top ten US insurers are among Infosys McCamish’s many BPO clients. Infosys McCamish has its operations spread across Atlanta GA and Des Moines IA in USA.EOE/Minority/Female/Veteran/Disabled/Sexual Orientation/Gender Identity/National Origin