Exprience: 10 - 17 years
Job Title: Delivery Compliance Officer (DCO)
Job Description: The position is a member of Risk & Compliance org within HCL Technologies. The DCO will be aligned to critical service delivery engagements and will be responsible for ensuring compliance in accordance to client, organizational & regulatory security requirements. The DCO will act as the engagement level risk advisor and manager and will be the primary liaison for risk related items between the engagement and the larger R&C organization. The DCO will interface with client, business delivery team and support function such as IT, HR, Admin, Legal, etc. in execution of job responsibilities. The position typically reports into a Delivery Compliance Partner or Delivery Compliance Manager.
Total experience- 9-13 Years
- Minimum of 6-10 years of experience in Information Risk Management/Information Security or auditing.
- Required to have excellent understanding of the IT Control framework, in particular risk assessment and control selection
- Working experience in any two of the compliance programs (PCI DSS,HIPPA,ISO 27001,SOC2, SOX,NIST,FISMA,COBIT)
- Lead teams and efforts to ensure effective execution of periodic risk assessments and drive integration of remediation efforts with the risk management process
- Partner with service delivery leadership to both communicate and manage risk in delivery to an acceptable level
- Partner with awareness and training elements to develop and ensure rollout of programs to increase the level of awareness of compliance with policy and process
- Lead and perform activities to help measure and monitor compliance with contractual security requirements, company policies and procedures to ensure the account is compliant and audit ready
- Lead different compliance & audit testing programs and support successful completion of various external compliance certification programs and internal compliance assessments
- Proven ability to lead small teams dedicated to the performance of risk management and assessment responsibilities.
- Ability to provide effective management of junior employees.
- Develops and provides appropriate guidance on solutions to mitigate risks and enhance system security
- Coordinates with other DCO and Delivery Compliance representatives to build out world class compliance program components to include processes, procedures, and technologies.
- Deep understanding of privacy and business continuity requirements and support R&C Privacy and BCM teams in execution of their respective program
- Demonstrates ability to work in virtual team with help of tools and technologies
- Demonstrates ability to handle conflicting situation & should have strong verbal, written communication & analytical skills
- Must have systematic and pragmatic approach to problem solving
- Demonstrates good inter-personal skills, high standards of professional behavior in dealings with business customers, colleagues and staff
- Have a good technical awareness and the aptitude to remain up to date with information security and IT developments
- Ability to communicate Risk to non IT business owners and support function such as delivery, HR, Admin, Legal, Contracting and others
- Ability to communicate risk at all levels of management up to and including C-Level executives.
- Translate business, industry, and regulatory requirements into information security objectives and associated tactical/strategic information security initiatives
- Certification such as CISA/CISSP/CISM /CRISC/ CGEIT/ISO27001 or any other security related certifications are preferred.
Industry Type: IT Services & Consulting
Department: IT & Information Security
Employment Type: Full Time, Permanent
Role Category: IT & Information Security - Other
UG: Any Graduate
(i) IT security
(ii) ISO 27001
Address:1st to 3rd Floor, Tower-B, Lotus Business Park, Gautam Budh Nagar, Noida, NOIDA, Uttar Pradesh, India