Information Security Manager

Security (Information & Communication Technology)

Full time

Add expected salary to your profile for insights

To efficiently undertake, manage and execute Audit engagement activities providing independent audit opinions to the business:

Audit Assignments (Planning)

• Assist HOD in identifying & planning audit & monitoring of the high risk activities
• Initiating the audit with the stake holders in accordance with the annual audit plan with the approval of HOD
• Conducting an understanding meeting for the assigned audit area to obtain a working knowledge of the nature of the activities
• Developing the assigned audit plan including scope and objectives of the audit, and audit procedures and obtaining the Internal Audit HOD's approval in a timely manner
• Ensuring the audit plan is developed to meet the Business expectations and is based on high risk, and compliance with statutory audit requirements
• Planning audit testing strategy and estimating the time for completion of the audit in coordination with the Audit HOD
• Leading and enhancing the capability of the Internal Audit and Credit & Complaints team supporting Operations.

Implementing Audit Activities

• Create and manage the entire compliance framework - all applicable regulations including requirements like DPA, PCI DSS, etc. and local & Australian regulatory, BPO industry requirements.
• Performing regulatory, operational and process audits of the company's business units to ensure adherence and compliance to the organization's corporate policies, SLAs agreed with client and statutory requirements.
• Executing an efficient and effective audit approach as defined by internal audit management to ensure all assigned work is completed according to schedule.
• Attending and ensuring there is a regular cadence on calibration sessions with Operations
• Documenting and actively participating in the development of audit procedures performed as well as the preparing noted concerns for audit report inclusion

Evaluating Audit Activities

• Performing analytical review procedures on audit
• Performing analytical review procedures on call compliance audit for operations.
• Drafting audit findings, recommendations and writing audit memos, soliciting inputs from the process owners and obtaining the Internal Audit HOD's approval in a timely manner (applicable for Contact Center Internal Audit and Credit and Compliance).

Communications & Reporting

• Discussing all audit findings with the senior management, respective business verticals and ensuring factual accuracy of the audit issues
• Escalating identified audit issues with risk mitigating measures in a timely manner, as appropriate
• Ensuring and supervising effective implementation of the corrective actions
• Assist in conducting investigations into allegations of bribery, misconduct, corrupt behavior, policy breaches or reputational issues, including conducting witness and suspect interviews in collaboration with relevant internal teams by preparing interview memos, investigation reports with accurate conclusions and providing timely updates to the Compliance lead in Philippines and Australia.
• Conduct compliance-based reviews and monitoring of adherence to policies, reviewing patterns from investigations and putting in place enhanced processes.
• Liaising and coordinating with legal team of TMBS VHA/TPG fraud investigation.
• Support data and evidences gathering as required by the Legal Teams for legal/police procedures

Information Security Governance

• Support the management to establish and maintain the Information Security Management System and ensuring compliance with organizational security policies and customer data security requirements.
• Assists and supports the core functions within the Information Security Governance and Risk Team. Core functions include Access Reviews, Risk Management, Vendor Risk, Security Audit, and Security Education.
• Support IT operations in implementing the defined security policies. Monitoring compliance with the organization's information security policies and procedures among employees, contractors, alliances, and other third parties
• Work alongside the InfoSec service partner to drive performance and adherence to company objectives of enhancing compliance & awareness.
• Support the development and deployment of relevant technologies, tools and technical frameworks and processes to enhance efficiency in Compliance function

Core Competency

• Knowledge & understanding of compliance & regulatory guidelines to drive contact center compliances & statutory compliances
• knowledge of generally accepted auditing standards and practices
• Preferred knowledge of standards like ISO 27001, PCI DSS
• Must have good knowledge & understanding of compliance & regulatory guidelines to drive contact centre compliance with all quality measures & statutory obligations including organisation's policies & guidelines
• Must have a clear idea and an understanding about the BPO process and non- negotiables in the contact centre
• Must maintain a current knowledgebase of Audit industry practices and ensure best practices are considered within the company.

Tech Mahindra represents the connected world, offering innovative and customer-centric information technology services and solutions, enabling Enterprises, Associates and the Society to Rise.

Mahindra is a USD 4.9 billion company with 121,840+ professionals across 90 countries, helping over 935 global customers including Fortune 500 companies. Our innovation platforms and reusable assets connect across a number of technologies to deliver tangible business value to our stakeholders.

Tech Mahindra Business Process Services (BPS) is the BPO arm of Tech Mahindra which focuses on Business Process as a Service (BPaaS) and BPO services across various industries including Telecom, Financial Services, Retail, Energy, Hospitality, Hi-Tech, Agriculture, and Food & Beverage. Our approach goes beyond cost reduction to process optimization and ownership through automation and productivity improvements.

Tech Mahindra BPS delivers value for customers through flawless execution of a seamless suite of services that operate across the entire lifecycle of end users and covers both revenue and cost sides of the customers' business operations. The BPS includes Operations, BPM, and Consulting.

Tech Mahindra offers innovative and customer-centric information technology services and solutions, enabling Enterprises, Associates and the Society to Rise. Our technology and process expertise combined with investments in platforms and IP, have delivered significant transformation programs for Global Customers across customer services, IT and Network.

Tech Mahindra represents the connected world, offering innovative and customer-centric information technology services and solutions, enabling Enterprises, Associates and the Society to Rise.

Mahindra is a USD 4.9 billion company with 121,840+ professionals across 90 countries, helping over 935 global customers including Fortune 500 companies. Our innovation platforms and reusable assets connect across a number of technologies to deliver tangible business value to our stakeholders.

Tech Mahindra Business Process Services (BPS) is the BPO arm of Tech Mahindra which focuses on Business Process as a Service (BPaaS) and BPO services across various industries including Telecom, Financial Services, Retail, Energy, Hospitality, Hi-Tech, Agriculture, and Food & Beverage. Our approach goes beyond cost reduction to process optimization and ownership through automation and productivity improvements.

Tech Mahindra BPS delivers value for customers through flawless execution of a seamless suite of services that operate across the entire lifecycle of end users and covers both revenue and cost sides of the customers' business operations. The BPS includes Operations, BPM, and Consulting.

Tech Mahindra offers innovative and customer-centric information technology services and solutions, enabling Enterprises, Associates and the Society to Rise. Our technology and process expertise combined with investments in platforms and IP, have delivered significant transformation programs for Global Customers across customer services, IT and Network.

Don't provide your bank or credit card details when applying for jobs.

Researching careers? Find all the information and tips you need on career advice.