JOB RESPONSIBILITIES (Infosys)

    ​Team enablement and performance management

​Driving GRC Governance Risk Compliance initiatives

​Information Security controls implementation andcompliance management using ISO 27k frameworks

​Performing enterprise risk assessment by including SupplyChain Risk Assurance

​Ensure compliance and participating in third-party auditssuch as ISO 27001, PCI DSS, HIPAA, HiTrust and Client audits, tracking the closure of activities

​Reporting of metrics to leadership on compliance and relatedindices

​MSA negotiations with Clients and Suppliers, includingaddressing regulatory requirements

​Liability / Information Security risk (InfoSec) assessment,review and signoffs

​Supply chain Risk Assurance

​Stakeholder in business proposals for MSA review,RFP/RFP response, Client meetings etc.,

​Contract (InfoSec) Compliance implementation support andreviews

​Information Security Exception reviews

​Conducting focused awareness sessions

​Driving various enterprise initiatives/goals:

o Supplier Compliance Monitoring through Archer

o Risk Assessment process enhancement using Archer

    Catalyst between Infosys and Client

o At the initial stages of engagement (Sales)

▪ Review of MSA/Contracts and any other clientInfosec docs

▪ RFP/RFQ support, Client Audit / Visit support forthe Delivery team

▪ Performing initial due-diligence on Delivery againstthe Client InfoSec requirements

▪ Due-Diligence support (in defined intervals)

o Once the Project is onboarded

▪ System Compliance and Network InfrastructureCompliance Audits/Reviews

▪ IT Risk Assessments and recommending requiredactions

▪ Implementing enterprise security frameworkcontrols in accounts and track the compliance

▪ Prepare Delivery for specific compliances like PCIDSS, HIPAA

​BAU and other Activities

o Conducting InfoSec awareness trainings

o Monitoring and tracking of EOL software’s

o Conducting audit / assessment on Delivery