- To drive Information Security initiatives across delivery and support processes.
- To drive Business Continuity Management initiatives across delivery and support processes.
- Document new processes (if required) in line with the existing security policy/procedures for SSC.
- Auditing processes/ functions against the standards and ISO standards
- Manage dashboards and provide appropriate reporting to BCMS operations board
- Manage in-house tools for automation of work-flows.
- Manage Balanced score card for the organisation. This includes defining metrics for the organisation, establishing measurement techniques, analysing data and sharing trends and insights with management.
- Provide appropriate reporting to BCMS operations board using advance excel formulas and Excel Automations (VBA)
Business Continuity and Disaster Recovery Management 35%
· Maintain and manage ISO 22301 certification for the organisation.
· Plan and conduct frequency based internal audits based on ISO 22301:2012 and internal requirements.
· Identify and lead continual improvement initiative to strengthen the Business Continuity of site.
· Conduct frequent risk assessment for site based on Business Continuity Management System requirements.
· Ensuring that BCM processes and requirements, including any templates, are documented and that they are reviewed periodically. (Scope: IT services /F&A services/ Contact Centre Services etc)
· Owning, writing and testing BCMS BCM Plan
· Manage business continuity situation with the crisis management team.
· Share timely updates and progress reports with the management.
Information Security 35%
· Maintain and manage ISO 27001:2013 certification for the organisation.
· Maintain and manage information security risk register; ensure effective mitigation are identified and implemented within the organisation.
· Plan and conduct frequency based internal audits based on ISO 27001:2013, internal requirements and cyber security assessment.
· Identify and lead continual improvement initiative to strengthen the Information Security of site.
· Conduct frequent risk assessment for site based on Information Security Management System requirements
· Ensure that their workforce is aware of the information security policies and comply with them
· Ensures that the team complies to ISO 27001:2013 and IGA related requirements
· Provide security awareness and education to team
· Manage Records to ensure compliance to Freedom of information act
· Ensure incidents of their respective functions are closed within SLAs
Governance Management (30%)
· Implement and manage balanced score card for the organisation. This includes defining metrics for the organisation, establishing measurement techniques, analysing data and sharing trends and insights with management.
· Ensure governance calendar for the organisation is implemented.
· Ensure automation opportunities are identified to improve effective management reporting; reduce inter dependencies on teams.
· Manager, Business Assurance
In direct -
· Head, Business Assurance
· Dashboard users (Function Heads, Function SPOCs)
· Various users for applications, tools, etc
Contact Person - Manju