Infosys is a global leader in consulting, technology, and outsourcing and next-generation services. We enable clients in more than 50 countries to outperform the competition and stay ahead of the innovation curve. With US$8.83 bn in LTM Q1 FY16 revenues and 179,000+ employees, we are helping enterprises renew themselves while also creating new avenues to generate value. We provide enterprises with strategic insights on what lies ahead. We help enterprises transform and thrive in a changing world through strategic consulting, operational leadership, and the co-creation of breakthroughsolutions, including those in mobility, sustainability, big data, and cloud computing.
Required Skills and Experience:
Advanced EnglishEngineering Graduate or equivalent Experience in Information Security Governance, risk and compliance management with strong data and network security concepts. Experience in the areas of Risk Management, Governance, Compliance, Security policy and Metrics. Good understanding of ISO 27001:2013, SSAE 16 SOC 1 & SOC 2, PCI DSS, HIPAA & other industry recommended standards and regulations.
Manage all Information security related activities for Mexico Development Centers (DC).Suggest and implement Information security process improvements and initiatives for the development centers and the engagements operating from Mexico.Undertake implementation of security controls as mandated by the local laws in Mexico for the Development Centers.Handling Information Security Awareness for the Development centers. Undertake awareness sessions on Information security during Induction trainings. Work proactively on identifying new mediums for spreading awareness amongst employees by coordinating with the Corporate Information Security Group. Manage Pre-Engagement support activities for Mexico DC. Undertake review of all MSA's, Contracts, Request for Proposal (RFP)/Request for Information (RFI) for Mexico DC. Collaborate with Corporate Information Security Group to respond on MSA/RFP's, if required.Participate in Pre-Engagement negotiations and discussions with prospects/clients and shall articulate Infosys position from Information Security perspective.Represent Information Security Group as part of External/Client/Internal security audits and visits. Support engagements and functions to effectively close findings and concerns identified as part of audits.Participate and present Infosys Information Security practices to prospects and clients as part of visits.Ensure and monitor compliance of the security controls at the Development Center against the Organization level security policy. Work on ensuring sustenance of the defined security controls against ISO 27001:2013.Present Information Security Metrics to Mexico Information Security Council (ISC) on a monthly basis. Collaborate with anchors from all functions to address issues identified as part of monthly metrics.Suggest policies and changes to policies based on the inputs received in order to translate the organization's information security strategy into policies that need to be adhered to.Synergize with location level anchors across functions and client engagements and work on addressing Information security specific issues/risks relevant to the function/engagement at Mexico.Analyze risks and conduct Risk assessment for the Development Centers. Co-ordinate with anchors from different functions to complete location level Risk Assessment on a periodic basis.Coordinate with Corporate Information Security Group and contribute risks that could be considered as part of the enterprise level risk assessment. Perform periodic Information Security reviews to identify and mitigate security risks specific to client engagements and functions operating from Mexico development centers.Work with client engagement anchors and associated compliance managers of engagements to validate and track compliance of MSA mandated security obligations.Support client engagements with completion of an engagement level risk assessment at Mexico.Coordinate and support Mexico based engagements to comply with contractual Information security obligations. Support client engagements comply with MSA mandated standards/regulations including PCI DSS, HIPAA, SSAE 16 SOC 1/SOC 2 Type II control requirements. Work on defining a sustenance plan for the client engagements to comply with these contractual expectations. Evaluate 3rd party Suppliers/Vendors from Information security standpoint for any services planned to be availed from such 3rd parties.Support Corporate Information Security team to complete a location specific Vulnerability Assessment or a Penetration test.Support Corporate Information Security team with assistance required for any Mexico specific Information security incidents/breaches.Willing to handle additional responsibilities delegated by the Corporate Information Security Group.
For more Information please send your resume.