Job Summary Assists the Security Governance Manager with the day to day management and maintenance of information and data security and privacy policies, procedures and controls documentation stored within Teleperformance Groups TP Policy system.
Works with Teleperformance Subsidiaries to process their exception requests, primarily related to the Global Essential Compliance Security Policies.
Ensures that exception requests are complete and that appropriate compensating controls have been identified. Liaises with subsidiary PoCs to ensure completeness.
Duties / Responsibilities Assists the Security Governance Manager to define, and maintain, the overall information security program by interacting with Teleperformance information security professionals around the world.
This role should provide assistance to ensure that the Security program is kept current by staying informed about new legal, regulatory and contractual requirements, incorporating new threats, vulnerabilities, risks, business requirements and other variables that may affect elements of the program, and ensuring that applicable requirements are appropriately addressed.
The successful candidate will have strong communication skills (in English), and be capable of coordinating with a geographically disperse group of information security professionals.
In this role, the Analyst will assist in defining security frameworks, communicate security concepts, policies, standards, procedures, and provide ongoing support.
The successful candidate will have a firm understanding of risk management principles and be able to articulate that understanding while helping others to improve.
Is willing to actively seek opportunities to develop new approaches to meet new goals. Stays abreast of new tools, technologies, and techniques, and implements them as solutions to business and technical problems.
Coordination with multiple teams of information security and compliance professionals across a large geographical footprint
Responsible for processing exception requests through the Teleperformance exception process.
Responsible for maintaining the security program framework to support the implementation of security best practices, client requirements, external compliance requirements, and global security team defined objectives
Assist subsidiary-level security groups to align current business processes with client requirements and external security standards / obligations such as PCI DSS, ISO27001 and ISO27002, and others as necessary.
Coordinate with the Contractual Compliance team to understand evolving contractual security obligations and identify areas of exposure while working with subsidiaries to determine mutually agreeable security and risk reduction controls and processes.
Enhance the Security Governance program providing guidance and expertise
Complete special projects and other duties as assigned. Qualifications : A Bachelor's degree in computer science, engineering or a related discipline, or the equivalent combination of education, technical training or work experience.
3+ years of relevant experience in Information Security, Governance and Risk Management
Experience with regulatory requirements including PCI-DSS, ISO2700, preferred.
Work experience in Risk Management or related fields such as Audit, IT Security, or Business Continuity, however other IT disciplines are eligible
Ability to draft systems and applications security policies, documentation, and guidelines for technical staff and users.
Strong personal and professional ethical values and impeccable integrity
Strong verbal and written communication skills (English required, but fluency in other languages a plus).
A self-starter with a high degree of confidence, and an ability to defend existing programs and policies. Be able to gain the confidence and respect of the information security professionals, soliciting their ideas and suggestions.
Must be an intelligent, highly organized, articulate and professional who can serve as an effective member of the Global Security team
Able to work in a very agile, fast paced, dynamic environment and industry
Must be able to travel as needed. Typically, travel does not exceed 25%
One or more of the following certifications is highly preferred : CPISI, ISO 27001 LA, COBIT, CRISC, CISA, CISSP