Job Title

Excellent Job opportunity for a IT Security & Compliance Manager position with Sodexo India. Overview: The IT Security & Compliance Manager develops and supports IS&T compliance initiatives, policies, standards and processes in alignment with the internal control framework and risk management and is in charge of ensuring that they are applied across IS&T. You will be also responsible for measuring IT risk level of the organization, quantifying the impacts of compliance risks on the organization, ensuring controls are in place by supporting the development of relevant action plans to mitigate or reduce risks identified. You will be in close contact with the Group Internal Control department, Group Internal Audit department and Legal department. You will participates actively to the IS&T Compliance and Control community of practice, exchanging regularly with his peers to increase knowledge management in its field. Responsibilities: IS&T COMPLIANCE PROGRAM MANAGEMENT Develop, implement and manage an effective IS&T compliance program in line with the Sodexo Internal Control & TD&D Framework. Develop, initiate, maintain, revise and update IS&T policies and procedures of the compliance program and related activities and documentation (information security, business continuity, disaster recovery operation…) Contribute to the continuous improvement process of the program Support the use and attainment of industry recognized certifications and attestations where applicable. CONTROL AUDITING, MONITORING AND REPORTING Regularly audit in compliance with SOC2 readiness and reporting Regularly audit IS&T procedures, practices, and documents to identify and define vulnerabilities and threats Evaluate internal operational and procedural compliance Establish regular performance reports related to risk and internal controls effectiveness Record and report non-compliance Develop and maintain a compliance record keeping system and provide regular status reporting RISK MANAGEMENT SOC2 Audit & Compliance management Create and manage effective action plans in response to audit discoveries and compliance violations Assess IS&T compliance risks including risks related to third party suppliers, data privacy and payment card data Monitor and support action plans definition and completion to remediate or mitigate risks identified COMMUNICATION Communicate compliance policies and guidelines to management and designated departments Ensure all employees are educated on the latest regulations and processes Resolve employees’ concerns about compliance Exchange regularly with third-parties for compliance audits Maintain communication with compliance regulators and external auditors KNOWLEDGE MANAGEMENT Keeping up with compliance requirements and amendments to applicable regulations Helps to create and promotes the organizational culture of compliance and control Participates actively to the IS&T Compliance and Control community of practice Advises IS&T members on compliance questions Acts as an advocate for best practices in IS&T audit and risk management Helps to identify and build required compliance training programs for employees Required Skills: Bachelor degree or above in IT, Computing, Computer/Electronics Engineering At least 8 to 14 years in SOC2 Audit, quality control or corporate policy auditing Good team player with “can-do” attitude Innovative, resourceful and problem solver Highly self-motivated with strong leadership and teamwork attributes A detail individual with good analytical and organisational skills Able to articulate well with both business and IT representatives Good writing skills to document processes, policies, dash boards and measurement metrics To maintain the confidentiality of data in respect to the privileged position held and ensure that security of data is protected throughout the compliance cycle Soft Skills: Service spirit & teamwork, collaboration Communication and negotiation Detail-oriented, thorough Analytical and problem-solving skills Ethical and principled