REF30097H-Risk & Compliance (GDPR/Hippa/ISO 27001/PCI DSS-6-8 yrs-Mum/Pune/Gurgaon

Company Description

WNS (Holdings) Limited (NYSE: WNS), is a leading Business Process Management (BPM) company. We combine our deep industry knowledge with technology and analytics expertise to co-create innovative, digital-led transformational solutions with clients across 10 industries. We enable businesses in Travel, Insurance, Banking and Financial Services, Manufacturing, Retail and Consumer Packaged Goods, Shipping and Logistics, Healthcare, and Utilities to re-imagine their digital future and transform their outcomes with operational excellence.We deliver an entire spectrum of BPM services in finance and accounting, procurement, customer interaction services and human resources leveraging collaborative models that are tailored to address the unique business challenges of each client. We co-create and execute the future vision of 400+ clients with the help of our 44,000+ employees.

Job Description

• Carry out all information security risk assessment.
• Carry out Privacy risk and impact assessment for client operations and technology infrastructure
• Conducting operations audit based on Information security and privacy principles.
• Conducting review of contractual contracts, privacy contracts / exhibits / privacy agreements
• Supporting compliance certification (ISO, PCI, SSAE) and client audits
• Ensure various information security, privacy regulatory requirements /client’s data privacy requirements are effectively addressed.
• Advise business unit leaders and risk management leaders in issues related to information security.
• Handling information security incidents, data breaches investigations Assist Risk management functional leaders in overseeing compliance activities relating to information security.
• Creation and maintenance of risk assessment trackers and keeping them current Creation and maintenance of up-to-date inventory of sensitive information profiling for client operations
• Ensure that contract arrangements are in place and being complied with. Obtain necessary evidence for the same.
• Conducting necessary due diligence on subcontractors / third party. Driving information security training and awareness to ensure employees are aware of their responsibilities.
• Experience on privacy regulations (HIPAA/ HITECH, EU Privacy directive/ DPA, GLBA, PIPEDA, Australia/ New Zealand privacy laws / APP etc)

Qualifications

Graduate