REF50067Q - Consultant - Information Security

Company Description

WNS (Holdings) Limited (NYSE: WNS), is a leading Business Process Management (BPM) company. We combine our deep industry knowledge with technology and analytics expertise to co-create innovative, digital-led transformational solutions with clients across 10 industries. We enable businesses in Travel, Insurance, Banking and Financial Services, Manufacturing, Retail and Consumer Packaged Goods, Shipping and Logistics, Healthcare, and Utilities to re-imagine their digital future and transform their outcomes with operational excellence.We deliver an entire spectrum of BPM services in finance and accounting, procurement, customer interaction services and human resources leveraging collaborative models that are tailored to address the unique business challenges of each client. We co-create and execute the future vision of 400+ clients with the help of our 44,000+ employees.

Job Description

Job Summary:

We're seeking an experienced Information Security Auditor to join our team. As an Information Security Auditor, you will be responsible for managing audits across Information Technology, Human Resources, and Physical Security. You will assess the effectiveness of our controls, identify risks, and provide recommendations for improvement.

Responsibilities:

1. Audit Planning: Plan, coordinate, and execute audits across IT, HR, and Physical Security across the enterprise.

2. Client Audits : Front end client information security audits across WNS locations.

3. Control Evaluation: Evaluate the effectiveness of existing controls, policies, and procedures.

4. Audit Reporting: Prepare and present audit reports to management, highlighting findings, risks, and recommendations.

5. Recommendations and Remediation: Provide recommendations for control improvements and work with stakeholders to implement remediation plans.

6. Compliance: Ensure audits are conducted in accordance with relevant laws, regulations, and industry standards (e.g., HIPAA, PCI-DSS, ISO 27001). Also lead the compliance activities across the enterprise including the annual SOC assessments.

7. Stakeholder Management: Collaborate with stakeholders across IT, HR, and Physical Security to ensure audit objectives are met.

Requirements:

1. Education: Bachelor's degree in Computer Science, Information Systems, or a related field.

2. Experience: 7-9 years of experience in information security auditing, IT audit, or a related field.

3. Certifications: CISA, CISM, CISSP, or equivalent certifications are preferable.

4. Technical Skills:

    - Strong knowledge of IT systems, networks, and infrastructure.

    - Familiarity with security frameworks and standards (e.g., NIST, ISO 27001).

    - Experience with audit tools and technologies (e.g., ACL, SQL).

5. Soft Skills:

    - Excellent communication and reporting skills.

    - Strong analytical and problem-solving skills.

    - Ability to work independently and as part of a team.

Qualifications

Degree + ISMS auditor