Responsibilities

• Support non-technical staff in understanding and applying Information Security policies and compliance requirements aligned with client contractual obligations and internal frameworks.
• Assist in periodic Security Risk Assessments (SRAs) in accordance with ISO 27001, GISP, and client security requirements; provide comprehensive reporting to relevant stakeholders and drive continuous improvement efforts.
• Serve as the liaison between local business units and the subsidiary audit team, coordinating internal and external audit activities (e.g. PCI-DSS, ISO 27001), facilitating the collection and submission of required evidence.
• Develop and maintain consultative relationships across departments (Operations, HR, IT, Facilities, etc.) to promote adherence to company risk management frameworks, exception processes, and regulatory standards.
• Provide expertise and recommendations to ensure business functions and processes meet or exceed security compliance standards (e.g. PCI-DSS, ISO 27001) and client-specific obligations.
• Coordinate the communication, evidence gathering, and reporting of GISP compliance requirements through relevant platforms such as Teleperformance Policy tools.
• Promote organization-wide security awareness by supporting the development and delivery of education, training, and debriefing sessions on security-related matters.
• Collaborate with cross-functional teams to collect feedback and improve the effectiveness of security systems, documentation, and KPIs related to the security posture.
• Facilitate investigation and root cause analysis of security incidents, assist in corrective action planning, and ensure thorough documentation in line with policy.
• Lead or support the implementation and periodic testing of business continuity processes within the local environment.
• Provide guidance and support on physical security compliance to ensure alignment with corporate and client standards.
• Drive proactive identification and mitigation of compliance and security risks during local projects, initiatives, and operational activities.
• Identify and champion process improvement opportunities and implement strategies to enhance the efficiency and resilience of security programs.
• Perform additional job-related duties as assigned in Information Security and Operational Security.

Requirements

• Bachelor’s degree in Information Technology, Computer Science, Administration Management or equivalent
• Minimum 2 years of progressive professional experience in Information Security compliance, data protection, security audit and risk management.
• Familiar with different regulations and standards related to information security and data protection (e.g., ISO27001, PCI DSS)
• Preferably a Certified in Cybersecurity (CC) certification, ISO/IEC 27001 Information Security
• Associate or Governance, Risk and Compliance Certification (CGRC)

We thank all applicants for their interest. However due to the large volume of applications we receive, only shortlisted candidates will be contacted.