JOB SUMMARY / OVERVIEW:

Security Compliance Analyst is responsible to support compliance with TP policies, regulations, and procedures. Including, but not limited to, compliance with PCI DSS, ISO 27001, Privacy laws and other legal and regulatory requirements.

Security Compliance Analyst is also responsible for supporting internal and external Audits, Business Continuity and Disaster Recover, Data Privacy and Product Management for security products

KEY RESPONSIBILITIES AND ACCOUNTABILITIES(may perform other duties as requested not specifically addressed in this document)Support GECSP (Global Essential Compliance Security Policies) Program (IT Infrastructure related) needs;Support implementation of TP Policy Program (IT Infrastructure related); Improve the implementation of Security Policies and Procedures in Contact Centers (IT Infrastructure related); Support the implementation of PCI DSS, ISO 27001, privacy law compliance and certifications (inc. 27701);Ensure response to any PCI DSS, ISO 27001, ISO27701 questions and audits;Interact with all company departments;Upload evidences to central systems compliance progress (IT Infrastructure related);Support enforcement of Hardening rules;Support GECSP similar audits, to identify weaknesses and improve overall results. Including audits on infrastructure components;Work side-by-side with other functions to increase TP scoresSupport the redesign Security Processes and improve Security posture overallDevelop security awareness trainings for specific topics;Risk management. Additional Duties: Promote the culture of Information Security in the OperationsSupport internal security policies and procedures for the subsidiary (IT Infrastructure related);Support security related IT projects;Support implementation of company-wide management-approved strategies;Act with initiative, make things happen and accept responsibility for the results;Be a true team member in Teleperformance – focused on the success of the company and the wellbeing of the team;Interaction with other departments in order to improve and or maximize the projects(s) results;Be an active part in the processes of continuous improvement, proposing improvement and innovations methods across the department and the company (producing fresh and imaginative ideas and solutions);Ensure all Teleperformance processes, procedures and policies are fulfilled, including but not limited to GDPR - General Data Protection Regulation, GECSP - Global Essential Compliance, Information Security Policies, HR, etc;May perform other duties as requested not specifically addressed in this document. DECISIONS EXPECTEDReport to Security Compliance and Business Continuity Manager in case of non-conformity to policies and standardsReport Non-Conformities and Incidents; Report Incidents to Security Compliance and Business Continuity Manager RECOMMENDATIONS EXPECTEDContinuous organizational improvement;Produce fresh and imaginative ideas and solutions MAIN JOB REQUIREMENTSEducation and specific TrainingHigher Education Degree – preferential12th grade – MinimumAdvanced level – English Work ExperienceMust have 3 or more years in an information security or auditing positionREQUIRED SKILLSTechnical Skills Working knowledge of Microsoft Office Suite (Excel, Word and PowerPoint);Fluent spoken and written English;An understanding on confidentiality issues - security awareness;Understand and be familiar with statutory or regulatory compliance and best practices including: PCI DSS, ISO 27001, ISO 17799, ITIL, SB1386, COBIT, SOX, GLBA, Privacy Law. Competencies and specific skillsAchievement oriented;Judgement;Problem solving;Team building / Team work;Time management.