The IT Compliance and Quality Control Officer will be a member of the Global Hosting Services (GHS)
Infrastructure Operations team and comes to the organization having experience in quality control
especially in IT Information Security area with a background in IT infrastructure services. The role holder
will be responsible for managing and coordinating GHS Operations Information Security related projects,
compliance audits and supporting compliance activities primarily in relation to the GHS including:
- Managing, monitoring and maintaining the compliance of IT processes for Global Hosting
Services, ensuring quality and compliance with the agreed compliance frameworks
- Supporting IT Services Information Security Management System (ISMS) and contributing
to the continuous improvement of operational processes and the ISMS by monitoring the
performance of the GHS Operations, its compliance with existing laws and regulations, its
alignment with emerging threats and incident trends, and compliance with the Information
Security Policy (ISP).
- Coordinating the on-going enhancements to the GHS Information Security posture and
compliance with third-party vendors and internal team.
The Global Hosting Service provides and operates highly available 24/7 hosting services, Iaas and PaaS,
across multiple global on-premises hosting centers and Public Cloud Service Providers.
The role holder will report to the GHS Hosting & Infrastructure Operations Leader and will also work
collaboratively with the Compliance and CISO function
- Providing guidance to GHS Operations team on control design and implementation to support
ISP and third party audit activities
- Drive remediation/hygiene/continuous improvement efforts including recommending solutions as
well as driving projects to a successful conclusion to improve overall compliance maturity in the
team.
- Working with Asset and Configuration Management across the GHS.
- Maintaining compliance with Change Control Processes and adhering to standards and
documentation.
- Leading initiatives with third-party service providers to maintain and improve quality, compliance
and consistent delivery of service to published SLAs.
Working with the GHS Operations team and with NIS Vulnerability and other relevant teams on
continuous improvement of Vulnerability Management in GHS space, coordinating a GHS
Operations teams response in case of critical vulnerabilities identified, or similar events.
- Identifying opportunities to automate and streamline processes to maximize efficiencies
Identifying opportunities to report on controls compliance to provide leadership with greater
insights.
- Driving report creation, consolidation, and analysis, by utilizing Microsoft Office and G Suite tools,
to create deliverables; Creating and producing presentation slides; practice methodologies and
tools; policies and procedures; and/or other standard business communications; Responsible for
collation of data and the distribution of periodic and ad hoc operational/compliance reports as
required.
- Anticipating and negotiating consensus amongst diverse groups while creating a positive impact
in the activities of others not in their own reporting structure.
- Ability to travel internationally to facilitate compliance audits and activities (approximately 20%).
- Being responsible for awareness and compliance with all aspects relating to policy and guidelines
of the Information Security Management System (ISMS), including but not limited to the
Information Security Policy (ISP). Defining plans and coordinating activities to meet new/changed
ISP requirements in the GHS domain.
- Performing all related job functions following established processes and procedures in order to
preserve the confidentiality of information hosted and managed by the PwC IT Service Ltd. from
unauthorized disclosure.
- Protecting the integrity of information hosted and managed by the PwC IT Service Ltd. from
unauthorized or accidental modification, and protecting the accuracy and completeness of this
information.
- Being responsible for reporting any (known or suspected) breach in information security or
policies.
- Representing GHS Ops at compliance and risk related meetings and audits
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
- 5 years of experience in IT infrastructure services, including hosting services
- 2 years of experience managing quality control and/or assurance, compliance, certification, IS or related activities
- Bachelor's Degree
- Understands ITIL processes and standards
- Securing (hardening) Microsoft and Linux based operating systems
- Experience in security aspects of multiple operating systems, applications, communications and
network systems and protocols.
- Knowledge and administration of common cloud providers (Azure, GCP, AWS) and virtualization
technologies (Hyper-V, VMware).
- Practical experience in scripting solutions to meet specific needs (e.g. PowerShell, Splunk, etc).
- Ability to design, evaluate and document process improvements. Experience in leading process
improvement teams and interacting with technical managers and development teams.
- Understanding of various sovereignty restrictions (local, regional, global) applicable to systems
and data based on existing jurisdictions
- Knows and understands SOC2 type 2, ISO 27001, etc.
- ITIL certification, Azure/GCP/AWS certifications, Professional security certifications or membership in
similar organizations, e.g. Certified Information Systems Security Professional (CISSP), Certified
Information Privacy Professional (CIPP), and Certified Information Systems Manager (CISM) is a plus
- Experience in using data analysis and business intelligence tools like Alteryx, Power BI or
Tableau