INTL - Romania - IT Compliance and Quality Control Officer

Job Description

The IT Compliance and Quality Control Officer will be a member of the Global Hosting Services (GHS)

Infrastructure Operations team and comes to the organization having experience in quality control

especially in IT Information Security area with a background in IT infrastructure services. The role holder

will be responsible for managing and coordinating GHS Operations Information Security related projects,

compliance audits and supporting compliance activities primarily in relation to the GHS including

• Managing, monitoring and maintaining the compliance of IT processes for Global Hosting

Services, ensuring quality and compliance with the agreed compliance frameworks

• Supporting IT Services Information Security Management System (ISMS) and contributing

to the continuous improvement of operational processes and the ISMS by monitoring the

performance of the GHS Operations, its compliance with existing laws and regulations, its

alignment with emerging threats and incident trends, and compliance with the Information

Security Policy (ISP).

• Coordinating the on-going enhancements to the GHS Information Security posture and

compliance with third-party vendors and internal team.

The Global Hosting Service provides and operates highly available 24/7 hosting services, Iaas and PaaS,

across multiple global on-premises hosting centers and Public Cloud Service Providers.

The role holder will report to the GHS Hosting & Infrastructure Operations Leader and will also work

collaboratively with the Compliance and CISO function

• Providing guidance to GHS Operations team on control design and implementation to support

ISP and third party audit activities

• Drive remediation/hygiene/continuous improvement efforts including recommending solutions as

well as driving projects to a successful conclusion to improve overall compliance maturity in the

team.

• Working with Asset and Configuration Management across the GHS.

• Maintaining compliance with Change Control Processes and adhering to standards and

documentation.

• Leading initiatives with third-party service providers to maintain and improve quality, compliance

and consistent delivery of service to published SLAs.

Working with the GHS Operations team and with NIS Vulnerability and other relevant teams on

continuous improvement of Vulnerability Management in GHS space, coordinating a GHS

Operations teams response in case of critical vulnerabilities identified, or similar events.

• Identifying opportunities to automate and streamline processes to maximize efficiencies

Identifying opportunities to report on controls compliance to provide leadership with greater

insights.

• Driving report creation, consolidation, and analysis, by utilizing Microsoft Office and G Suite tools,

to create deliverables; Creating and producing presentation slides; practice methodologies and

tools; policies and procedures; and/or other standard business communications; Responsible for

collation of data and the distribution of periodic and ad hoc operational/compliance reports as

required.

• Anticipating and negotiating consensus amongst diverse groups while creating a positive impact

in the activities of others not in their own reporting structure.

• Ability to travel internationally to facilitate compliance audits and activities (approximately 20%).

• Being responsible for awareness and compliance with all aspects relating to policy and guidelines

of the Information Security Management System (ISMS), including but not limited to the

Information Security Policy (ISP). Defining plans and coordinating activities to meet new/changed

ISP requirements in the GHS domain.

• Performing all related job functions following established processes and procedures in order to

preserve the confidentiality of information hosted and managed by the PwC IT Service Ltd. from

unauthorized disclosure.

• Protecting the integrity of information hosted and managed by the PwC IT Service Ltd. from

unauthorized or accidental modification, and protecting the accuracy and completeness of this

information.

• Being responsible for reporting any (known or suspected) breach in information security or

policies.

• Representing GHS Ops at compliance and risk related meetings and audits

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ~~~ .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: ~~~/ .

Skills and Requirements

• 5 years of experience in IT infrastructure services, including hosting services

• 2 years of experience managing quality control and/or assurance, compliance, certification, IS or related activities

• Bachelor's Degree

• Understands ITIL processes and standards

• Securing (hardening) Microsoft and Linux based operating systems

• Experience in security aspects of multiple operating systems, applications, communications and

network systems and protocols.

• Knowledge and administration of common cloud providers (Azure, GCP, AWS) and virtualization

technologies (Hyper-V, VMware).

• Practical experience in scripting solutions to meet specific needs (e.g. PowerShell, Splunk, etc).

• Ability to design, evaluate and document process improvements. Experience in leading process

improvement teams and interacting with technical managers and development teams.

• Understanding of various sovereignty restrictions (local, regional, global) applicable to systems

and data based on existing jurisdictions

• Knows and understands SOC2 type 2, ISO 27001, etc. - ITIL certification, Azure/GCP/AWS certifications, Professional security certifications or membership in

similar organizations, e.g. Certified Information Systems Security Professional (CISSP), Certified

Information Privacy Professional (CIPP), and Certified Information Systems Manager (CISM) is a plus

• Experience in using data analysis and business intelligence tools like Alteryx, Power BI or

Tableau null

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to ~~~.