Assistant Compliance Manager

Eligibility Criteria

• Total Experience: 57 years in BPO/KPO/Healthcare services
• Minimum: 5 years in Corporate Quality/Compliance with hands-on exposure to QMS/ISMS/BCMS/SOC/PCI-DSS/HITRUST certification programs
• Preferred Certifications/Exposure: ISO 9001:2015, ISO/IEC 27001, ISO 22301, SOC (Type 1/2)

QMS & ISMS

• Maintain and control QMS/ISMS documentation (policies, SOPs, SoA, records, versioning)
• Ensure internal audits are executed as per the central plan; track findings to closure (CAPA)
• Coordinate internal/external audits—collate evidence, facilitate interviews, and manage responses
• Perform/lead risk assessments with stakeholders, update risk treatment plans on a periodic cadence
• Support client system access reconciliation for sampled associates as requested
• Monitor changes in scope (new/wind-down client processes) and update Corporate Quality regularly

BCMS

• Lead site-level BCP/DR execution; define and maintain the BCMS framework as directed by Head–BCM
• Facilitate BCMS implementation across locations; drive awareness and role-based training
• Guide business teams to develop robust BC Plans, aligned to organizational standards/best practices
• Conduct BIA/Risk Assessments to derive function-specific RTO, RPO, RCO, internal/external dependencies, and recovery requirements

HITRUST (CSF)

• Manage HITRUST readiness and validated assessments
• Operate the MyCSF portal: evidence upload, inheritance requests and corrective action plans
• Support maturity scoring and close gaps to target levels
• Coordinate with SMEs for control narratives, test of operating effectiveness, and assessor queries; maintain an artifact index mapped to CSF requirements
• Monitor interim/bridge updates and maintain continuous compliance post-assessment

SOC (Type 1/Type 2)

• Drive SOC 1/SOC 2 readiness: map control objectives/Trust Services Criteria, define control owners, and maintain a control catalogue
• Manage population & sampling evidence for the period of review, support walkthroughs with auditors
• Track exceptions and remediation; maintain narratives, flowcharts, and linkage to policies/SOPs.

Other Competencies

• Strong grasp of ISO 9001, ISO/IEC 27001, ISO 22301, SOC, PCI-DSS, HITRUST requirements
• Audit planning/execution, evidence management, risk & CAPA discipline
• Stakeholder management, clear written/oral communication, and cross-functional coordination
• Detail orientation, documentation rigor, and ability to work to deadlines in a dynamic environment