Director – Corporate Quality

The Director - corporate Quality will be responsible for designing, implementing, and overseeing the organization's Quality, Security, and Compliance programs. This role demands expertise in managing ISMS, QMS, HITRUST, SOC, PCI-DSS, and BCMS frameworks. The incumbent will lead internal audits, interface with external auditing bodies, ensure regulatory compliance, and maintain client trust through proactive governance and communication.

KEY RESPONSIBILITIES

• Develop, maintain, and improve QMS and ISMS frameworks in alignment with industry standards (ISO 9001, ISO 27001, PCI-DSS, SOC, and BCMS)

• Expertise in managing the HITRUST certification

• Ensure compliance with security and quality requirements specific to the healthcare BPO and Revenue Cycle Management industry

• Plan, manage, and execute internal audits to evaluate compliance and identify opportunities for improvement

• Interface with external auditing bodies for certifications, surveillance audits, and compliance reviews

• Lead audit preparation, execution, and follow-ups, ensuring seamless coordination with cross-functional teams

• Oversee risk assessments and implement appropriate risk mitigation measures

• Drive compliance with client-specific security and quality standards, including responding to Client Security Questionnaires

• Maintain and update policies, procedures, and documentation to ensure continual readiness for audits and assessments

• Spearhead the organization's Business Continuity Management System (BCMS) in alignment with ISO 22301

• Define recovery metrics (RTO, RPO, MBCO) and facilitate business impact analysis (BIA)

• Test and validate business continuity and disaster recovery plans regularly

• Serve as a primary point of contact for clients during compliance discussions, audits, and assessments

• Lead client engagements related to quality assurance, security frameworks, and audit processes

• Address client queries and build trust by demonstrating the organization's compliance readiness

• Collaborate with IT, Operations, Compliance, and Legal teams to drive organizational initiatives

• Ensure alignment across teams to meet client and regulatory requirements

• Conduct regular training and awareness sessions on quality and security standards for internal teams

• Prepare and present comprehensive reports for senior leadership on audit findings, compliance metrics, and risk status

• Track and report progress of corrective actions, client concerns, and quality enhancements

Job requirements

• Comprehensive knowledge of QMS, ISMS, HITRUST, SOC, PCI-DSS, and BCMS frameworks

• Skilled in conducting internal/external audits and coordinating with external auditing bodies

• Strong communication and interpersonal skills to manage client relationships and security discussions

• Ability to manage multiple projects, timelines, and compliance deliverables

• Ability to assess risk, interpret audit findings, and implement corrective measures

• Demonstrated ability to lead teams and work effectively across functions

• Results-oriented and proactive in ensuring compliance readiness

• Strong stakeholder management skills with the ability to build trust and rapport

• Excellent written and verbal communication skills

• Detail-oriented, with a focus on accuracy and quality

QUALIFICATIONS

• 18+ years of experience in quality assurance, compliance, and audit management within the Healthcare BPO industry

  Proven expertise in implementing and managing ISMS, QMS, HITRUST, SOC, PCI-DSS, and BCMS frameworks

  Experience in managing client security questionnaires, audits, and external auditor engagements

  Strong experience in leading cross-functional teams, driving governance, and ensuring process improvements

  Bachelor's degree in business, Information Technology, Quality Management, or related field. Master's degree preferred

  Professional Certifications: ISO 27001 Lead Auditor, ISO 9001, HITRUST Practitioner, PCI-DSS, SOC, or similar relevant certifications