Quality and Risk Management

The person will be part of the "Quality and Risk Management" team of Infosys McCamish. The person has to co-ordinate with IT / Business Operations, Corporate and Client Stakeholders to implement all necessary Risk and Information security best practices, ensuring compliance to organization policies and procedures, and client requirements with respect to products, platforms, Business Services at all Infosys McCamish locations across the globe.

Responsibilities may include but are not limited to:

• Risk Assessment and Security Controls implementation

Conduct Risk Assessment and help stakeholders in closing the assessment gaps

Implementation of Infosec controls, testing of evidences, and reporting, across IT development and Business Operations

Working knowledge on Secure Software Development Life Cycle (SSDLC) and Secure Release Management

Define and implement policies and procedures with respect to Risk / Information security, Business Continuity and Data Privacy.

Co-ordinate with internal stakeholders to get the right information and publish metrics, status reports and initiatives dashboard to all internal and external stakeholders.

Review client contracts and provide right inputs for decision making, map organization controls, track and ensure contractual compliance.

Implementation knowledge of Information Security, Business Continuity, Data Privacy, Cloud Security Management System standards like ISO 27001, ISO 27701, ISO 27017, ISO 27018, ISO 22301, NIST, CISA, SOC 1, SOC 2 etc. is preferable.

• Audits

Auditing Suppliers / Vendors periodically in terms of their compliance to Information security standards as per MSA/contract.

Auditing the IT infrastructure components, say, servers, networks, applications (both internal and third party), scanning the vulnerabilities, define appropriate controls and certify them to use it in our business.

Conduct Internal Information Security Audits, Risk Audits and Compliance Audits and work with the teams to ensure closure of Audit findings.

Facilitate external audits with certifying bodies and ensure certification / Recertification (ISO 27001, SSAE 18 - SOC1, SOC2, etc.,)

Facilitate Client audits, responses to Client questionnaires, create and demonstrate audit evidences, artifacts and documentation on Information security controls by coordinating with all internal / client stakeholders.

Handling Security Incidents, Audit Non-conformities, Process deviations and Complaints pertaining to Risk / Information Security and ensure that the process owners are defining and implementing the relevant corrective / preventive actions and close the same.

• Change Management / Process Improvements / Quality Assurance

Define and implement change initiatives in the areas of Risk / Information Security, Business Continuity and Data Privacy to meet organizational goals.

Identify continuous process improvement opportunities, define and implement best practices, and drive an improvement culture across the organization.

Knowledge on Quality Assurance processes, creating Standard Operating Procedures / templates / records is preferable.

Soft skills

Professional working proficiency in English is a must.

Working knowledge on MS-Office productivity tools or equivalent is a must.

Knowledge on using AI tools is preferred.

Qualifications:
Basic:
• Minimum of a bachelor's degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education.
• At least 7 years of experience related to the job description.

Preferred

• Certifications in the areas of Information Security, Cyber Security, Business Continuity and Data Privacy such as CISA, CISSP, CRISC, COMPTIA, ISO 27001/ 27701/ 22301 Lead Auditor or equivalent.

Note: Applicants for employment in the U.S. must possess work authorization which does not require sponsorship by the employer for a visa (H1B or otherwise).
The job entails sitting as well as working at a computer for extended periods of time. Should be able to communicate by telephone, email or face to face.

About Us
Infosys McCamish Systems, ( http://www.infosysbpo.com/mccamish ) located in Atlanta, Georgia, is the Life Insurance and Retirement Services subsidiary of Infosys BPO Limited. ( www.infosysbpo.com ) Infosys McCamish was started in 1985 as a virtual insurance company and went to market as a commercial services provider in 1995. It has an outstanding business perspective and an exemplary track record that no other outsourcer of business solutions can claim - generating US$16 billion of recurring premium in less than five years as a virtual insurance company. Infosys McCamish has expert technology and outsourcing credentials, along with a proven business model for re-engineering systems and performing back-office services at a reduced cost, while reinforcing accuracy, speed and security. Seven of the top ten US insurers are among Infosys McCamish's many BPO clients. Infosys McCamish has its operations spread across Atlanta GA and Des Moines IA in USA.

EOE/Minority/Female/Veteran/Disabled/Sexual Orientation/Gender Identity/National Origin

Client-provided location(s): Atlanta, GA

Job ID: Infosys-135472BR

Employment Type: OTHER

Posted: 2025-12-18T18:38:58