29 mar
|
Infosys
|
Santiago
Postúlate en Kit Empleo: kitempleo.cl/empleo/18n16e
- *About Us**
nInfosys is a global leader in next-generation digital services and consulting. We enable clients in more than 50 countries to navigate their digital transformation. With over four decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise, and ideas from our innovation ecosystem.n
Infosys is seeking an engineer for security audits with knowledge on AI. This position will need to develop the following activities:
n
Infosys Chile is looking for a Compliance Program Analyst.
n
Your role will be
nBe a critical part of the ATE Compliance Program, reporting directly to the Compliance Program Lead. Your focus? Understanding client's compliance standards inside and out — and helping the teams around you apply them correctly.n
This role centers on validating that controls are designed and operating effectively across ITGC, ISP, and QMS domains. You'll test controls, review evidence, facilitate audits, field inquiries, support escalations, and contribute to control design conversations — making sure the right standards are understood, applied, and met.
n
You'll also support Quality Management System (QMS) testing for both Integral and Territory-specific controls, including facilitating audit evidence collection, validation, and delivery throughout the year.
n
You won't work in isolation.
You'll partner with IT product teams, security, risk management, QMS resource owners, and internal/external auditors — serving as a knowledgeable, responsive resource who helps teams stay compliant and audit-ready.
n
Your main activities will be:
n
- *ITGC control testing and validation (primary focus)**
- Develop a deep understanding of PwC's Information Security Policy (ISP) and Controls Standard — and help product and technology teams understand and apply the requirements to their environments.
- Test and validate that ITGC controls are designed effectively and operating as intended across key domains — Access Controls, System Development and Change Management, Cyber Security and Data Protection, Service Management, and Resilience.
- Validate controls across:
- **Identity and access management**
n— confirm that provisioning and de-provisioning, privileged access reviews, segregation of duties, and authentication mechanisms are in place and functioning as required.n
- **Change management**
n— verify that SDLC controls, change management procedures, emergency change processes, and application development security controls are designed appropriately and operating effectively.n
- **Cyber security operations**
n— validate that incident management, malware protection, vulnerability and patch management, encryption, certificate administration,
and logging and monitoring controls meet ISP requirements.n
- **Database and network controls**
n— confirm that database configuration and administration, firewall configuration, and system performance monitoring are compliant and evidenced.n
- **Resilience**
n— validate that business continuity and disaster recovery plans have been tested (at a minimum, annually) and that evidence supports compliance.n
- *QMS testing — Global and Territory-specific controls**
- Support QMS control testing for both Global controls (firm-wide standards) and Territory-specific controls (local and regional regulatory and operational requirements).
- Validate that QMS controls are designed effectively and operating as intended across applicable territories — through walkthroughs, sample testing, re-performance, and inspection.
- Review and validate QMS evidence for completeness, accuracy, and audit-readiness. Facilitate evidence delivery to auditors and QMS program owners as needed.
- *Audit facilitation and evidence management**
- Facilitate internal and external audits — SOC 2, ISO 27001, 7216, and internal control reviews — on behalf of the CPL. That means fielding auditor inquiries, coordinating evidence requests, and ensuring smooth execution throughout the audit lifecycle.
- Collect, review, and validate audit evidence to confirm it's complete, accurate, and aligned to the control requirements being tested. If something's missing or insufficient, follow up with control owners to close the gap.
- Maintain audit-ready repositories of evidence, policies, control documentation, and test results — covering both ITGC and QMS testing artefacts.
- Support walkthroughs and access
Postúlate en Kit Empleo: kitempleo.cl/empleo/18n16e
📌 Compliance Program Analyst (Santiago)
🏢 Infosys
📍 Santiago