Risk and Compliance-Cyber Security at EXL South Africa

Job Description

• We are seeking an Information Security professional to join our team and lead initiatives across cyber risk management, security governance, and business continuity.
• The role will be responsible for strengthening security posture and resilience of critical business operations.

Responsibilities

• Serve as the focal point for fulfilling Information Security responsibilities for geography
• Manage deliverables such as RFP/RFI responses, contract reviews (MSAs), risk assessments, and other client-specific security requirements and/or documentation
• Support internal audits and ISO assessments
• Liaison between Business Units and internal teams to collaborate on Cyber Security and Business Continuity requirements
• Monitor and report cyber KRIs/KPIs and coordinate action plans with accountable owners
• Work with Business to create and update Business Continuity Plans, and assist in conducting Business Impact Assessments (BIA)
• Plan and coordinate Cyber and BCP drills; document test outcomes and follow up with teams on improvement actions
• Engage actively with the Crisis Management Teams to effectively manage business disrupting events with minimal business impact 
• Conduct and maintain geo wise and BU-level risk assessments; identify, rate, and track residual risk.
• Own the BU wise, Geo focused risk register; ensure items are reflected in the enterprise GRC platform and escalate
• Lead BIA for BU-critical processes; ensure security dependencies are reflected in BCP/DR.
• Advise on risk acceptance, transfer, and residual risk decisions; ensure documented sign-off.
• Co-ordinate regulatory examination readiness for Sout Africa-scoped audits; serve as security point of contact for regulators where delegated.
• Serve as BU liaison during security incidents; co-ordinate containment and stakeholder communication with CISO office and CDC.
• Own Geo wise-specific security awareness campaigns tailored to the LoB threat landscape and workforce profile.
• Report on effectiveness metrics (phishing simulation rates, training completion, policy attestation)
• Champion security-by-design culture within LoB product, technology, and operations teams.

Qualifications

• Bachelor’s or Master’s degree in Computer Science, Information/Cyber Security, or related field
• Overall experience 8+ years with proven experience (3+ years) in Cyber Security and Business Continuity
• Certification from the international body- ISO 27001 , ISO22301 preferred