Specialist II, Governance, Risk and Compliance

Job Title:

Job Description

Role Focus:

This role will be focused on security operations delivery for assigned customer contact centers. Responsibilities include:

• Participating in establishing programs to deter, detect, and mitigate risks.
• Building capabilities to monitor and audit information, evaluate personnel security data, and establish employee awareness.
• Driving assurance tests and supporting both internal and external audits.
• Consulting with business stakeholders to balance compliance with delivering optimal security solutions within contractual, regulatory, and CNX standard limits.
• Engaging in technical discussions and disseminating innovative, out-of-the-box solutions to align security with business needs.
• Leading assurance tests such as security health checks, training, physical security, ID validation, etc., ensuring CNX standards and contractual requirements are met and measured.
• Achieving results through direct interaction as well as influencing other internal groups and individuals.
• Supporting incident response and investigations as required.

Responsibilities:

• Design, implement, and lead a comprehensive risk management strategy for the account.
• Support the program in embedding a risk-aware culture across teams.
• Establish and quantify the program’s risk appetite and ensure adherence to the defined risk approach.
• Conduct horizon scanning to identify and assess emerging risks affecting the business.
• Ensure compliance with contractual, legal, and regulatory obligations while balancing commercial and practical considerations.
• Drive continuous improvement in efficiency and client service (internal and external) within all Risk and Compliance processes.
• Lead, develop, and motivate the Risk and Compliance team to maximize effectiveness.
• Keep senior management informed of contractual, legal, and regulatory changes, outlining obligations and business impact.
• Provide regular reports to senior leadership and relevant functions on current issues and risk-related updates.
• Oversee corporate governance activities, including risk reporting to stakeholders.
• Deliver support, education, and training to staff to strengthen organizational risk awareness.
• Identify opportunities for product and service enhancements, collaborating with key functions to deliver improvements.
• Review time-bound Security Calendar activities and ensure timely closure of related tasks.
• Execute IT Security Operations processes, monitor performance, and implement corrective actions as needed.
• Coordinate and support CNX/Client/Internal/Standards testing (PCI, ISO 27001, SSAE16, etc.).
• Gather customer requirements and contractual obligations, ensuring compliance at the location.
• Facilitate customer audits, assessments, and inspections, including pre-audit preparation, execution, and remediation planning.
• Interpret global security requirements, regulatory frameworks, and cross-country laws to maintain compliance while balancing business needs.
• Build and maintain documentation for all procedures to improve service levels, efficiency, and quality standards.
• Lead a team of Analysts/Senior Analysts or similar roles as required.

Accountability:

Responsible for location/account-level activities, including:

• Implementing and maintaining security practices to protect facilities, information, equipment, and personnel in line with customer requirements.
• Conducting technical and information security activities such as security education, document classification, and records management.
• Ensuring compliance with customer security requirements and enhancing adherence.
• Leading internal assessments for the contact center, covering all customer requirements at defined intervals.
• Providing incident management support to the global security team.
• Supporting customer assessments and ensuring prompt closure of corrective action plans.

Required Skills:

Must-have Technical Skills (Mandatory):

IT and Information Security Risk and Compliance

Good-to-have Technical Skills (Preferred):

• Industry certifications such as CISA, CISM, CISSP, ISO 27001:2022

Soft Skills (Team Fit):

• Strong communication skills
• Effective stakeholder management

Qualifications

• Industry-accredited certifications preferred: CISSP, CISA, CISM, CIPP, CEH, ISO 27001 (Lead Auditor).
• Proven experience in managing security, risk, and compliance functions.
• Demonstrated ability to lead and manage teams effectively.
• Experience in managing remote teams is an added advantage.

Location:

Language Requirements:

Time Type:

If you are a California resident, by submitting your information, you acknowledge that you have read and have access to the Job Applicant Privacy Notice for California Residents