Tech Mahindra represents the connected world, offering innovative and customer-centric information technology experiences, enabling Enterprises, Associates, and the Society to Rise. It has 150,000+ professionals working for 1000+ Global Customers (including Fortune 500 companies) in 90 Countries. We're part of the esteemed Mahindra group, headquartered in India. Under a new CEO, Tech Mahindra is committed to a transformative journey with Scale @ Speed as our guiding principle.
GRC Complianc
eAudit and Compliance Participatio
- nInternal and External Audits: Participate in internal and external audits (ISMS, IT, Finance, PCI DSS, etc.), including the gathering of audit documentation, data, and evidence
- .Audit Follow-up: Follow up on recurring or new risks, issues, and irregularities discovered during audits and identify opportunities for improvement (OFIs)
.
Security Control Alignme
- ntSecurity Control Review: Establish that the Client's security controls align with the defined policies, standards, and procedures to maintain the security of information systems and dat
- a.Gap Analysis: Perform gap analysis to compare the Cliient's current security practices with compliance standards, identifying areas of non-compliance and suggesting improvement
s.
Security and Compliance Framewo
- rksFramework Review: Assist the Client in reviewing existing compliance frameworks (e.g., NIST, ISO 27001, GDPR, etc.) and ensure compliance with regulatory requirements and best practic
- es.
Compliance Audits: Conduct internal compliance audits to ensure adherence to security standards and framewo
rks.
Vulnerability and Patch Manag
- ementVulnerability Scanning: Ensure all assets are thoroughly scanned for vulnerabilities, both vendor-supported and non-vendor-supported assets. Review scan results for remediation trac
- king.Patch Management: Identify assets that need to be patched, monitor patch releases, and ensure timely application of patches without disrupting critical sys
- tems.Hardening & Configuration: Review and develop security baselines for asset hardening based on industry best pract
ices.Audit Findings and Remedi
- ationRemediation Tracking: Track the remediation of security audit findings, vulnerabilities, and issues until resolution, ensuring timely clo
- sure.Security Audits Reporting: Generate monthly/quarterly audit reports that detail remediation progress and security find
ings.
