Compliance Specialist

The purpose of this role is to ensure compliance with quality and information security standards by embedding policies, monitoring effectiveness, and driving continuous process improvements. Support risk management, data privacy, and business continuity while enhancing overall operational excellence.Compliance Specialist

Education:

• Bachelor’s degree in business, Industrial Engineering, or equivalent experience

• Master’s degree in business management an advantage

Experience:

• Minimum of 1 year’s business process excellence experience in a Call Center industry

• Knowledge in ISO, COPC, Six Sigma or other global certification bodies

• Knowledge on the on frameworks that provide support for information security governance (e.g., ISO27001)

Mandatory Skills:

• Project Management abilities

• Management and leadership skills

• Business Planning skills

• Risk Management Skills

• Budget Management skills

• People Management and Development skills

• Time Management skills

• Negotiating skills

• Problem Solving skills

• Decision-making skills

• Communication skills

• Presentation skills

Preferred Skills:

• In-depth understanding of the Contact Center Industry

• Ability to identify and evaluate growth opportunities

• Ability to lead the company’s Strategic planning process and goal setting

• Ability to manage external partners and vendors

• People Management

• Strategic Planning

• Business Planning

• Budget Management

Roles & responsibilities:
Certification

• Responsible in ensuring that Policies and Standards of the QISMS and other business process excellence and client’s programs are embedded in the day-to-day operations of the assigned site.

• Manage, monitor and evaluate effectiveness of QISMS

• Leads the quality and continuous process improvement efforts by working closely with concerned groups to identify areas for improvement and best practices.

• Develops audit work plan and timeline

• Assesses the adequacy of in-place quality and security controls, policies, and procedures, reviews effectiveness incompliance with the ISO9001:2000 and ISO27001 standards and other Management and Control Frameworks such as PCI, ITSM.

• Acts as a Deputy QMR in policy development, resource management, performance measurement and value delivery of Quality and Information Security Governance within the scope of the of an Integrated Quality (ISO 9001, Six Sigma, COPC) and Information Security Management System (ISO27001, PCI, ITSM)

• Provides support in the Risk Management System of the organization by guiding and validating the risks and appropriate controls associated with the identified assets.

• Actively participate with operating units in root-cause analysis for corrective actions to be taken

• Continually communicate with top management for updates and improvements

• Handles other Quality and Process Excellence initiatives.

Information Security Management

• Develop security strategy, oversee security program and initiatives, liaise with business Process Owners to ongoing alignment.

• Enforce policy and regulatory compliance.

• Monitors utilization and effectiveness of security resources.

• Develops and implements monitoring and metrics approaches of security initiatives.

• Conducts awareness campaign to all affected by the security policy and ensures Process Owners maintenance of the processes.

• Monitors the ability of the Process Owners in holding functional roles that can promote awareness of the policy and conduct internal security reviews to see if they are in compliance.

• Monitors policy violations and other security vulnerabilities or risk detected.

• Develops methods for knowledge capture and dissemination, develop metrics for effectiveness and efficiency.

• Recommends to Audit and Certification Head changes to policy.

• Identify business processes and assurance providers. Liaise with other assurance providers and ensures that gaps and overlaps are identified and addressed.

• Ensures that Business Continuity Plan are periodically and successfully tested.

Process Audit

• Design and develop process audit checklist

• Develop process audit work plan and timeline

• Oversee process audit

• Review audit results, and reviews effectiveness of action plans.

Document Control

• Leads the overall documentation and control system; defines the controls needed for the identification, storage, protection, retrieval, retention and disposition of documents and records

Information Management

• Establish a reporting system that will provide top management with timely, accurate and comprehensive information

• Oversee document control process and results

Systems and Procedures

• Review and recommend improvement to Sagility’ s policies, procedures, rules and regulation

• Design measurement schemes for system performance vs. standards

• Lead the QISMS training which includes QISMS portal overview and ISO standards.

• Continuously review and evaluate applicability of the standard procedures

Data Privacy

• Support the Data Privacy Officer in implementing data privacy controls and best practices to comply with the Data Privacy Act of 2012.

General Safety and Security Responsibilities

• Protects the organization’s assets thru upholding the principles of the Quality Information Security Management System (QISMS).

• Ensures confidentiality, integrity, and availability of information critical to fulfilling the organizations business functions.

Quezon City, Bridgetowne ZetaPhilippines