DUTIES & RESPONSIBILITIES:

Process Owner

• Responsible for effective deployment of the organizational HIPAA policy and PCI DSS.
• Agrees to specific roles and responsibilities for the establishment, documentation and implementation of ISMS within the area of responsibility.
• Identifies specific methodologies and processes for information security
• Monitors and reviews the effectiveness of the documented management system and ensures that all security procedures within the area of responsibility are carried out correctly to ensure compliance with security policies and standards.
• Responsible in providing resource and implementing the controls.
• Identifies the risks and appropriate controls associated with the identified assets.
• Reviews information security incidents.
• Assesses the adequacy and coordinates the implementation of specific information security within the area of responsibility.
• Promotes visibility of business support for information security throughout the organization.
• Conducts regular updates on the organization policies and procedures.

For QMS:

• Perform regular process audit in adherence to set procedures and streamlining of processes
• Report audit results and corrective actions to lead auditor
• Ensure implementation of quality system
• 燙onduct internal quality audits, report results, monitor actions, and ensure that all audited non-conformances are followed-up and closed.
• Recommend specific methodologies and processes for quality improvement.
• Apply audit principles, procedures & techniques
• Attend to the training requirements of QISMS.

For ISMS:

• Perform regular process/compliance audits in adherence to set procedures and security policies, regulatory/contractual requirements, and the ISMS standards.
• Ensure implementation of information security management system.
• Conduct internal information security audits, report results, monitor actions, and ensure that all audited non-conformances are followed-up and closed.
• Recommend specific methodologies and processes for information security improvement.
• Provide assistance to the support groups (HR, BAED and IT) by conducting assessments on their compliance to local and international regulatory requirements as well as client/contractual requirements.
• Maintain the confidentiality & security of information
• Verify the risks and appropriate controls associated with the identified assets.
• Apply audit principles, procedures & techniques
• conduct evaluations on the performance of Evacuation Drills/Fire Drills
• Attend to the training requirements of QISMS.

Process Improvement

• Offers suggestion for continuous improvement of processes and systems.

Work at Home Responsibilities

• Be familiar with and abide to all Sagility general security and Work @ Home security policies and procedures.
• Be familiar with and abide by all client security policies and procedures required to protect customer data.
• Maintain the security of the at home work environment and protect the assets of the Sagility provided equipment, the client systems and data.
• Ensuring that all security related incidents are reported
• Shall work on the same Internet Connection that was tested during the setup process. If changes are made to the current Internet Connection or router during the course of application or employment, Employee will be required to notify the appropriate parties in advance and retest the connection to ensure the requirements are met.
• Must immediately report system performance problems or downtime to your manager and the local IT SPOC.

General Safety and Security

• Protects the organization?s assets by upholding the principles of the Quality Information Security Management System (QISMS).
• Ensures confidentiality, integrity, and availability of information critical to fulfilling the organization?s business functions.