Responsible for supporting the improvement of IT governance, risk management, compliance, and privacy practices across the HCL IT environment.

The role assists in ensuring adherence to HCL-defined policies, procedures, and control frameworks by supporting internal IT reviews, assessments, and audits aligned with global standards and regulatory requirements.

This position contributes to audit and assessment activities across multiple frameworks such as ISO 27001, ISO 27701, ISO 22301, ISO 20000-1, ISO 9001, SOC 1, SOC 2, PCI DSS, and enterprise risk and privacy assessments. The role also supports compliance efforts related to global data protection and privacy regulations, including India’s Digital Personal Data Protection (DPDP) Act, EU GDPR, UK GDPR, CCPA/CPRA, HIPAA Privacy Rule, LGPD (Brazil), and other applicable regional privacy laws.

The role focuses on individual deliverables, including collecting and validating audit and privacy evidence, tracking risks and compliance gaps, supporting remediation activities, and coordinating with various IT teams under guidance.

Audit, Compliance, and Governance Support

• Support internal IT reviews, assessments, and audits across frameworks such as ISO 27001, ISO 27701, ISO 22301, ISO 20000-1, SOC 1, SOC 2, PCI DSS, IT risk assessments, and privacy assessments.
• Assist in monitoring the implementation of IT controls in alignment with HCL policies, procedures, and governance requirements.
• Help maintain alignment and consistency of controls across multiple standards, frameworks, and regulatory requirements under guidance.

Audit & Assessment Support

• Coordinate with IT teams and stakeholders to support audit and assessment activities.
• Collect, organize, document, and maintain IT policies, procedures, records, and evidence using HCL-approved tools and repositories.
• Perform preliminary reviews of audit and privacy evidence to ensure completeness and alignment with defined requirements before submission.
• Assist in documenting audit observations, findings, or non-conformities and communicating them to relevant stakeholders.
• Track corrective and preventive actions and support follow-ups to ensure timely closure.
• Prepare basic status updates and reports on audit progress and remediation activities.

Operations and Risk Support

• Support day-to-day compliance and audit operations to meet defined timelines and service-level expectations.
• Assist in identifying potential IT, compliance, and privacy risks and escalate concerns to senior team members as needed.
• Contribute to audit readiness activities, regulatory reporting response preparation under supervision.
• Maintain accurate records and documentation to support transparency, audit readiness, and continuous improvement.