Senior Manager/AVP - PCI DSS - BFSI

Supporting in continued development and deployment of an effective compliance program in the team. Co-ordination and facilitation with various business and functional owners to ensure implementation of the compliance key risk indicators (KRI) in their respective functions;

- Co-ordination with Legal, HR, IA, ORM, IT Governance, and other functions for knowledge gathering and subsequent updating of compliance KRI & Risk Framework.

Description :

- Should have excellent analytical skills so that they can understand the implications and complexities of different regulations.

- Should have experience and expertise in complete risk management life cycle

- Should be well conversant and hands on to perform risk assessment using ISO 27001:2013, NIST standards

- Should be competent to understand the regulatory compliance requirement like SOX, Data Privacy, HIPPA, PCI DSS

The main responsibilities of an PCI-DSS Security Compliance :

- To efficiently reply to any compliance related queries arising from the RBI inspector, ORM Team, Internal Audit & IT Governance teams

- To be updated with the relevant instructions and circulars issued by regulatory bodies and circulars pertaining to information security

- To oversee and assess implementation of all regulations through monitoring and testing

- To develop checklist for the assessment of the compliance and operational risk with relevant teams in the information security

- To ensure effectiveness of submissions of regulatory and compliance submissions to internal audit, operational risk and rbi inspectors.

- To ensure the team is compliant with regulatory requirement and expectations driven by ORM, IA, RBI etc..

- Identify potential internal control deficiencies and work with process owners to recommend and implement appropriate process and control improvements to alleviate these weaknesses

- To co-ordinate a liaison during the rbi inspections on annual/ thematic reviews and assist in provisioning of required information from the teams and ensure accuracy in submission of the same.

- To track the issues raised during the inspection and prepare points and assist the team in submission point of contest/ compliance report.

- Prepare comparison data by compiling and analysing internal and external information

- Supports departments by collecting and coordinating internal compliance information with regulator and various departments

- Provides administrative support by implementing systems, procedures and policies, completing projects in support of compliance

- To assist Line Manager in submitting compliance to inspection report and presentation to internal stakeholders

- To develop regulatory relation plans as and when required

- Enhance compliance reputation by accepting ownership for accomplishing new and different request, exploring opportunities to add value to the job accomplishments.

- To assist Line Manager in timely preparation of the the board notes and reporting

Education & Experience :

Minimum Experience :

- Ability to stay organized, multitask and meet deadlines in a fast paced environment

- Excellent written, verbal and interpersonal communication skills, must be able to work well with all levels of employees

- 10-12 years or more experience in the information security compliance, audit i.e Sox, ISO, Privacy

- Knowledge of PCI DSS, COBIT, ISO27001 standards, BASELII, Risk Assessment and Mitigation, Disaster Recovery, Information Security Audit, MIS

Minimum education :

- ISO27001:2005 Information Security Management Systems Lead Implementer

- Five years- experience in the field of Information Security

- Post graduate in functional area or MBA

- Certifications such as CISA, CISSP, CISM