AVP- ISG Risk Manager PCI DSS
Job Purpose: Supporting in continued development and deployment of an effective compliance program in the team. Co-ordination and facilitation with various business and functional owners to ensure implementation of the compliance key risk indicators (KRI) in their respective functions; Co-ordination with Legal, HR, IA, ORM , IT Governance, and other functions for knowledge gathering and subsequent updating of compliance KRI & Risk Framework.
- Should have excellent analytical skills so that they can understand the implications and complexities of different regulations.
- Should have experience and expertise in complete risk management life cycle
- Should be well conversant and hands on to perform risk assessment using ISO 27001:2013, NIST standards
- Should be competent to understand the regulatory compliance requirement like SOX, Data Privacy, HIPPA, PCI DSS
The main responsibilities of an PCI-DSS Security Compliance
To efficiently reply to any compliance related queries arising from the RBI inspector, ORM Team , Internal Audit & IT Governance teams
- To be updated with the relevant instructions and circulars issued by regulatory bodies and circulars pertaining to information security
- To oversee and assess implementation of all regulations through monitoring and testing
- To develop checklist for the assessment of the compliance and operational risk with relevant teams in the information security
- To ensure effectiveness of submissions of regulatory and compliance submissions to internal audit, operational risk and rbi inspectors.
- To ensure the team is compliant with regulatory requirement and expectations driven by ORM, IA, RBI etc..
- Identify potential internal control deficiencies and work with process owners to recommend and implement appropriate process and control improvements to alleviate these weaknesses
- To co-ordinate a liaison during the rbi inspections on annual/ thematic reviews and assist in provisioning of required information from the teams and ensure accuracy in submission of the same.
- To track the issues raised during the inspection and prepare points and assist the team in submission point of contest/ compliance report.
- Prepare comparison data by compiling and analysing internal and external information
- Supports departments by collecting and coordinating internal compliance information with regulator and various departments
- Provides administrative support by implementing systems, procedures and policies, completing projects in support of compliance
- To assist Line Manager in submitting compliance to inspection report and presentation to internal stakeholders
- To develop regulatory relation plans as and when required
- Enhance compliance reputation by accepting ownership for accomplishimg new and different request, exploring opportunities to add value to the job accomplishments.
- To assist Line Manager in timely preparation of the the board notes and reporting
Education & Experience:
- Ability to stay organized, multitask and meet deadlines in a fast paced environment.
- Excellent written, verbal and interpersonal communication skills, must be able to work well with all levels of employees
- 10-12 years or more experience in the information security compliance, audit e Sox, ISO , Privacy
- Knowledge of PCI DSS ,COBIT, ISO27001 standards , BASELII, Risk Assessment and Mitigation, Disaster Recovery, Information Security Audit, MIS
- ISO27001:2005 Information Security Management Systems Lead Implementer
- Five years’ experience in the field of Information Security
- Post graduate in functional area or MBA
- Certifications such as CISA, CISSP, CISM
|Weekends||5 Days a Week|
|Working Hours||Bank Hours|