AVP- ISG Risk Manager PCI DSS

Full Time
Mumbai
Posted 3 years ago

Job Description,

Job Purpose: Supporting in continued development and deployment of an effective compliance program in the team. Co-ordination and facilitation with various business and functional owners to ensure implementation of the compliance key risk indicators (KRI) in their respective functions; Co-ordination with Legal, HR, IA, ORM , IT Governance, and other functions for knowledge gathering and subsequent updating of compliance KRI & Risk Framework.

Description:

  • Should have excellent analytical skills so that they can understand the implications and complexities of different regulations.
  • Should have experience and expertise in complete risk management life cycle
  • Should be well conversant and hands on to perform risk assessment using ISO 27001:2013, NIST standards
  • Should be competent to understand the regulatory compliance requirement like SOX, Data Privacy, HIPPA, PCI DSS

The main responsibilities of an PCI-DSS Security Compliance

 To efficiently reply to any compliance related queries arising from the RBI inspector, ORM Team , Internal Audit & IT Governance teams

  • To be updated with the relevant instructions and circulars issued by regulatory bodies and circulars pertaining to information security
  • To oversee and assess implementation of all regulations through monitoring and testing
  • To develop checklist for the assessment of the compliance and operational risk with relevant teams in the information security
  • To ensure effectiveness of submissions of regulatory and compliance submissions to internal audit, operational risk and rbi inspectors.
  • To ensure the team is compliant with regulatory requirement and expectations driven by ORM, IA, RBI etc..
  • Identify potential internal control deficiencies and work with process owners to recommend and implement appropriate  process and control improvements to alleviate these weaknesses
  • To co-ordinate a liaison during the rbi inspections on annual/ thematic reviews and assist in provisioning of required information from the teams and ensure accuracy in submission of the same.
  • To track the issues raised during the inspection and prepare points and assist the team in submission point of contest/ compliance report.
  • Prepare comparison data by compiling and analysing internal and external information
  • Supports departments by collecting and coordinating internal compliance information with regulator and various departments
  • Provides administrative support by implementing systems, procedures and policies, completing projects in support of compliance
  • To assist Line Manager in submitting compliance to inspection report and presentation to internal stakeholders
  • To develop regulatory relation plans as and when required
  • Enhance compliance reputation by accepting ownership for accomplishimg new and different request, exploring opportunities to add value to the job accomplishments.
  • To assist Line Manager in timely preparation of the the board notes and reporting

Education & Experience:

Minimum Experience:

  • Ability to stay organized, multitask and meet deadlines in a fast paced environment.
  • Excellent written, verbal and interpersonal communication skills, must be able to work well with all levels of employees
  • 10-12 years or more experience in the information security compliance, audit e Sox, ISO , Privacy
  • Knowledge of PCI DSS ,COBIT, ISO27001 standards , BASELII, Risk Assessment and Mitigation, Disaster Recovery, Information Security Audit, MIS

Minimum education:

  • ISO27001:2005 Information Security Management Systems Lead Implementer
  • Five years’ experience in the field of Information Security
  • Post graduate in functional area or MBA
  • Certifications such as CISA, CISSP, CISM

Job Features

Job CategoryBank
Weekends5 Days a Week
Working HoursBank Hours

Apply Online

A valid phone number is required.
A valid email address is required.