Job Description,

Job Purpose: Supporting in continued development and deployment of an effective compliance program in the team. Co-ordination and facilitation with various business and functional owners to ensure implementation of the compliance key risk indicators (KRI) in their respective functions; Co-ordination with Legal, HR, IA, ORM , IT Governance, and other functions for knowledge gathering and subsequent updating of compliance KRI & Risk Framework.

Description:

• Should have excellent analytical skills so that they can understand the implications and complexities of different regulations.
• Should have experience and expertise in complete risk management life cycle
• Should be well conversant and hands on to perform risk assessment using ISO 27001:2013, NIST standards
• Should be competent to understand the regulatory compliance requirement like SOX, Data Privacy, HIPPA, PCI DSS

The main responsibilities of an PCI-DSS Security Compliance

 To efficiently reply to any compliance related queries arising from the RBI inspector, ORM Team , Internal Audit & IT Governance teams

• To be updated with the relevant instructions and circulars issued by regulatory bodies and circulars pertaining to information security
• To oversee and assess implementation of all regulations through monitoring and testing
• To develop checklist for the assessment of the compliance and operational risk with relevant teams in the information security
• To ensure effectiveness of submissions of regulatory and compliance submissions to internal audit, operational risk and rbi inspectors.
• To ensure the team is compliant with regulatory requirement and expectations driven by ORM, IA, RBI etc..
• Identify potential internal control deficiencies and work with process owners to recommend and implement appropriate  process and control improvements to alleviate these weaknesses
• To co-ordinate a liaison during the rbi inspections on annual/ thematic reviews and assist in provisioning of required information from the teams and ensure accuracy in submission of the same.
• To track the issues raised during the inspection and prepare points and assist the team in submission point of contest/ compliance report.
• Prepare comparison data by compiling and analysing internal and external information
• Supports departments by collecting and coordinating internal compliance information with regulator and various departments
• Provides administrative support by implementing systems, procedures and policies, completing projects in support of compliance
• To assist Line Manager in submitting compliance to inspection report and presentation to internal stakeholders
• To develop regulatory relation plans as and when required
• Enhance compliance reputation by accepting ownership for accomplishimg new and different request, exploring opportunities to add value to the job accomplishments.
• To assist Line Manager in timely preparation of the the board notes and reporting

Education & Experience:

Minimum Experience:

• Ability to stay organized, multitask and meet deadlines in a fast paced environment.
• Excellent written, verbal and interpersonal communication skills, must be able to work well with all levels of employees
• 10-12 years or more experience in the information security compliance, audit e Sox, ISO , Privacy
• Knowledge of PCI DSS ,COBIT, ISO27001 standards , BASELII, Risk Assessment and Mitigation, Disaster Recovery, Information Security Audit, MIS

Minimum education:

• ISO27001:2005 Information Security Management Systems Lead Implementer
• Five years’ experience in the field of Information Security
• Post graduate in functional area or MBA
• Certifications such as CISA, CISSP, CISM