Specialist Process & Compliance
Bengaluru
Zeta
Zeta is the world’s first Omni Stack for credit cards. A single stack for Origination, Processing, FRM, Rewards, Loans, APIs, and AppsZeta is actively working with the largest Banks and Fintechs in multiple global markets transforming customer experience for multi-million card portfolios.
Zeta has over 1700+ employees - with over 70% roles in R&D - across locations in the US, EMEA, and Asia. We raised $280 million at a $1.5 billion valuation from Softbank, Mastercard, and other investors in 2021.Learn more @ www.zeta.tech, careers.zeta.tech, Linkedin, Twitter
The Role: This role is part of the Information Security Process and Compliance Team of Zeta. The Specialist Process & Compliance of InfoSec Audit and compliance is responsible for preparing and supporting PCIDSS, ISO 27001 and SOC external Audits. Actively participate, strengthen and improve Internal Audit process and provide assurance on internal technology and process compliance. Collaborate with the Cloud and Product security team to drive Risk and compliance goals.
What would you do here?
- Work with internal and external stakeholders to assess the IT architecture or proposed IT architecture solutions to identify the risk areas with regards to PCI controls.
- Assess the network architecture and or reviews the Firewall rulesets, Network devices/appliances to see if they are aligned with the PCI control requirements and recommends compensatory controls where necessary.
- Execute operational activities to support audit and compliance activities including technical validation processes.
- Conduct PCI DSS scoping engagements, gap analysis and assessments related to securing the Cardholder Data Environment.
- Effectively multi-tasks on multiple assignments and deliverables.
- Actively accepts individual and team responsibilities to meet commitments. Takes responsibility for own performance and actions and demonstrates responsibility and teamwork towards overall team/department goals.
- Discuss the SOP document with all relevant stakeholders - right from process owner to the BU functional heads Detailed understanding of SOC reports (SOC2, Type 1, 2), ISMS reports and ability to relate the IT General Controls, IT Application Controls, Cyber Controls to the SOC framework.
- Develop and Maintain Vendor Risk Management /Third Party Risk Management Program including Vendor Onboarding Audit, Periodic Vendor Assessment, Maintain TPRM Database.
- Review and implement controls and policies as per RBI and other regulatory requirements. Maintain ISMS framework, evaluate effectiveness of implemented controls and provides recommendations for improvement.
- Facilitate Client Due - Diligence in collaboration with Business.
- Develop and Maintain Enterprise Risk Assessment framework.
- Perform Internal Assessment against various Standards to ensure the established policies are being followed and prepare internal reports.
- Contract review and providing responses to client Request for Proposal (RFP)
What are we looking for?
- 4 - 7 years of experience in Information Security and Compliance in medium tolarge-sized companies.
- Bachelor of Technology (BE/B.Tech),M.Tech or ME in Computer Science, MCA or equivalent.
- Good Understanding of Technology Risk Assessment Frameworks and Application risk Assessment.
- Good Understanding and hands on experience on PCI DSS Standard and various PCI compliance is must.
- Experience of working in the Banking or Payment sector is preferred.
- Hands-on experience with various Audits and Standards Such as ISMS, SSAE 18, ISO 27001,ISO 31000, ISO 22301, CSA Star, NIST Risk framework, PCI DSS, PCI 3DS, PCI PA-DSS/SSF, PCI S3 etc.
- Good to have Information Security Certifications like CISA, CISM, CISSP etc.
- Experience of Vendor Risk Assessment and responding to client Request for Proposal(RFP).Excellent written and oral communication and penchant for technical documentation
At Zeta, we want you to grow to be the best version of yourself by unlocking the great potential that lies within you. This is why our core philosophy is ‘People Must Grow.’ We recognize your aspirations; act as enablers by bringing you the right opportunities, and let you grow as you chase disruptive goals.
#LifeAtZeta is adventurous and exhilarating at the same time. You get to work with some of the best minds in the industry and experience a culture that values the diversity of thoughts. If you want to push boundaries, learn continuously and grow to be the best version of yourself, Zeta is the place to be! Explore the life at zeta
Zeta is an equal opportunity employer.
At Zeta, we are committed to equal employment opportunities regardless of job history, disability, gender identity, religion, race, marital/parental status, or another special status. We are proud to be an equitable workplace that welcomes individuals from all walks of life if they fit the roles and responsibilities.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Audits Banking CISA CISM CISSP Cloud Compliance Computer Science Firewalls ISMS ISO 22301 ISO 27001 NIST PCI DSS Product security R&D RFPs Risk assessment Risk management S3 SOC SOC 2
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs