Job
Description
Role: Risk Assurance
Location: Bangalore / Pune / Noida / Gurgaon
Notice Period: 30 days Max
Experience: 3 to 7 Years
Main Skills: Risk Assurance, ISO 27001, PCI DSS, Internal Audits
Roles and Responsibilities
- Full oversight/ownership of all Original Fiserv PCI-DSS Assessments
- Assist all Business Units and Functional Teams in-scope for PCI-DSS with:
- Scheduling
- Compliance Project Management
- Scoping
- Facilitation of engagements
- Assist in Identification of SMEs
- Remediation effort and Assistance when needed
- Advisory
- Identify compliance issues and ensure appropriate team is engaged for remediation
- Assist in all levels of PCI DSS Program Reporting to Senior Management
- Work with third-party auditors to facilitate onsite assessments
- Educate third-party auditors on the Fiserv business
- Assist with PCI DSS Audit planning, scheduling and scope
- Plan, conduct and establish remediation plans for PCI Assessments and track status of the findings to completion.
- Coordinate with SMEs pan Fiserv to ensure adherence to program requirements
- Collect and manage evidence for PCI DSS compliance audits via AER and Archer based tools (RFI Engine, Assertion Tool and SharePoint)
- Assist in identifying remediation solutions and provide recommendations to appropriate teams to address potential or identified gaps
- Identify and recommend changes/improvements in procedures, processes and scope of delivery
- Provide Management guidance and expertise for all PCI gaps to our business unit partners supporting in-scope environments for PCI-DSS Compliance
- Reduce Fiservs overall PCI-DSS scope where possible via taking lead on remote scoping practices and procedures and identifying potential modifications for program enhancement
- Design and develop internal operation plan and strategy to assist in streamlining the PCI-DSS assessments which will lead to improvements for increased audit visibility and adherence
- Build and Manage SharePoint pages for the TPA PCI team. TPA BEST and AER
- Review and provide evidence that is deemed global, although not provided by Cyber or FTS (i.e.: terminations at the local level, etc.)
- Monitor and update TPA Tracker when updates to gaps are received
- Education and training as required
- Compose or assist in the composition of Compensating Control
- Process/Procedure documentation
- Facilitate/attend meetings with teams/QSAs as required
- Monitor/Update RFIs
Additional:
- Financial services experience, including working in highly regulated environments
- Experience in performing or supporting third party oversight engagements such as:
- FFIEC federal examinations
- PCI-DSS assessments
- Internal Information Technology Audits
- Knowledge of ISO 27001, ITIL
- Ability to interact across all levels of management
- Attention to detail with a commitment to high-quality standards
- A successful track record for delivering results in a timely manner
Pune, Bangalore/Bengaluru, Delhi / NCR