3+ PCI DSS Jobs in India

About Shopalyst: 

Shopalyst offers a Discovery Commerce platform for digital marketers. Combining data, AI and deep integrations with digital media and e-commerce platforms, Shopalyst connects people with products they love. More than 500 marquee brands leverage our SaaS platform for data driven marketing and sales in 30 countries across Asia, Europe and Americas. We have offices in Fremont CA, Bangalore, and Trivandrum. Our company is backed by Kalaari Capital. 

  Key responsibilities

• Ensure compliance with all applicable regulatory requirements, including SOC2, ISO 27001, PCI DSS, GDPR rules and guidelines.
• Develop and implement compliance policies, procedures, and programs.
• Conduct regular compliance reviews and audits to identify areas of improvement.
• Collaborate with other departments to ensure effective implementation of compliance measures.
• Work with external vendors to ensure compliance adherence
• Maintain up-to date compliance records and provide them to Sales, Marketing, Internal and External Customers on a need-to-know basis
• Provide training and education on compliance matters to staff and stakeholders.
• Monitor market trends and regulatory developments to stay informed of potential risks or issues.

Requirements

Job Requirements

• Strong knowledge of audit and regulatory compliance to ensure the security, privacy, and reliability of SaaS services in a global market.
• Familiarity with ISO 27001, PCI DSS, GDPR rules and guidelines.
• Ability to work collaboratively with cross-functional teams.
• Strong analytical skills and attention to detail.
• Bachelor's degree in a related field preferred but not required.
• Experience in Leading Software Project Teams desired but not mandatory.

Additional Notes : 

At Shopalyst, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business. 

• Provide cybersecurity consulting services to various clients of Crossbow Labs.

• Conduct interviews with clients, review client documents for compliance, write compliance reports, and prepare and deliver briefings.

• Travel to client locations to assess and validate physical and technical controls necessary to maintain compliance.

• Review network architecture, hardening of multiple operating systems, malware protection, IDS/IPS, IT controls, network and system monitoring, and protection methods.

• Work closely with clients to assess their IT security posture, identify weaknesses and vulnerabilities in relation to the PCI-DSS security framework, ISO, and other compliance standards.

• Develop compliance procedures and documentation for the PCI program.

• Conduct training sessions for clients and internal teams on PCI DSS and other cybersecurity standards and regulations.

Skills and Competencies:

• Strong technical understanding of networks, servers, workstations, and applications.

• Proficiency in the PCI DSS v3.2.1 and PCI DSS v4.0 security standard.

• Good comprehension of the ISO 27001 standard.

• Ability to conduct Risk Management, Business Continuity Planning (BCP), and Disaster Recovery (DR) reviews.

• Capability to perform network architecture reviews.

• Capability to perform system configuration reviews for operating systems (Windows & Linux), servers, databases, routers/switches, and firewalls.

• Ability to conduct firewall/network rules reviews.

• Ability to conduct application architecture reviews, review application security controls, and perform application code reviews.

• Familiarity with cloud-based hosting solutions such as Microsoft Azure and AWS.

• Strong team collaboration skills and client relationship management.

• Excellent oral and written communication skills.

• Ability to work both independently and in collaborative environments to meet delivery obligations.

• Commitment to continuous learning and staying updated with current news and trends in the cybersecurity space.

Education Qualification

BCA / B.Tech / B.Sc – Computers Science / B.Sc - Information Security / M.Sc – Information Security.

Certifications (Preferred)

PCI QSA / ISO 27001 / CISSP / CISM / CISA

• Establish, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program
• Work directly with the business units to facilitate risk assessment and risk management processes
• Develop and enhance an information security management framework
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
• Provide leadership to the enterprise's information security organization
• Partner with business stakeholders across the company to raise awareness of risk management concerns
• Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
• Conduct regular internal audits in compliance with applicable legal and contractual requirements, ISO 27001 and PCI DSS requirements and companies internal requirements
• Conduct regular Management reviews and update the management on information security aspects. The MRMs shall also focus on drawing Management attentions to the key areas for required management actions.
• CISO is also responsible to ensure customer audits as well as re-certification and surveillance audits and successful.
• Coordinate with relevant stakeholders to address the NC closures.
• CISO shall ensure the information incidents are responded and resolved on time to ensure compliance with legal and contractual requirements.

• Degree in business administration or a technology-related field required.
• Professional security management certification
• Minimum of 5 years of experience in a combination of risk management, information security and IT jobs
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and PCI DSS.
• Excellent written and verbal communication skills and high level of personal integrity
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
• Experience with contract and vendor negotiations and management including managed services.
• Specific experience in Agile (scaled) software development or other best in class development practices.
• Experience with Cloud computing/Elastic computing across virtualized environments.