GRC Professional (PCI DSS Compliance and Risk Management)
Noida, Uttar Pradesh
About US:
Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm’s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology
Experience: 5-10 yearsIndustry: Fintech/Payments
Job Summary:We seek a seasoned GRC Professional with deep expertise in PCI DSS compliance and risk management. The successful candidate will oversee the design, implementation, and management of PCI DSS-compliant frameworks, ensuring secure and compliant payment operations. This role requires a thorough understanding of payment security, regulatory requirements, and risk mitigation strategies within the fintech industry.
Key Responsibilities:PCI DSS Compliance:Lead the organization’s efforts to achieve and maintain PCI DSS certification. PIC-PIN, PCI S3 and PCI P2PEDevelop, implement, and enforce policies and procedures to comply with PCI DSS requirements, including the 12 core domains (e.g., firewall configurations, encryption, secure system development).Act as the primary liaison with Qualified Security Assessors (QSAs) and other auditors during compliance audits.Conduct periodic PCI DSS gap analyses, audits, and readiness assessments to identify non-compliance areas and recommend corrective actions.Ensure secure payment transaction processes across all environments (e.g., cardholder data environments, payment gateways, and point-of-sale systems).Risk Management:Identify, assess, and mitigate risks associated with payment security, focusing on cardholder data protection.Implement risk treatment plans in alignment with PCI DSS risk management guidelines.Monitor and report on key risk indicators (KRIs) for payment environments.Ensure robust incident response planning, testing, and execution as per PCI DSS requirements.Data Security:Collaborate with IT and DevOps teams to ensure compliance with PCI DSS requirements for encryption, tokenization, and secure transmission of cardholder data.Oversee the implementation and management of access control measures to restrict access to cardholder data based on business need-to-know.Monitor logging and monitoring systems to detect and respond to potential security breaches as required by PCI DSS Requirement 10.Training and Awareness:Develop and deliver PCI DSS compliance training for employees, focusing on secure handling of payment card data.Promote a culture of payment security awareness across the organization.
Required Qualifications:Education: Bachelor’s degree in IT, Cybersecurity, Risk Management, or related fields.Certifications:Mandatory: PCI Professional (PCIP) or PCI DSS Implementer.Preferred: CISA, CISSP, or CISM.Experience:5-10 years in governance, risk, and compliance roles, with significant experience in PCI DSS compliance programs.Proven track record in managing audits and certification processes related to payment security.
Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm’s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology
Experience: 5-10 yearsIndustry: Fintech/Payments
Job Summary:We seek a seasoned GRC Professional with deep expertise in PCI DSS compliance and risk management. The successful candidate will oversee the design, implementation, and management of PCI DSS-compliant frameworks, ensuring secure and compliant payment operations. This role requires a thorough understanding of payment security, regulatory requirements, and risk mitigation strategies within the fintech industry.
Key Responsibilities:PCI DSS Compliance:Lead the organization’s efforts to achieve and maintain PCI DSS certification. PIC-PIN, PCI S3 and PCI P2PEDevelop, implement, and enforce policies and procedures to comply with PCI DSS requirements, including the 12 core domains (e.g., firewall configurations, encryption, secure system development).Act as the primary liaison with Qualified Security Assessors (QSAs) and other auditors during compliance audits.Conduct periodic PCI DSS gap analyses, audits, and readiness assessments to identify non-compliance areas and recommend corrective actions.Ensure secure payment transaction processes across all environments (e.g., cardholder data environments, payment gateways, and point-of-sale systems).Risk Management:Identify, assess, and mitigate risks associated with payment security, focusing on cardholder data protection.Implement risk treatment plans in alignment with PCI DSS risk management guidelines.Monitor and report on key risk indicators (KRIs) for payment environments.Ensure robust incident response planning, testing, and execution as per PCI DSS requirements.Data Security:Collaborate with IT and DevOps teams to ensure compliance with PCI DSS requirements for encryption, tokenization, and secure transmission of cardholder data.Oversee the implementation and management of access control measures to restrict access to cardholder data based on business need-to-know.Monitor logging and monitoring systems to detect and respond to potential security breaches as required by PCI DSS Requirement 10.Training and Awareness:Develop and deliver PCI DSS compliance training for employees, focusing on secure handling of payment card data.Promote a culture of payment security awareness across the organization.
Required Qualifications:Education: Bachelor’s degree in IT, Cybersecurity, Risk Management, or related fields.Certifications:Mandatory: PCI Professional (PCIP) or PCI DSS Implementer.Preferred: CISA, CISSP, or CISM.Experience:5-10 years in governance, risk, and compliance roles, with significant experience in PCI DSS compliance programs.Proven track record in managing audits and certification processes related to payment security.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
1
1
0
Category:
Compliance Jobs
Tags: Audits CISA CISM CISSP Compliance DevOps Encryption FinTech Firewalls Governance Incident response Monitoring PCI DSS Risk management S3
Region:
Asia/Pacific
Country:
India
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Cloud Security Engineer jobsSenior Security Analyst jobsInformation System Security Officer jobsInformation Security Manager jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsCyber Security Specialist jobsSecurity Specialist jobsSenior Penetration Tester jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsSystems Engineer jobsIT Security Analyst jobsSystems Administrator jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Product Security Engineer jobsStaff Security Engineer jobsSecurity Operations Analyst jobsCybersecurity Specialist jobs
Forensics jobsCI/CD jobsKubernetes jobsEncryption jobsSDLC jobsIDS jobsSaaS jobsSplunk jobsEDR jobsIPS jobsBash jobsOWASP jobsRMF jobsSQL jobsTop Secret jobsIntrusion detection jobsCompTIA jobsThreat detection jobsFinance jobsITIL jobsDocker jobsDoDD 8570 jobsCRISC jobsActive Directory jobsVPN jobs
OSCP jobsGIAC jobsBanking jobsTCP/IP jobsUNIX jobsHIPAA jobsTerraform jobsSANS jobsClearance Required jobsSOX jobsIT infrastructure jobsMITRE ATT&CK jobsSOC 2 jobsCISO jobsIndustrial jobsJavaScript jobsDNS jobsCCSP jobsData Analytics jobsJira jobsPolygraph jobsAnsible jobsSOAR jobsSecurity strategy jobsCyber defense jobs