Manager - Process & Compliance

About Zeta
Zeta is a Next-Gen Banking Tech company that empowers banks and fintechs to launch banking products for the future. It was founded by Bhavin Turakhia and Ramki Gaddipati in 2015.Our flagship processing platform - Zeta Tachyon - is the industry’s first modern, cloud-native, and fully API-enabled stack that brings together issuance, processing, lending, core banking, fraud & risk, and many more capabilities as a single-vendor stack. 15M+ cards have been issued on our platform globally.Zeta is actively working with the largest Banks and Fintechs in multiple global markets transforming customer experience for multi-million card portfolios. Zeta has over 1700+employees - with over 70%roles in R&D - across locations in the US,EMEA, and Asia. We raised$280 million at a$1.5 billion valuation from Softbank, Mastercard, and other investors in 2021.Learn more @www.zeta.tech,careers.zeta.tech,Linkedin,Twitter

The Role
This role is part of the Information Security Process and Compliance Team of Zeta. The Manager  Process & Compliance of InfoSec Audit and compliance is responsible for preparing and supporting PCIDSS, ISO 27001 and SOC external Audits. Actively participate, strengthen and improve Internal Audit process and provide assurance on internal technology and process compliance. Collaborate with the Cloud and Product security team to drive Risk and compliance goals

Responsibilities

• Responsible for Information Security controls & compliance of Zeta SaaS solutions & services of Major key account customers.
• Drive periodic technical assessments & validations of the security controls & compliance.
• Work with various levels of stakeholders within Zeta such as SREs, SDEs, OU heads, Product or Program managers, product engineers and cloud security engineers to maintain the SaaS application and cloud environment security posture at the higher standard.
• Ensure cyber risks are mitigated and tracked for closure.
• Drive Infosec and compliance audits and ensure compliance.
• Work closely with the customer stakeholders of major key accounts including Infosec group, Business group, Risk & Compliance team, Enterprise IT team and ensure controls & compliance mandates are delivered.
• Monitor the risk landscape and identify emerging and future risks. 
• Collaborate with customer’s IT & Infosec team & internal stakeholders such as SREs, DevSecOps, Product security, Process compliance and Application Engineers to establish security controls.
• Support initiatives with colleagues from throughout the organization to make sure our data is secured, environment is compliant to applicable standards, and protected.
• Collaborate & engage closely with customer partners to ensure technical & Infosec process audits, vendor audits and other external auditrequirements are complied.
• Conduct periodic controls & compliance stakeholders' confidence meeting and apply necessary actions for continual improvements.

Skills

• Excellent experience in the Security best practices, standards and frameworks such as, CSA, NIST CSF, PCI DSS, PCI 3DS, PCI PIN, Secure Software framework, ISO 27000, Data Privacy, SOC2, ISO 22301  
• Hands-on experience in Cloud Security, AWS services, Security assessments & tools configuration.
• Deep understanding of K8S (Nodes, PODs, Dockers, Containers), Cloud Workload protection, CSPM, Container Security, FOSS, API native application security are required.
• Experience in performing Cloud Risk assessments, Cloud native application security assessment, and technology risk assessment and identify mitigation controls to present wider audience. 
• Good to have few Information Security certifications such as CISA, CCSP, CRISK, CSA-STAR, CISSP, CISM, PCI QSA, PCI Certified Implementation Professional (PCIP).
• Ability to prioritize and carry out duties in a highly dynamic & complex environment.
• Should be Curious to learn new things, contribute and manage difficult stakeholders and expectations and demonstrate ownership consistently. 
• Self-motivated and directed, with good attention to detail.
• Able to work in dynamic environment and handle 100+ key stakeholders to drive the controls assurance programs.

Experience and Qualifications

• 10-15 years of experience in Information Security with an expertise in handling larger infosec controls projects with various delivery programs including Cloud Security, Network security, access control, Cryptographic & Key management, Incident response management, data protection & privacy and application security  controls.
• Bachelor of Technology (BE/B.Tech), M.Tech or ME in Computer Science, MCA or equivalent. 

Life At Zeta
At Zeta, we want you to grow to be the best version of yourself by unlocking the great potential that lies within you. This is why our core philosophy is ‘People Must Grow.’ We recognize your aspirations; act as enablers by bringing you the right opportunities, and let you grow as you chase disruptive goals. 
#LifeAtZeta is adventurous and exhilarating at the same time. You get to work with some of the best minds in the industry and experience a culture that values the diversity of thoughts. If you want to push boundaries, learn continuously and grow to be the best version of yourself,  Zeta is the place to be!  Explore the life at zeta 
Zeta is an equal opportunity employer.  
At Zeta, we are committed to equal employment opportunities regardless of job history, disability, gender identity, religion, race, marital/parental status, or another special status. We are proud to be an equitable workplace that welcomes individuals from all walks of life if they fit the roles and responsibilities.