Assistant Vice President - ISO and PCI Compliance Framework

About Us

SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment experience and indulge in rewarding benefits. At SBI Card, the motto 'Make Life Simple' inspires every initiative, ensuring that customer convenience is at the forefront of all that we do. We are committed to building an environment where people can thrive and create a better future for everyone.

SBI Card is proud to be an equal opportunity & inclusive employer and welcome employees without any discrimination on the grounds of race, colour, gender, religion, creed, disability, sexual orientation, gender identity, marital status, caste etc. SBI Card is committed to fostering an inclusive and diverse workplace where all employees are treated equally with dignity and respect which makes it a promising place to work.

Join us to shape the future of digital payment in India and unlock your full potential.

What’s in it for YOU

1. SBI Card truly lives by the work-life balance philosophy. We offer a robust wellness and wellbeing program to support mental and physical health of our employees
2. Admirable work deserves to be rewarded. We have a well curated bouquet of rewards and recognition program for the employees
3. Dynamic, Inclusive and Diverse team culture 
4. Gender Neutral Policy
5. Inclusive Health Benefits for all - Medical Insurance, Personal Accidental, Group Term Life Insurance and Annual Health Checkup, Dental and OPD benefits
6. Commitment to the overall development of an employee through comprehensive learning & development framework

Role Purpose 

Responsible for ensuring that organization remains up-to-date on all regulatory and policy requirements in accordance with internal / external mandated regulations and supporting SBI Card's Information Security compliance, risk and audit program.

Role Accountability 

1. Work with business and technical team members, third party vendors and auditors to ensure adherence to all applicable compliance standards (ISO 27001, PCI DSS, GDPR, etc.) and communicates with multiple departments and levels of management in order to resolve technical, operational risks
2. Inform stakeholders about compliance and security-related issues and activities affecting the assigned area or project
3. Review, develop and manage documentation/SOPs to ensure adherence with ISO 27001, PCI-DSS, GDPR compliance
4. Coordinate annual ISO 27001, PCI QSA audits & compliance certification with external audit and accreditation agencies
5. Provide periodic and ad hoc security awareness training for employees/contractors to increase visibility of security in their daily job functions
6. Evaluate the effectiveness of training programs and makes recommendations for improvement
7. Track information security actionable of various audits / assessments / committees
8. Perform process documentation and compliance adherence

Measures of Success 

1. Successful number of adoption and implementation of security projects
2. Increase in maturity of Security Programs (Adoption and Capabilities)
3. Timely management and reporting of IAM governance related KRAs and metrics 
4. No adverse observation in Internal / external audits 
5. Timely remediation of any findings or recommendations made by any of the internal or external assessors 
6. Process Adherence as per MOU

Technical Skills / Experience / Certifications

1. Industry-standard certifications such as CISA, CISM, CISSP, ISO 27001, LA/LI
2. Strong knowledge and understanding of enterprise IT Systems, cloud infrastructure and security principles and technologies
3. Experience in dealing successfully with different business and external stakeholders

Competencies critical to the role

1. Stakeholder Management
2. Analytical Ability
3. Process Orientation
4. Teamwork & Collaboration

Qualification 

Bachelor’s Degree in Computer Science / Information Technology or in a related discipline

Preferred Industry

BFSI, NBFC,Telecom