what you will do?
 

• work and establish credibility with groups involved with payment security and compliance matters (InfoSec, legal, business development, internal audit, fraud, physical security, developer community, networking, systems, etc.)
• review new / modifications of products features and processes. should provide support to internal departments in areas of compliance with regulatory bodies, and dissemination of circulars issued by regulators
• create control frameworks and gap assessment against various regulatory guidelines and compliance requirements
• collaborate with business/engineering teams to implement compliance plans to mitigate risks in the early stage of product development
• identify and support opportunities for improving third-party risk posture and processes, including expanded monitoring, KRI tracking, etc. by applying knowledge of security, regulatory, and third-party risk lifecycle frameworks
• you will remain up to date on laws applicable to IT security of the organisation and update policies accordingly
• support in partner due-diligence activities by providing response to RFPs/ RFIs and client questionnaire 
• draft and maintain documentation for security compliance including but not limited to PCI-DSS, RBI PSS, ISO27001, card brands (Visa, Mastercard), etc

you should apply If you have:
 

• 2-6 years of relevant industry experience including information assurance, data privacy, and security compliance
• experience in managing Audits and Cyber Security controls, standards and framework implementation
• knowledge of cyber threats, vulnerabilities and risk in the payment industry 
• experience in developing cyber security & privacy policies, procedures and standards 
• basic understanding of regulatory requirements inline with fintechs
• basic knowledge of cloud (AWS / Azure / GCP)
• good to have certifications such as CISA/CISSP/CISM or other information security-related certification. exposure to different compliance standards related to the payments ecosystem (PCI DSS, PCI 3DS etc) and understanding of HSM components