Pci Dss Qsa - Bengaluru, India - Secure Logic India Pvt. Ltd
2 weeks ago
Description
Job description
Job Location:
Bangalore
Role:
PCI DSS QSA (GRC Function)
Experience: 4(Min) until 9(max) Years
Career Level:
Associate to Mid-Level
Note:
Job type:
Permanent
Department:
PS
Conditions:
- Certified PCI DSS QSAs are only eligible to apply.
- Salary should not be an issue for competitive profiles.
- Undertake PCI DSS audits and assessments under the Guidance of GRC Consultant.
- Provide strategic information security advisory and consulting services for all clients.
- The role encompasses delivery and management of Professional Services engagements, technical consultation and implementation, and internal strategic initiatives. Managing team members as deemed necessary, accounting to team roles and responsibility.
- Scoping, design, implementation, and operation of PCI DSS, and related Information Security framework/ standards.
- Participated in internal audits (IS) and carried out Risk Assessments, Business Continuity Management,
GAP analysis
- Conduct of PCI DSS Gap Analysis or assistance in completion of SAQ process
- Conduct of Internal Audit (against internal information security policies and procedures, or industry standards) engagement
- Leading and assisting in Tender responses
- Attending opportunity meetings with Sales and Marketing team for potential clients
- Attending meetings with current clients for upsell opportunities
- Plan security strategies and implementing IT Security solutions such DLP, EMAIL, WAF & DDOS products for customers.
- Providing support for advanced level and oncall support for large variety of networks, systems, and infrastructures.
- Planning & Audits, Security investigations and Risk assessment, Designing and Implementing Business
- Manage external relationships from clients, vendors, and business partners at all levels as required.
- Manage and lead Delivery engagements as & when required. This may also include managing engagement teams, deliverables and engagement budget.
- Perform Professional Services and Delivery engagements related as deemed necessary and as directed by
- Work under the Head of
PS or the Lead auditor as required to ensure strict adherence to the Quality & process to be able to set a higher standard of delivery for all customer. - Report all project progress & any issues on timely basis.
Our GRC consultants are focused on delivering quality, creating value proportions by focusing on the set objectives, we talk apples & we deliver them.
Further, our GRC consultants are trained in-house on multiple streams of knowledge base to ensure they deliver the best for our customers.
If you are passionate about security assessments, if you have the right skills & the patience in writing the best report, then it's the right place for you to be.
Last but not the least, we just don't deliver No's, we deliver Quality, we are concerned with end results from a value propositions perspective.
Specific Responsibility:
Deliver Professional Services and Delivery related projects as required, work with GRC Consultant & manager to be able to deliver these responsibility under GRC:
- Scoping, design, implementation, and operation of PCI DSS, and related Information Security framework/ standards.
- Consult to clients at all levels regards to Information Security standards, frameworks, guidelines, and better practice.
- Undertake risk assessments using industry frameworks such as ISO 31000, ISO 2700
- Compliance engagements such as Gap Analysis, Internal Audit, External Audit
- Manage and deliver vulnerability and penetration Testing engagement
- Conduct security policy and framework reviews
- Implementation of PCI DSS, ISMS, or client specific information security frameworks
- Security architecture reviews
- Manage the delivery of the engagement (includes resources, budget, and client deliverables)
- Client Engagement metrics
- Client Project Delivery
- Internal Project Delivery
- Present Secure Logic to potential clients and group through various communication streams.
- Ability to travel a must. Attending trade shows and events will be required.
- Lead generation for new business channel development.
- Keep abreast of current Information Security standards such as:
- ISO 27001:2013
- ISO 31000
- PCI DSS
- ISO 20000, ITIL
- CSA Framework
- ISACA guideline
- Coordinate the delivery of consulting or managed service projects.