Senior Infosec Engineer - Bangalore Urban, India - PhonePe

    PhonePe
    PhonePe Bangalore Urban, India

    2 weeks ago

    Default job background
    Description

    Senior Information Security Engineer - Compliance

    Roles and responsibilities:

    ● Provides information security project management and leadership to staff and

    external resources in support of established goals and objectives, improved

    efficiencies, and problem resolution

    ● Liaise with key stakeholders including business, compliance, SRE, IT, Dev, AppSec,

    Privacy, IA teams to deliver on security requirements timely and effectively

    ● Maintain information security policies, procedures, standards, and guidelines

    ● Engage with compliance, internal and external auditors to acquire and retain InfoSec

    relevant certifications/ attestations

    ● Support audits by timely response, escalation management, gap analysis, mitigation

    etc.

    ● Evaluate and drive implementation of new information security processes, tools, and

    technologies

    ● Drive information security education and awareness activities

    ● Evaluates new cybersecurity threats and IT trends and develops effective security

    controls.

    ● Evaluates potential security breaches, coordinates response, and recommend

    corrective actions

    ● Measure and increase efficacy of information security initiatives, define and report

    on information security KPIs.

    Skills and Qualifications

    ● 7+ years' experience in information security, with focus on compliance, attestation,

    and certification

    ● Firsthand experience of interacting with India BFSI regulators and auditors

    ● Experience in information security/IT compliance systems audit

    ● Excellent English language communication skills, both verbal and written,

    ● Works autonomously within established procedures and practices

    ● Good command on stakeholder management, judgment, conflict resolution, risk

    mitigations

    ● Experienced at collating and preparing information security and compliance metrics

    for management consumption

    ● Understanding of industry and regulatory governing bodies standards such as

    PCI-DSS, SOX, ISO 27001:2013 etc. and other relevant Regulatory guidelines, Data

    Privacy Laws etc.

    ● Understanding of regulatory industry requirements in BFSI

    ● Security Certifications such as CISSP, CISM, CISA etc.