Senior Infosec Engineer - Bangalore Urban, India - PhonePe
Description
Senior Information Security Engineer - Compliance
Roles and responsibilities:
● Provides information security project management and leadership to staff and
external resources in support of established goals and objectives, improved
efficiencies, and problem resolution
● Liaise with key stakeholders including business, compliance, SRE, IT, Dev, AppSec,
Privacy, IA teams to deliver on security requirements timely and effectively
● Maintain information security policies, procedures, standards, and guidelines
● Engage with compliance, internal and external auditors to acquire and retain InfoSec
relevant certifications/ attestations
● Support audits by timely response, escalation management, gap analysis, mitigation
etc.
● Evaluate and drive implementation of new information security processes, tools, and
technologies
● Drive information security education and awareness activities
● Evaluates new cybersecurity threats and IT trends and develops effective security
controls.
● Evaluates potential security breaches, coordinates response, and recommend
corrective actions
● Measure and increase efficacy of information security initiatives, define and report
on information security KPIs.
Skills and Qualifications
● 7+ years' experience in information security, with focus on compliance, attestation,
and certification
● Firsthand experience of interacting with India BFSI regulators and auditors
● Experience in information security/IT compliance systems audit
● Excellent English language communication skills, both verbal and written,
● Works autonomously within established procedures and practices
● Good command on stakeholder management, judgment, conflict resolution, risk
mitigations
● Experienced at collating and preparing information security and compliance metrics
for management consumption
● Understanding of industry and regulatory governing bodies standards such as
PCI-DSS, SOX, ISO 27001:2013 etc. and other relevant Regulatory guidelines, Data
Privacy Laws etc.
● Understanding of regulatory industry requirements in BFSI
● Security Certifications such as CISSP, CISM, CISA etc.