PCI-DSS Specialist - Security Risk Management (3-8 yrs)
Cubical Operations
posted 3d ago
Key skills for the job
Job Description : PCI DSS Specialist
Location : Bangalore, India
Experience : 3+ years
Key Responsibilities :
- PCI DSS Compliance : Ensure the organization meets all PCI DSS requirements by conducting regular assessments, identifying gaps, and implementing necessary controls.
- Internal Security Assessor (ISA) : Act as the primary ISA, performing internal audits, and providing guidance on PCI DSS compliance to various departments.
- Network Security : Design, implement, and manage network security measures to protect sensitive payment card data. Monitor network traffic for suspicious activities and respond to security incidents.
- Risk Management : Conduct risk assessments to identify potential security threats and vulnerabilities. Develop and implement risk mitigation strategies to protect against data breaches and other security incidents.
- Policy and Procedure Development : Develop and maintain security policies, procedures, and standards to ensure compliance with PCI DSS and other relevant regulations.
- Security Awareness Training : Conduct training sessions to educate employees on PCI DSS requirements, data protection practices, and network security protocols.
- Documentation and Reporting : Maintain comprehensive documentation of security measures, compliance activities, and risk assessments. Prepare detailed reports for senior management and regulatory bodies.
- Collaboration : Work closely with IT, legal, and other departments to ensure alignment with PCI DSS requirements and overall organizational security objectives.
- Vendor Management : Evaluate and manage third-party vendors to ensure their compliance with PCI DSS standards and secure handling of payment card data.
Qualifications :
- Education : Bachelor's degree in Computer Science, Information Technology, or a related field.
- Experience : Minimum of 3 years of experience in PCI DSS compliance, network security, and risk management.
- Certification : PCI Internal Security Assessor (ISA) certification is required. Additional certifications such as CISSP, CISM, or CISA are a plus.
- Technical Skills : Strong understanding of network security principles, firewall management, intrusion detection/prevention systems (IDS/IPS), and encryption technologies.
- Risk Management : Proven experience in conducting risk assessments and implementing risk mitigation strategies.
- Communication : Excellent verbal and written communication skills, with the ability to effectively convey complex security concepts to non-technical stakeholders.
- Problem-Solving : Strong analytical and problem-solving skills, with a keen attention to detail.
- Team Player : Ability to work collaboratively in a team environment and manage multiple projects simultaneously.
Functional Areas: Other
Read full job description2-9 Yrs
4-11 Yrs
Bangalore / Bengaluru