Please wait...

PCI-DSS Consultant

Submitted by ekta on April 8, 2025
Experience
2 - 5 Years
Location
Bangalore
Job Reference Number
3
Job Description

Job Description

  • 2 - 5 years of experience in Information Security and Compliance in medium to large-sized companies.
  • Good Understanding of Technology Risk Assessment Frameworks and Application risk Assessment.
  • Good Understanding and hands on experience on PCI DSS Standard and various PCI compliance is must.
  • Experience of working in the Banking or Payment sector is preferred.
  • Hands-on experience with various Audits and Standards Such as ISMS, SSAE 18, ISO 27001, ISO 31000, ISO 22301, CSA Star, NIST Risk framework, PCI DSS, PCI 3DS, PCI PA-DSS/SSF, PCI S3 etc.
  • Experience of Vendor Risk Assessment and responding to client Request for Proposal (RFP). Excellent written and oral communication and penchant for technical documentation

 

Educational & Professional Credentials

  • Bachelor of Technology (BE/ B. Tech) or ME in Computer Science, MCA or equivalent.
  • Good to have Information Security Certifications like CISA, CISM, CISSP etc.

Required Knowledge & Skills

  • Work with internal and external stakeholders to assess the IT architecture or proposed IT architecture solutions to identify the risk areas with regards to PCI controls.
  • Assess the network architecture and or reviews the Firewall rulesets, Network devices/appliances to see if they are aligned with the PCI control requirements and recommends compensatory controls where necessary.
  • Execute operational activities to support audit and compliance activities including technical validation processes.
  • Conduct PCI DSS scoping engagements, gap analysis and assessments related to securing the Cardholder Data Environment.
  • Effectively multi-tasks on multiple assignments and deliverables.
  • Actively accepts individual and team responsibilities to meet commitments. Takes responsibility for own performance and actions and demonstrates responsibility and teamwork towards overall team/department goals.
  • Discuss the SOP document with all relevant stakeholders - right from process owner to the BU functional heads Detailed understanding of SOC reports (SOC2, Type 1, 2), ISMS reports and ability to relate the IT General Controls, IT Application Controls, Cyber Controls to the SOC framework.
  • Develop and Maintain Vendor Risk Management /Third Party Risk Management Program including Vendor Onboarding Audit, Periodic Vendor Assessment, Maintain TPRM Database.
  • Review and implement controls and policies as per RBI and other regulatory requirements. Maintain ISMS framework, evaluate effectiveness of implemented controls and provides recommendations for improvement.
  • Facilitate Client Due - Diligence in collaboration with Business.
  • Develop and Maintain Enterprise Risk Assessment framework.
  • Perform Internal Assessment against various Standards to ensure the established policies are being followed and prepare internal reports.
  • Contract review and providing responses to client Request for Proposal (RFP)

 

Next Steps

If you are interested in this role, please email your latest profile/ resume, your current salary and expected salary to neha.acharekar@riskpro.in

About Riskpro

Riskpro India is a specialized Risk Management consulting company. It is managed by experienced professionals with experiences across various industries. With offices in Mumbai, Delhi, Bangalore, Chennai, Pune and Kolkata, we are one of the fastest growing risk consulting firms in India. We are since 12+ years in business, serviced 850+ clients in 7+ cities with 500+ cities associate representation, 90+ team members with 10 Strategic partners.

Our 5 Business Verticals:

  • Risk Advisory – We conduct Risk based internal audits, SOPs, ERM, legal compliance audits, IFC, Risk Library, etc.
  • IT Advisory – We conduct IT audits, GDPR, SSAE18, HIPAA compliance, 21 CFR, etc.
  • GRC Technology – We provide software for Compliance management, Internal audit, Risk management, Contract management, Vendor Risk Management, etc.
  • GRC Trainings – We conduct in-person/online trainings on topics like ERM, Risk assessment, AML, Fraud risk, Information security among others.
  • GRC Recruitment - We provide full/part time internal auditors, Virtual risk managers and independent directors for corporates.

Please feel free to visit our website www.riskpro.in for more details.

Why Riskpro

Riskpro provides a platform for people to associate with us. When you associate with Riskpro, you can build your own set of clients and leverage the brand to get clients, business for yourself. It is one of its kind business models that offers you the flexibility and freedom of an independent professional, as well as the corporate and brand backing of an established firm.

About Riskpro

Riskpro India is a specialized Risk Management consulting company. It is managed by experienced professionals with experiences across various industries. With offices in Mumbai, Delhi, Bangalore, Chennai, Pune and Kolkata, we are one of the fastest growing risk consulting firms in India. We are since 12+ years in business, serviced 850+ clients in 7+ cities with 500+ cities associate representation, 90+ team members with 10 Strategic partners.

Our 5 Business Verticals:

  • Risk Advisory – We conduct Risk based internal audits, SOPs, ERM, legal compliance audits, IFC, Risk Library, etc.
  • IT Advisory – We conduct IT audits, GDPR, SSAE18, HIPAA compliance, 21 CFR, etc.
  • GRC Technology – We provide software for Compliance management, Internal audit, Risk management, Contract management, Vendor Risk Management, etc.
  • GRC Trainings – We conduct in-person/online trainings on topics like ERM, Risk assessment, AML, Fraud risk, Information security among others.
  • GRC Recruitment - We provide full/part time internal auditors, Virtual risk managers and Independent directors for corporates.

Please feel free to visit our website www.riskpro.in for more details.

Why Riskpro

Riskpro provides a platform for people to associate with us. When you associate with Riskpro, you can build your own set of clients and leverage the brand to get clients, business for yourself. It is one of its kind business model that offers you the flexibility and freedom of an independent professional, as well as the corporate and brand backing of an established firm.