Vodafone Idea - Technology Security Compliance Engineer - Telecom/Banking Domain (10-12 Yrs) Pune (Others) by VODAFONEIDEA

XpatJobs (November-2017 से पंजीकृत) ने 8 दिन पहले इस नौकरी को पोस्ट किया था

Role : Statutory Compliance Job Level/ Designation : L5 Function / Department : Technology Security Location : Pune Job Purpose : - Establish Security compliance framework, Implement and support projects for improving overall security compliance posture of the organization and meeting applicable requirements with expected delivery under stringent deadline.
-To Ensure that Vodafone idea meet critical security compliance controls (60,000 unique controls and 300 statutory controls) requirement, conduct control assessment, review, report and ensure 100% closure of non-compliance point.
-To Ensure PCI DSS, ICFR, IT Act, ISO27001 standard implementation & Certification for across VIL organization which includes 23 telecom circles, offices, data centre and corporate office. Key Result Areas/Accountabilities : - Controls Implementation and Maintenance: Implement, maintain and monitor applicable ICFR controls on a quarterly basis for the 30 in scope systems across all 4 layers for each instances of the systems.
-ICFR Management Responsibilities: For all circles, ensure that all management responsibilities are completed as per deadlines including but not limited to RCM documentations, design testing, operating effectiveness testing, issues identification, and remediation and reporting.
-ICFR External Audits: Primary interface for ICFR external audit to ensure that all relevant information is provided accurately by circles and vendors, clarifications as required by the auditors are provided and issues if any are resolved to the satisfaction of the auditors.
-Ensure ISO 27001 maintenance and support internal audits: Ensure ISO 27001 maintenance and implementation by reviewing and updating ISMS documentation, conducting internal audit, and supporting external audits. Support and track Internal Audits conducted by the corporate team.
-PCI DSS compliance and audit: Maintain and monitor PCI DSS compliance requirements on an annual basis. Manage PCI DSS annual audit and mandatory Quarterly ASV scan activity.
-Budget tracking and Governance: Technology Security budget tracking and governance on spends. Ensure support to central budget governance teams and periodic reporting to the CISO on the budget status.
-Support other statutory and regulatory audits and conduct internal sample based reviews of circles and central teams; support other compliance projects. Core Competencies, Knowledge, Experience - Compliance Management and Information Security.
-Expertise on Security Risk Management - Expertise on internal control design, implementation, monitoring and audits.
-Understanding of Network and IT Applications and Systems from a security and compliance perspective - Issue resolution and problem solving capabilities - Excellent written and oral communication skills - Stakeholder management Must have technical / professional qualifications : - Graduation/ BE./ B.Tech (Computers/ Electronics & Telecommunications) - CRISC/CISM/CISSP/CISA/CEH - ISO 27001 Lead Auditor, Lead Implementer Years of Experience :10-12 years of experience in project management in Industries to look from Telecom, Banking - Ideal Organizations to look from As mentioned above industries - Direct reports : Head of Security Compliance& Data Privacy

Required Skills : English