Incharge- Risk Management, Compliance and Governance

12 - 16 Years

Job Description

Roles and responsibilities 

Key Responsibilities

- GRC and Security Governance
- Implement and manage a strong Security Governance program
- Work with the IT Risk to ensure security readiness
- Engage with internal and external audit teams
- Manage the Information Security Management Systems & Business Continuity Management Systems and responsible for certification of ISO 27001, PCI DSS & ISO 22301 enforcing NPCI to follow PDCA (Plan, Do, Check & Act)

Roles & Responsibilities:

- Responsible for implementation of Security Global Standards like ISO 27001, ISO22301, PCI DSS, and RBI Cyber security circular.
- Responsible for handling both internal and external process/governance/quality audits
- Create employee awareness, interest, and participation in implementation of quality processes e.g. training, audits, etc
- Establish communication channels within organization e.g. training
- Spread security awareness
- Ensure compliance and reporting requirements for IT and Security processes like (but not limited to:-
a. Asset management
b. Access management
c. Change management
d. Patch management
e. Hardening guidelines
f. Secure code guidelines
- Prepare the processes, teams, documents for internal and external audits
- Manage statutory, regulatory & internal committee meetings and proceedings
- Track and remediate all audit observations with corrective and preventive actions
- Resolve all security alerts raised by SOC within the IT function with corrective and preventive actions
- Works with the IT Risk teams to track and remediate all findings/ observations/ improvements reported by the respective teams
- Directly responsible for procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practices.
- Oversee/Facilitate formal risk analysis and self-assessments program for various systems and processes, as required by the CISO and/or IT teams
- Act as a liaison between the CISO and the IT Teams to ensure all governance, risk and compliance management activities are managed end-to-end, and the lifecycle of various initiatives and operational activities are completed/concluded
- Strong documentation and communications skills
- Ability to prioritize and multitask. Flexibility and adaptability in work approach

Required Candidate profile

Masters or Bachelor of Engineering in Computer Science/ Electronics/ Cyber Security.
Professional certifications and accreditations (ISACA - CISA, CISM, CRISC, Risk Management).
At least 12-15 years of experience in Information Security of which 8 years of proven work experience in dealing with Data Protection, Privacy, BCMS.
IT and Project management expertise are a plus.
Data Privacy knowledge
IT General Controls Testing
ISO 27001, ISO23201,Governance
Cyber security governance

Perks and Benefits 

As per industry standards

Salary: Not Disclosed by Recruiter

Industry:Banking / Financial Services / Broking

Functional Area:IT Software - Network Administration, Security

Role Category:Senior Management

Role:Program Manager


Desired Candidate Profile

Please refer to the Job description above

Company Profile

National Payments Corporation of India

National Payments Corporation of India (NPCI) is the newly established company promoted by banks of India with an objective to build robust and state of the art national level retail electronic payment system infrastructure in the country
View Contact Details+

Recruiter Name:HRD

Contact Company:National Payments Corporation of India

Reference Id:Incharge- Risk Management, Compliance and Governance