Incharge Risk, Governance & Compliance

10 - 15 Years

Job Description

Responsible for implementation of Security Global Standards like ISO 27001, ISO22301, PCI DSS and RBI Cyber security circular.

  • Responsible for handling both internal and external process /governance / quality audits
  • Create employee awareness, interest, and participation in implementation of quality processes e.g. training, audits, etc
  • Establish communication channels within organization e.g. training
  • Spread security awareness
  • Ensure compliance and reporting requirements for IT and Security processes like but not limited to:-

a. Asset management
b. Access management
c. Change management
d. Patch management
e. Hardening guidelines
f. Secure code guidelines

  • Prepare the processes, teams, documents for internal and external audits
  • Manage statutory, regulatory & internal committee meetings and proceedings
  • Track and remediate all audit observations with corrective and preventive actions
  • Works with the IT Risk teams to track and remediate all findings/ observations/ improvements reported by the respective teams
  • Directly responsible for procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practices.
  • Oversee / Facilitate formal risk analysis and self - assessments program for various systems and processes, as required by the CISO and / or IT teams
  • Act as a liaison between the CISO and the IT Teams to ensure all governance, risk and compliance management activities are managed end- to- end, and the lifecycle of various initiatives and operational activities are completed / concluded
  • Strong documentation and communications skills
  • Ability to prioritize and multitask. Flexibility and adaptability in work approach

Required Candidate profile

- Proven track record of Information security process governance framework implementation across legacy/ modern applications and infrastructure driven projects
- Proficiency in Banking/ Financial Services domain
- Proficiency in Internal quality audit and training employees on Information Standards.
- Ability to understand and review technical documentation, including Project plans, test procedures and design documents.
- Develop and update of ISO27001 ISO23201, PCIDSS and RBI Cyber security circular policies and procedures
- Identify and document cyber risks and manage mitigation and follow up on open security risks. Report issues to stakeholders.
- Lead in the execution of the information security program, including meeting PCI compliance requirements.
- Conduct timely risk assessment pertaining to ISO27001, ISO23201, PCIDSS and RBI Cyber security circular
- Knowledge of ISO31000 risk management
- Lead with cross - department remediation project tasks in multiple work streams.
- Provide support to Information Security Incident Response team during cyber incidents.
- Validate that information security requirements are built into architectures and new technology projects.
- Lead in the technical deployment of security solutions that enhance the information security architecture.
- Maintain foundational knowledge of Payment Card Industry (PCI) Data Security Standard compliance by keeping apprised of changes to the standard, evaluating new systems for impact and supporting annual PCI audit.
- Support the completion of assessments of the operational effectiveness of the security controls and supports any required remediation.
- Facilitate regulatory or surveillance audits
- Up- to- date knowledge of methodologies and trends in both information security and IT.

Perks and Benefits 

Best in the Industry


Desired Candidate Profile

Please refer to the Job description above

Company Profile

National Payments Corporation of India

National Payments Corporation of India (NPCI), an umbrella organisation for operating retail payments and settlement systems in India, is an initiative of Reserve Bank of India (RBI) and Indian Banks’ Association (IBA) under the provisions of the Payment and Settlement Systems Act, 2007, for creating a robust Payment & Settlement Infrastructure in India.

The Company is focused on bringing innovations in the retail payment systems through the use of technology for achieving greater efficiency in operations and widening the reach of payment systems.

NPCI, has products like RuPay- debit, credit and prepaid cards, UPI(Unified Payments Interface), BHIM(Bharat Interface Money), AEPS(Aadhaar Enabled Payment Services), CTS(Cheque Truncation System), IMPS(Immediate Payment Services), NFS(National Financial Switch), NACH(National Automated Clearing House),NETC , Bharat Bill Pay, *99#.

For more detailed information on the Vision, Mission, Objectives and Products & Services log on to
View Contact Details+

Contact Company:National Payments Corporation of India


Not Disclosed by Recruiter

Role Category

System Design/Implementation/ERP/CRM


Practice Head / Practice Manager

Employment Type

Full Time, Permanent