1) Developing, implementing and managing an organization's compliance program.
2) Developing and overseeing control systems to prevent /deal with violations of regulatory and legal guidelines and internal policies.
3) Evaluating the efficiency of controls and improve them continuously.
4) Maintain mandatory documentations for regulatory compliance standards.
5) Initiate and lead periodic activities for maintaining regulatory compliances.
6) Draft awareness mailers to raise awareness about regulatory requirements of Information Security.
7) Report compliance status of regulatory requirements on timely basis to CISO, Top Management.
8) Monitor updates on regulatory compliance requirement including but not limited to RBI Circulars, Regulatory Frameworks, Notification from Govt. of India, Applicable laws etc.
9) Draft response to queries from different departments of Ministry, Cert-IN, RBI and other regulatory bodies.
10) Draft compliance requirement circular for banks for meeting regulatory standards.
11) Participate and coordinate for audits by different regulators or agencies (like CDAC, Cert-IN & other 3rd party) assigned by regulators.
12) Review Information Security policy for regulatory compliance and suggest amendments. Revising procedures, reports etc.
An understanding of Information Security Governance, Risk and Compliance and its responsibilities in organisation.
Minimum 5 yrs of experience in compliance domain (Can be relaxed to reduced tenure) with overall 7 years of experience
Have worked before with banks or financial institution
Have good understating and knowledge of regulatory requirements
Have undergone training or Have completed certificate courses for Information Technology Act and other regulations relevant to Information security
Good at Writing and Speaking English
Graduate in any stream but BE and MCA preferred
Certification : One from below is must
CISA, CISSP, CEH, ISO27001/2 Implementer/Auditor.