Compliance Officer - Information Security - Bank

Compliance Officer - Information Security

Our client is a Bank and we are looking for a Compliance Officer for the Information Security Function at Mumbai. The Key Job Responsibilities will be as follows :

1] Compliance :

- Ensuring that the Bank is in Compliance with the relevant guidelines issued by RBI and other regulators including advisory and alerts issued by the CSITE team.

- Review new products, procedures, system implementation to ensure activities of the bank are compliant with all the regulatory and statutory requirements including the internal procedures, processes and policies laid down by the Board.

- Carry out Compliance testing as per the approved compliance testing plan including regular tracking for observed gaps, if any.

- Provide consultation / timely clarifications on various regulatory matters within the organization in respect of assigned functional areas.

- Interaction with the regulator for various clarifications required, dissemination and tracking the same.

2] Risk Based Supervision :

- Understanding the regulatory requirements under Risk Based Supervision (RBS) / CSITE inspection and providing support to the concerned units heads in Compliance

- Data Reviews for various Tranche submissions to the regulator from time to time including Compliance testing.

- Monitor that timely and comprehensive actions are taken by respective functions to ensure compliance with the observations in regulatory / statutory inspection reports.

The Key Skills required include the following :

1. Should be very well-versed with the Banking Regulatory Domain on IT & Info-Sec such as Cyber Security Framework, Master Direction on Digital Payment Security Controls, G. Gopalakrishnan Committee Recommendations, CSITE Advisories, ATM Security Regulations, SEBI Cyber Security Regulations, etc.

2. Should be familiar with the Banking industry practice with respect to the IT-Compliance & Controls environment.

3. Should have a reasonable understanding of IT General Controls, international acts such as SOX, IT Governance Frameworks such as COBIT, standards such as ISO 27001, BS 15000 / ISO 20000 / ITIL, BS25999, Payment Cards Industry Data Security Standard (PCI DSS), etc.

4. Should have excellent analytical, drafting, communication (English Language - spoken and written) and presentation skills

Education Qualifications :

- Should possess a Bachelor of Science, Bachelor of Engineering / Technology, Master of Computer Application / Computer Science or Master in Business Admin / Post Graduate Diploma in Business Administration / Post Graduate Program in Management in Computer Science / Information Technology or equivalent.

- A certification in one of the following - CISA / CISSP / CISM / CRISC will be an advantage.

- Candidate should have Information Security background, preferably in banking Industry

Monika