Sr Associate - Infosec GRC
On-site · Bengaluru, Karnataka, India
Job Summary
Sr Associate - Infosec GRC role focused on preparing and supporting PCI DSS, ISO 27001, and SOC external audits. Collaborates with Cloud and Product security teams to drive risk and compliance goals, assess IT architecture for PCI controls, review network/firewall configurations for PCI alignment, perform PCI scoping, gaps, and assessments, and maintain enterprise risk and vendor risk management programs. Heavily involved in internal audits, SOP discussions with stakeholders, and client due diligence, with strong emphasis on IT General Controls, cyber controls, and regulatory alignment (RBI). Requires broad experience across audit standards (ISMS, SSAE 18, ISO 27001, NIST), and the ability to document and communicate findings and recommendations.
Required Qualifications
- 5-8 years of experience in Information Security and Compliance in medium to large-sized companies
- Bachelor of Technology (BE/B.Tech), M.Tech or ME in Computer Science, MCA or equivalent
- Strong understanding of PCI DSS standards and multiple PCI compliance requirements
- Experience in Banking or Payment sector preferred
- Hands-on with audits and standards such as ISMS, SSAE 18, ISO 27001, ISO 31000, ISO 22301, CSA Star, NIST Risk framework, PCI DSS, PCI 3DS, PCI PA-DSS/SSF, PCI S3
- Information Security Certifications such as CISA, CISM, CISSP preferred
- Experience with Vendor Risk Assessment and responding to client RFPs
- Excellent written and oral communication, and technical documentation skills
- Bachelor’s in CS/Engineering or equivalent; familiarity with RBI regulatory requirements
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.