Compliance Manager

Key Responsibilities
Regulatory Compliance and Standards Management Ensure compliance with PCI DSS, ISO 27001, SOC2, DPDPA, SAR DLA, NPCI and RBI guidelines, Lead internal and external audits related to security and compliance frameworks, Vulnerability Management & Security Testing: Conduct regular vulnerability assessments, penetration testing (VAPT), and security audits Collaborate with development teams to ensure that identified vulnerabilities Data Protection & Privacy: Ensure adherence to the standards for data protection regulations, including DPDPA and Indian Regulations for personal data, Collaborate with cross-functional teams to safeguard personal data and sensitive financial information, ensuring data encryption and secure transaction protocols, Cybersecurity Best Practices: Implement and maintain information security best practices in line with frameworks such as ISO/IEC 27001 and the NIST Cybersecurity Framework, Assist in designing and deploying security controls for cloud and on-premise environments, protecting sensitive business and financial data, Incident Response and Risk Management: Assist in developing and managing incident response plans for security breaches and vulnerabilities, ensuring regulatory reporting requirements are met, Work closely with IT teams to identify, respond to, and resolve security incidents quickly and effectively, Security Documentation and Reporting: Create and maintain detailed reports of security status, vulnerabilities, risks, and compliance audits, Report on the effectiveness of security measures and ensure continuous monitoring of security incidents Develop and implement internal legal policies, ethics guidelines Collaboration and Training: Collaborate with internal teams to integrate security practices into the software development lifecycle (SDLC), Provide training to internal stakeholders on compliance and security practices, Stay informed and ensure adherence to financial transaction regulations, such as FATF recommendations and GST compliance in India, Educational Qualifications & Skills Bachelor's or Masters degree in Computer Science, Information Technology, Cybersecurity, or a related field, Relevant certifications like CEH, CISSP, CompTIA Security+, CISM, or ISO 27001 Lead Implementer are a plus, Strong understanding of VAPT tools and methodologies ( e-g, Nessus, Burp Suite), Knowledge of compliance regulations including PCI DSS, GDPR, CCPA, PDPB, FATF, and RBI guidelines, Hands-on experience with cloud security and network security tools and frameworks ( e-g, firewalls, SIEM, IDS/IPS, endpoint protection), Skills Ability to conduct risk assessments, manage security audits, and ensure compliance with regulatory requirements, Strong problem-solving and analytical skills with attention to detail, Excellent communication skills, both written and verbal, for reporting and liaising with stakeholders, A deep understanding of financial transaction security and regulatory guidelines for payment platforms, Experience Minimum 1 years of experience in information security, cybersecurity, or risk management, Experience working with security frameworks and compliance in financial, payment, or similar regulated industries is a plus, Show