Job Description

Title: Lead - Information Security GRC (PCI DSS) Location: Gurgaon, India Type: Hybrid (work from office) Job Description Company Overview Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries. Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Description and Responsibilities: Conduct PCI DSS gap assessments and audits to identify non-compliance areas. Develop, review, and update PCI DSS compliance policies and procedures. Perform risk assessments related to PCI DSS and other frameworks such as ISO 27001, NIST CSF, and CIS CSC. Collaborate with internal teams and external vendors to implement security controls and remediate compliance gaps. Conduct IT and application risk assessments to identify and mitigate vulnerabilities. Perform IT control reviews and provide recommendations to strengthen security practices. Assist in creating comprehensive compliance reports and documentation for stakeholders. Assist in the development of security training and awareness programs. Stay updated on PCI DSS requirements and other industry regulations, ensuring the organization is aligned with current standards. Provide guidance on cloud security assessments and data protection best practices Required Skills & Qualifications: 3+ years of experience in conducting PCI DSS assessments, compliance, or IT audits. BS/MS/BE/BTech/MBA in technology-related or information security curriculum Prior experience in cyber security programs, audits, assessments, risk, remediation, or cyber security compliance management Required 4+ years of relevant experience in information security domain Knowledge on PCI DSS, ISO 27001, NIST CSF, and other security standards. Experience with IT security programs, IT control reviews, and application risk assessments. Familiarity with cybersecurity regulations and frameworks Detail-oriented, ability to consistently provide high-quality products that are concise, thorough and accurate; Strong attention to detail with an analytical mind and outstanding problem-solving skills. Professional certifications like PCI DSS QSA, ISO 27001 LA or LI preferred. Good communication and persuasive skills Work independently Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.