Cybersecurity-Strategy Risk & Compliance-PCI QSA-Senior Associate-Bangalore

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Job Description & Summary

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.

Our Regulatory Compliance team focuses on helping our clients understand their regulatory landscape on a domestic and global scale. You'll work with our clients aligning a number of different cyber, privacy and industry frameworks and requirements to their business. This includes, but is not limited to: NIST CSF, ITIL, HIPAA, PCI, FDA, FERC/NERC, OCC, FFIEC, ABAC, Cyber Executive Orders, etc. Our team designs, implements, and maintains an effective compliance program that helps our clients manage the risks against regulatory compliance obligations, as well as control framework commitments to their Board/stakeholders.

Our team also works with regulatory examiners, investigators, and industry leaders to continue to stay ahead of upcoming regulatory changes or enforcements. We help inform our clients on controls or requirements that require enhancements, and help with the compliance change management components driving new technical and business requirements out to their end users. You will be part of a team that not only assesses organizational compliance, but helps clients to strategically think through the best way to manage in a cost-effective, yet defensible manner.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Use feedback and reflection to develop self awareness, personal strengths and address development areas.
• Delegate to others to provide stretch opportunities and coach to help deliver results.
• Develop new ideas and propose innovative solutions to problems.
• Use a broad range of tools and techniques to extract insights from from current trends in business area.
• Review your work and that of others for quality, accuracy and relevance.
• Share relevant thought leadership.
• Use straightforward communication, in a structured way, when influencing others.
• Able to read situations and modify behavior to build quality, diverse relationships.
• Uphold the firm's code of ethics and business conduct.

Required experience:
: MCA / BE / B Tech
● 3 - 8 years of Information security industry experience and min 5+ relevant experience as PCI QSA with
in-depth knowledge of PCI ecosystems and implementing and maintaining compliance.
● Must be a QSA who has been certified on PCI DSS v4.0 and has led at least three assessments, resulting in ROCs
in the last three years for three different clients.
● Experience with PCI Industry benchmarking, RFP’s/RFQ’s, scoping, SAQ’s, auditing, remediation and
providing recommendations to large enterprises. Having good understanding and hands on experience
conducting security reviews of various cyber security solutions, including but not limited to the
following:
o Application or network firewalls
o Intrusion detection/prevention systems
o Database or other storage solutions
o Encryption solutions
o Security audit log solutions
o File integrity monitoring solutions.
o Anti-virus solutions
o Vulnerability scanning services or solutions.
● Should be a SME in controls implementation, assessments, perform GAP analysis, policies/ reporting,
creating procedures and focused PCI governance checks related to a variety of compliance projects.
● Must have strong experience in implementing/assessing the P2PE solution requirements and testing
procedures, encryption, and decryption and Key management methodologies within secure cryptographic
devices.

Responsible for building and influencing payment security as a core competency throughout our relationships
with our clients/internal teams/partners/vendor, this includes providing education, developing process and
procedures, standard templates, accelerators, training to the internal teams for competency build.
● Conduct targeted validation and detailed assessments of client’s processes, applications, products, policy
documentation and third-party adherence to the PCI. Delivers findings, recommendations and remediation steps
for all activities, in a clear, concise and audience-specific format.
● Establishes credibility and maintains strong working relationships with groups involved with payment security
(InfoSec, Legal, Business Development, Physical Security, Developer Community, Networking, Systems, etc.).
● Strong understanding of application security practices (such as OWASP Top 10) and other compliance
standards/frameworks like ISO 27001/27002, NIST, HITRUST, COBIT, SOX, GLBA, SSAE16/SOC 2, HIPAA etc. will
be an advantage.
● Excellent written, oral communication and presentation skills.
Additional Qualifications:
● Related payment security control and compliance experience in conducting, executing and managing fieldwork
for assessments: PCI DSS, SOX, GLBA, HIPAA desirable.
● Excellent leadership, teamwork and collaboration skills.
● Ability to quickly acquire and utilize knowledge on new technologies and solutions, emerging threats
and vulnerabilities.
● Must have experience with Business development and should be able to contribute to team
development and growth.
● CISSP, PCI QSA, CISA, CISM, CRISC and/or other comparable security controls or audit certifications preferred.
● Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able
to contribute in a team environment.
● Worked in a client facing role.
● Results oriented, high energy, self-motivated.

Professional and Educational Background
● MCA / BE / B Tech
● Line of Service: Advisory
● Industry: Consulting
● Location: Bangalore

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

0%

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date