Manager - Process & Compliance

6 Months ago • 7-11 Years

Job Summary

Job Description

Zeta is a Next-Gen Banking Tech company empowering banks and fintechs with its flagship processing platform, Zeta Tachyon. This role is within the Information Security Process and Compliance Team, responsible for preparing and supporting PCIDSS, ISO 27001, and SOC external Audits. The Manager will strengthen internal audit processes, ensure technology and process compliance, and collaborate on risk and compliance goals. Key responsibilities include managing the security of Zeta's tech stack, performing vulnerability assessments, integrating security testing into CI/CD pipelines, conducting code reviews, maintaining audit and compliance for infrastructure and applications, performing threat modeling, and guiding security and privacy initiatives. The role also involves developing and implementing processes for privacy and data protection requirements like GDPR.
Must have:
  • Experience with PCI DSS, ISO 27001, SSAE 18 audits
  • Understanding of Risk Assessment Frameworks
  • Experience in enterprise and application risk assessment
  • Knowledge of data privacy regulations (GDPR)
  • Excellent written and oral communication skills
  • Experience with Agile development practices
Good to have:
  • Information Security Certifications (CIPP, CIPT, CISM, CISSP)
  • AWS Cloud knowledge
  • Knowledge of anti-malware, IDS/IPS, WAF, DLP, SIEM
  • Knowledge of DoS/DDoS, XSS, Ransomware attacks

Job Details

About Zeta
Zeta is a Next-Gen Banking Tech company that empowers banks and fintechs to launch banking products for the future. It was founded by Bhavin Turakhia and Ramki Gaddipati in 2015.
Our flagship processing platform - Zeta Tachyon - is the industry’s first modern, cloud-native, and fully API-enabled stack that brings together issuance, processing, lending, core banking, fraud & risk, and many more capabilities as a single-vendor stack. 20M+ cards have been issued on our platform globally.

Zeta is actively working with the largest Banks and Fintechs in multiple global markets transforming customer experience for multi-million card portfolios.

Zeta has over 1700+ employees - with over 70% roles in R&D - across locations in the US, EMEA, and Asia. We raised $280 million at a $1.5 billion valuation from Softbank, Mastercard, and other investors in 2021.

The Role: 
This role is part of the Information Security Process and Compliance Team of Zeta. The Manager  Process & Compliance of InfoSec Audit and compliance is responsible for preparing and supporting PCIDSS, ISO 27001 and SOC external Audits. Actively participate, strengthen and improve Internal Audit process and provide assurance on internal technology and process compliance. Collaborate with the Cloud and Product security team to drive Risk and compliance goals.

Responsibilities

  • Responsible for entire security of Zeta’s Tech stack (Cloud & On-prem)Perform regular VA/PT for Web, Network, Cloud and Mobile applications
  • Integrate security testing tools (SAST, DAST) in to CI/CD pipelines
  • Regular code reviews, involve in application design discussions
  • Maintain audit and compliance (ISO 27001, PCI DSS/3DS, SSAE18,GDPR, UIDAI etc.) of infra and applications
  • Perform Threat Modelling of Web/Mobile applications
  • Guide the technology organization's security and privacy initiatives by participating in reviews
  • Conduct and review data privacy, data governance, cybersecurity and testing standards
  • Designs internal auditing procedures and ensures they are followed
  • Perform auditing and compliance activities to ensure the established policy is being followed
  • Monitors procedures for effectiveness and provides recommendations for improvement
  • Plan and Assist in developing strategic direction for information security and compliance initiatives within Cloud and the traditional data center
  • Contribute in maintaining ISO 27001, PCI DSS, SSAE18,GDPR, UIDAI etc. Security and Compliance Standards
  • Develop and implement processes and controls applicable for privacy and data protection requirements i.e. GDPR, LGPD, CCPA, PDPA etc.
  • Perform Privacy Assessment/Privacy Impact Assessment
  • Review relevant data privacy laws and provide inputs on product implementation on Privacy as Subject Matter Expert  and address various data privacy client questionnaires
  • Maintain Risk Assessment framework

Skills

  • Hands on experience with Audits and Standards (PCI DSS, PCI 3DS, PCI PA-DSS/SSF, SSAE 18, ISO 27001, GDPR etc)
  • Good Understanding of Risk Assessment Frameworks (ISO 31000, NIST Risk framework etc.)
  • Experience in Enterprise Risk Assessment and Application risk Assessment
  • Experience of Vendor Risk Assessment and respond to client Request for Proposal (RFP)Review configuration and hardening documents and guide teams to be compliant with PCI, ISO 27001, RBI etc. guidelines
  • Thorough understanding of various Data privacy regulations and privacy concepts
  • Experience of General Data Protection Regulation (GDPR) implementation
  • Experience in performing PIA, DPIA and Data mapping etc.
  • Good to have Information Security Certifications like CIPP, CIPT, CISM, CISSP etc.
  • Continuous improvement of network/infra/cloud security
  • Secure configuration and hardening of network/infra/cloud
  • Understanding of production operations on public cloud infrastructure
  • Excellent written and oral communication and penchant for technical documentation
  • Good understanding of agile development practices
  • Knowledge of the following terms and technology:
  • Knowing AWS Cloud is an added advantage
  • Knowledge of anti-malware solutions, IDS/IPS, WAF, DLP, SIEM etc.
  • Knowledge of different attacks DoS/DDoS, XSS, Ransomware
  • Knowledge of Web Servers, AD/LDAP, Routers, Switches
  • Good understanding of Technology
  • TLS/SSL, HTTP(S), Cloud Security, Hardware Security Module

Experience and Qualifications

  • 7 to 11 years of overall experience as GRC, Audit and Compliance Analyst in medium to large-sized product companies.
  • Bachelor of Technology (BE/B.Tech), M.Tech or ME in Computer Science, MCA or equivalent.

Equal Opportunity

  • Zeta is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We encourage applicants from all backgrounds, cultures, and communities to apply and believe that a diverse workforce is key to our success

Similar Jobs

Alten Technology - Senior Embedded Software Engineer

Alten Technology

Westminster, Colorado, United States (Hybrid)
1 Month ago
Pokemon - Category Manager

Pokemon

Bellevue, Washington, United States (Hybrid)
2 Weeks ago
Activision - Lead Producer

Activision

Los Angeles, California, United States (On-Site)
1 Week ago
Sprinkler - Group Director, Customer Success

Sprinkler

London, England, United Kingdom (On-Site)
2 Months ago
Double Eleven - Lead Programmer (C++ / Proprietary Engine)

Double Eleven

Middlesbrough, England, United Kingdom (Hybrid)
4 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

PwC - Manager - Workforce Management

PwC

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
9 Months ago
Scale AI - Procurement Manager

Scale AI

San Francisco, California, United States (On-Site)
2 Weeks ago
Netflix - Senior Manager, Protective Services

Netflix

Los Angeles, California, United States (On-Site)
3 Months ago
Alten Technology - Process Quality Engineer

Alten Technology

Mobile, Alabama, United States (On-Site)
1 Week ago
Qualcomm - Staff Program Manager, Hardware (ASIC/IP Development)

Qualcomm

Markham, Ontario, Canada (On-Site)
2 Months ago
Condé Nast - Order to Cash Manager

Condé Nast

London, England, United Kingdom (Hybrid)
1 Week ago
smartbear - Procurement Manager

smartbear

Somerville, Massachusetts, United States (Hybrid)
1 Month ago
PwC - Associate Enterprise Risk Management - Roma (OTS)

PwC

Rome, Lazio, Italy (On-Site)
9 Months ago
HP - Senior Manager, Credit & Collections

HP

Bengaluru, Karnataka, India (On-Site)
1 Week ago
Ion - Vulnerability Management Analyst

Ion

London, England, United Kingdom (On-Site)
4 Weeks ago

Get notifed when new similar jobs are uploaded

Jobs in Bengaluru, Karnataka, India

Qualcomm - BSP HLOS Engineer

Qualcomm

Hyderabad, Telangana, India (On-Site)
2 Months ago
Interactive Brokers - Client Services Representative: Funds & Banking

Interactive Brokers

Mumbai, Maharashtra, India (On-Site)
9 Months ago
PwC - Senior Associate - Power BI Data & Analytics Advisory

PwC

Ahmedabad, Gujarat, India (On-Site)
1 Week ago
Cadence - Lead Full Stack Cloud Engineer

Cadence

Noida, Uttar Pradesh, India (On-Site)
9 Months ago
Wind River - MTS - Python Linux Kubernetes Expert Platform Service

Wind River

Bengaluru, Karnataka, India (Hybrid)
2 Weeks ago
AppMySite - Lead Back-End Developer

AppMySite

Delhi, India (Remote)
11 Months ago
Aeries technology - B2B Social Media Specialist

Aeries technology

Mumbai, Maharashtra, India (On-Site)
1 Month ago
Ramboll3 - Product Owner - Learning Management System (CSOD)

Ramboll3

Gurugram, Haryana, India (On-Site)
1 Month ago
Hitachi - Microsoft Dynamics AX Technical Consultant (D365 F&O)

Hitachi

India (Remote)
9 Months ago
Dream Sports - SDE 2 - Frontend

Dream Sports

Mumbai, Maharashtra, India (On-Site)
9 Months ago

Get notifed when new similar jobs are uploaded

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Hyderabad, Telangana, India (On-Site)

Mumbai, Maharashtra, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Hyderabad, Telangana, India (On-Site)

Mumbai, Maharashtra, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Washington, District Of Columbia, United States (Hybrid)

Bengaluru, Karnataka, India (On-Site)

Mumbai, Maharashtra, India (On-Site)

View All Jobs

Get notified when new jobs are added by zeta