PCI DSS Internal Security Assessor, Retail Banking
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
Experience - 16+ Years
• Drive the PCI DSS remediation journey across Retail Banking.
• Provide advice and oversight to ensure that businesses related processes and procedures are in compliances with PCI DSS.
• Deliver critical analyses and recommendations to support decision making for senior management and governance committees.
• Maintain highly constructive and effective relationships.
• Evaluate reports performed by PCI SSC approved security companies including PCI DSS Reports on Compliance (ROC), Approved Scanning Vendor (ASV) Scan Reports, and PCI PA-DSS Reports of Validation (ROV).
• Document and present QA findings to leadership and the PCI Security Standards Council
• Provide status reports for consistent findings and proposed solutions.
• Interact with QSA, PA-QSA and ASV security professionals to confirm findings and resolve misunderstandings resulting from the review.
• Work in a team environment to analyze the QA test process and help develop procedural strategies for reviewing reports and services.
• Help ensure relevant test coverage and appropriate sampling.
• Participate as an integral part of the team, exhibiting ownership, follow through, initiative, awareness and effective communication with peers and management.
• Continually learn, actively share knowledge and foster exchange of skills.
• Proactively identify opportunities to improve the quality of reporting and usability of that information.
• Contribute to newsletters, whitepapers and other written communication sent by the Council as needed.
• Perform ad hoc projects as required.
• Be willing to participate in travel (up to 20%).
• Global Business Head and their direct/indirect reports
• Global Functional Heads and their direct/indirect reports
• Managers in Operations, Operational Risk, Legal, Compliance and other functions.
• Group CISO and STS team
• Head Operational Risk - Information Security & Cyber Security
• GPOs and Risk Owners
• Thought leadership and oversight of effective PCI DSS remediation.
• Work with key functional stakeholders to drive an aligned change agenda.
KNOWLEDGE, SKILLS AND EXPERIENCE
• Actively certified PCI DSS ISA.
• Minimum of 3+ years of hands-on security assessment, quality assurance, or PCI DSS experience.
• Industry certifications (such as CISSP, CISA, CISM).
• Bachelor's degree required.
• Understanding of information systems and networking diagrams.
• Experience evaluating the security infrastructure for large enterprise merchants or service providers.
• Working knowledge of the financial industry and the lifecycle of payment card transactions.
• Working experience with software development methodologies and practices.
• Working knowledge of audit methodologies and security assessment tools.
• Methodical and organized; able to manage multiple opportunities, projects, and partners concurrently.
• Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment.
• Able to multi-task and work independently with minimum supervision to meet firm deadlines.
• Flexible, proactive, quick to learn and possessing a can-do attitude.
• A blend of curiosity, creativity, persistence, commitment, passion and optimism.
Apply now to join the Bank for those with big career ambitions.