About R Systems:

R Systems is a leading digital product engineering company that designs and develops chip-to-cloud software products, platforms, and digital experiences that empower its clients to achieve higher revenues and operational efficiency. Our product mindset and engineering capabilities in Cloud, Data, AI, and CX enable us to serve key players in the high-tech industry, including ISVs, SaaS, and Internet companies, as well as product companies in telecom, media, finance, manufacturing, and health verticals.

We Are Great Place to Work ® Certified™ in 10 countries with a full-time workforce [India, USA, Canada, Poland, Romania, Moldova, Indonesia, Singapore, Malaysia & Thailand]!

We are recognized as one of the Best Tech Brands 2024 by the Times Group and India's Top 500 Value Creators 2023 by Dun & Bradstreet.

Company Link : R Systems | Digital Product Engineering

Position Overview :

As a PCI Internal Security Assessor (ISA) at R Systems, The PCI Internal Security Assessor (ISA) is responsible for ensuring that client Caribbean complies with the Payment Card Industry Data Security Standard (PCI DSS). The ISA will assess, monitor, and enforce the security measures necessary to protect cardholder data and maintain PCI compliance across all systems and processes. This role works closely with internal stakeholders and external parties to maintain a secure environment, mitigate risks, and improve overall security posture.

Key Responsibilities:

• PCI DSS Compliance Management:
• Conduct regular internal assessments and audits to ensure the organization's compliance with PCI DSS.
• Develop and implement PCI compliance policies, procedures, and controls.
• Serve as the internal point of contact for PCI DSS-related matters and ensure all applicable security controls are in place.
• Collaborate with the external Qualified Security Assessor (QSA) to facilitate annual PCI DSS certification audits.
• Risk Assessment and Mitigation:
• Identify and assess potential risks to cardholder data environments and provide recommendations for risk mitigation.
• Implement and enforce necessary security controls to address gaps identified during assessments.
• Ensure vulnerability scanning, penetration testing, and security reviews are conducted to identify weaknesses and ensure continuous compliance.
• Documentation and Reporting:
• Prepare and maintain comprehensive documentation, including policies, procedures, and reports required for PCI DSS compliance.
• Maintain comprehensive documentation of assessment findings, corrective actions, and compliance status.
• Manage the submission of the Self-Assessment Questionnaires (SAQs) and Attestation of Compliance documents (AOCs) as needed.
• Training and Awareness:
• Conduct internal PCI DSS training for staff to ensure a deep understanding of the importance of compliance and security measures.
• Provide ongoing guidance and support to departments regarding security best practices related to PCI DSS.
• Collaboration and Communication:
• Work closely with projects, Enterprise Security, Technology, and other relevant departments to align PCI DSS compliance with overall security policies and practices.
• Proactively identify and/or promptly escalate risks and issues affecting PCI compliance status.
• Stay updated on changes in PCI DSS requirements and industry best practices to ensure CLIENT Caribbean remains compliant.
• Present PCI DSS compliance status reports to senior management and external stakeholders.
• Act as a liaison where necessary between CLIENT Caribbean and external vendors or service providers involved in processing or storing cardholder data.

Qualifications:

• Education:
• Bachelor’s degree in Information Security, Computer Science, or a related field (or equivalent work experience).
• Experience:
• Minimum of 3-5 years of experience in information security, PCI compliance, or a related field.
• Previous experience as an ISA, QSA, or a similar role is highly desirable.
• Certifications:
• Certified PCI Internal Security Assessor (ISA) or Certified PCI Professional (PCIP) certifications preferred.
• Additional certifications such as CISSP, CISM, CISA, or CEH are a plus.
• Skills and Competencies:
• Deep understanding of PCI DSS requirements and data security best practices.
• Familiarity with security frameworks (NIST, ISO 27001, CIS Controls) and security technologies (firewalls, IDS/IPS, encryption, etc.).
• Strong analytical, problem-solving, and project management skills.
• Excellent communication and interpersonal skills with the ability to work cross-functionally.
• Proficiency in using security assessment tools and techniques (e.g., vulnerability scanners, SIEM).

Other Requirements:

• Ability to work independently and handle sensitive information confidentially.
• Detail-oriented with strong organizational skills.
• Occasional travel may be required for audits or compliance reviews.

Why Join R Systems?

• Frequent Internal Hackathons : Engage in dynamic competitions with exciting prizes to keep your skills sharp.
• Cultural Celebrations : Strengthen our familial bonds through shared celebrations, fostering a sense of community.
• Diverse Project Exposure : Work on a variety of projects across sectors like Healthcare, Banking, e-commerce, and Retail, collaborating with leading global brands.
• Centre of Excellence (COE): Benefit from technical guidance and upskilling opportunities provided by our team of technology experts, helping you navigate your career path.
• E-Learning Platform: Gain access to comprehensive e-learning platforms coupled with a robust mentorship program to enhance your skills.
• Open Door Policy: Embrace a culture of mutual support, respect, and open dialogue, promoting a collaborative work environment.

If you are passionate and excited about working in a fast-paced, innovative environment, we would love to hear from you!

R Systems is an equal opportunity employer that does not discriminate against any employee or job applicant because of race, color, religion, national origin, sex, physical or mental disability, age, or any other characteristic protected by law. We strive to build a team that reflects the diverse communities we serve, and we actively encourage applications from individuals of all backgrounds and experiences. Our commitment to equal opportunity extends to all aspects of employment, including recruitment, hiring, training, promotion, and benefits.