Risk & Compliance Specialist I (India) SOX & PCI Focus

Department: Risk Management / Compliance / GRC

Position Summary

We are seeking a detail-oriented and proactive

Risk & Compliance Specialist with 3"5 years of experience to support our organizations compliance initiatives related to

SOX (Sarbanes-Oxley Act) and

PCI DSS (Payment Card Industry Data Security Standard). This role is critical in helping ensure our control environment remains compliant, effective, and audit-ready, while supporting risk reduction across financial and payment systems.

You will work cross-functionally with internal teams such as IT, Finance, and Security, as well as external auditors, to help maintain documentation, test controls, track remediation efforts, and stay aligned with regulatory requirements.

Key Responsibilities (SOX/ISO Compliance )- Assist in evaluating the design and effectiveness of internal controls over financial reporting in accordance with SOX.
- Develop, maintain, and update process documentation (narratives, risk/control matrices, flowcharts).
- Support and execute SOX control testing activities; document results and identify control deficiencies.
- Partner with control owners to ensure timely remediation of audit findings.
- Participate in walkthroughs of key processes and support control design improvements.
PCI DSS Compliance- Support efforts to maintain ongoing PCI DSS compliance across applicable systems and processes.
- Assist in identifying control gaps and collaborate on remediation strategies for handling cardholder data securely.
- Maintain and help implement PCI policies, procedures, and standards.
- Participate in assessments, evidence gathering, and preparation for annual PCI audits or Self-Assessment Questionnaires (SAQs).
- Collaborate with IT Security and other stakeholders to ensure appropriate technical and procedural controls are in place.
General Risk & Compliance Activities- Maintain dashboards, trackers, and reporting tools to monitor SOX and PCI compliance efforts.
- Assist in internal and external audit coordination, evidence collection, and issue resolution.
- Stay current on changes in regulatory standards, compliance frameworks, and industry best practices.
- Support compliance training initiatives, awareness campaigns, and policy rollouts across the organization.
- Contribute to the continuous improvement of compliance programs, including automation opportunities and control optimization.
Required Qualifications- Bachelor's degree in Business, Finance, Accounting, Information Systems, Cybersecurity, or a related field.
- 3"5 years of professional experience in risk management, compliance, audit, or information security.
- Familiarity and hands-on experience with SOX and PCI DSS compliance programs.
- Working knowledge of internal controls, audit processes, and risk assessment methodologies.
- Strong analytical and documentation skills; able to break down complex issues clearly.
- Proficient in Microsoft Office Suite, especially Excel, Word, and PowerPoint.
- Experience with GRC tools (e.g., AuditBoard, Archer, ServiceNow GRC) is a plus.
Preferred Skills & Certifications- Strong interpersonal and communication skills, with the ability to work effectively across departments.
- Detail-oriented, organized, and capable of managing multiple priorities in a deadline-driven environment.
- Demonstrated ability to analyze control effectiveness and contribute to remediation planning.
- Certifications in progress or interest in CISA, CIA, CPA, or PCI-related certifications (e.g., PCIP, QSA).
- Self-starter with a continuous improvement mindset and a willingness to learn.
Why Join Us?- Gain exposure to critical risk and compliance frameworks in a growing and dynamic environment.
- Work with supportive teams across Security, Finance, and IT.
- Opportunity to develop a strong foundation in Compliance and contribute to a maturing compliance program.