Payments Security Specialist

Job Description As a part of the Payment Enablement & Integrations Product Team, your role involves assessing and addressing vulnerabilities and security needs in payment solutions for all H&M brands worldwide, focusing on stores. This includes planning and coordinating all penetration test (PEN test) activities, from pre-test involvement in planning and environment preparation to post-test activities such as debriefs, mitigation, and remediation. Maintain a strong understanding of PCI compliance and provide support and coordination for related activities as needed. Collaborate with the Product Team and relevant stakeholders to ensure proper compliance routines are followed, taking necessary actions to maintain full payment security compliance in our store environments at all times. Key Responsibilities: Conduct comprehensive payment security assessments, including penetration testing, vulnerability assessments, and risk analysis on payment systems Ensure continuous compliance with the Payment Card Industry Data Security Standard (PCI DSS) requirements. Perform PCI DSS assessments, audits, and validations, leveraging your expertise as a Qualified Security Assessor (QSA. Serve as a Qualified Security Assessor (QSA) with a deep understanding of PCI DSS compliance. Collaborate with cross-functional teams to identify and remediate compliance gaps, integrating security seamlessly into the product lifecycle. Monitoring processes to track the changes in payment solutions and report on the effectiveness of payment security controls. Meticulous in formulating plans, engaging in collaborative efforts with diverse stakeholders, and conducting thorough reviews and documentation of security assessments, test activities, compliance measures, and audit outcomes. Provide regular and insightful reports on the status of payment security initiatives to relevant stakeholders. Stay abreast of changes in PCI DSS standards and guidelines, ensuring proactive adaptation to evolving industry requirements. Drive continuous improvement initiatives based on industry trends and emerging threats, enhancing the overall payment security posture Qualifications Bachelor's degree in computer science, information security, or a related field. Minimum 6 years of experience in payment security, with a focus on penetration testing and PCI DSS compliance. Certified Information Systems Security Professional (CISSP), Certified Payment Card Industry Professional (CPISM), or equivalent certifications. In-depth knowledge and hands-on experience with Payment Card Industry Data Security Standard (PCI-DSS) and PCI PIN Transaction Security (PCI-PTS) requirements. Strong understanding of Information Security Management Systems, particularly ISO 27001, and familiarity with National Institute of Standards and Technology (NIST) cybersecurity frameworks. Holds relevant certifications such as ISO certifications, demonstrating expertise in international standards for information security. Familiarity with the General Data Protection Regulation (GDPR) and its implications for data protection and privacy. Holds a distinguished set of certifications including CISSP, CISM, ISO 27001 Lead Implementer, CISA, GSNA, Certified ISO 27001 Auditor, and CIA, demonstrating a robust skill set for auditing, information security management, and internal control, crucial for maintaining compliance and security in payment environments. Experience assisting auditors in setting up and running tests, providing necessary documentation, and facilitating the audit process. Additional Information This is a full-time position with a placement in Bangalore, India. Please apply as soon as possible, and latest by 20th December 2023. Interviews will be held continuously. Please contact if you have any questions about the role and recruitment process. H&M is committed to creating a Diverse and inclusive environment and we are actively looking for qualified candidates irrespective of race, gender, gender identity, sexual orientation, ethnicity, religion, national origin, disability or age.