Assistant Vice President - Platform Compliance Post Acquisition

About Us

SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment experience and indulge in rewarding benefits. At SBI Card, the motto Make Life Simple inspires every initiative, ensuring that customer convenience is at the forefront of all that we do. We are committed to building an environment where people can thrive and create a better future for everyone.

SBI Card is proud to be an equal opportunity & inclusive employer and welcome employees without any discrimination on the grounds of race, color, gender, religion, creed, disability, sexual orientation, gender identity, marital status, caste etc. SBI Card is committed to fostering an inclusive and diverse workplace where all employees are treated equally with dignity and respect which makes it a promising place to work.

Join us to shape the future of digital payment in India and unlock your full potential.

What's in it for YOU

1. SBI Card truly lives by the work-life balance philosophy. We offer a robust wellness and wellbeing program to support mental and physical health of our employees
2. Admirable work deserves to be rewarded! We have a well curated bouquet of rewards and recognition program for the employees
3. Dynamic, Inclusive and Diverse team culture
4. Gender Neutral Policy
5. Inclusive Health Benefits for all - Medical Insurance, Personal Accidental, Group Term Life Insurance and Annual Health Checkup, Dental and OPD benefits
6. Commitment to overall development of an employee through comprehensive learning & development framework

Role Purpose

As the Platform Compliance, you will lead the compliance oversight for our digital platforms, products, and technology infrastructure. You will bridge the gap between technical teams (engineering, product) and regulatory requirements (RBI, SEBI, NPCI, DPDP, etc.). The ideal candidate will ensure that new features, platforms, and automated workflows are compliant by design, managing surveillance, and enhancing control frameworks to support business growth without compromising on regulatory adherence.

Role Accountability

Below responsibilies and accountability across application in scope

1. Vulnerability Management: Oversee programs for the identification, management, and remediation of Technology risks and Vulnerability management.
2. Obsolescence Management: Execute programs related to platform upgrades for obsolete versions and establishing clear End-of-Life (EOL) technology retirement, renewal, and upgrade programs
3. Regulatory Compliance: Ensure all technology platforms and digital lending/service applications comply with applicable federal, state, and local laws and regulations (e.g., GDPR, CCPA, SOX, industry-specific regulations like those from the RBI or SEC).
4. Risk Management: Identify, assess, and manage compliance and conduct risks
5. Strategic Delivery: Drive technology-related strategic programs aimed at operational excellence within the compliance function and across covered platforms.
6. Regulatory adherence: Monitor and enforce compliance with relevant industry regulations and guidelines.
7. Audit and Reporting: Act as a primary point of contact for internal and external audits and regulatory examinations for all processes under scope, preparing necessary documentation and reports for management review and regulatory submission.
8. Stakeholder management: Engage and align internal and external stakeholders for smooth operations.
9. People management: Lead, motivate, and develop team members to achieve operational excellence.
10. Budget management: Plan, monitor, and control operational budgets to optimize resource utilization.
11. Attrition management: Implement strategies to retain key employees and minimize staff turnover.

Measures of Success

1. Vulnerability & Obsolescence Management :Achieve zero (End-of-Life) software versions on inscope application
2. Achieve [Target %, e.g., 98%] compliance with vulnerability remediation timelines (SLA for patching critical vulnerabilities).
3. Regulatory Compliance : Achieve a 100% pass rate on all internal and external compliance audits related to technology platforms.
4. Zero material findings or regulatory enforcement actions related to platform compliance within the fiscal year.
5. Risk Management & Strategic Delivery :Mitigate identified high-risk compliance gaps within the agreed-upon remediation timeframe.
6. Successful delivery oftechnology-related strategic programs for operational excellence within the fiscal year budget and timeline.
7. Stakeholder Management & Budgeting : Maintain actual spending within [Target %, e.g., 3%] of the forecasted budget for compliance processes under scope.
8. Audit and Reporting: Deliver all required management and regulatory reports on time (100% adherence to deadlines).

Technical Skills / Experience / Certifications

1. Proven experience in leading and managing cross-functional teams and influencing stakeholders at all levels of the organization.
2. Hands-on experience with GRC platforms (e.g., ServiceNow IRM) and data analytics tools for compliance monitoring.
3. Deep knowledge of industry authoritative sources and frameworks such as ISO 27001, NIST CSF, COBIT, SOX, and GDPR/data privacy standards.
4. Strong background in cybersecurity risks, controls definition, and IT infrastructure.
5. Technology skill set - Person should have hands on experience in most of following technology areas.
6. Application and Databases - Java J2EE, SOAP/REST, Microservices, Oracle, PL/SQL,python,SOA BPM
7. User Interface frameworks - Angular and React
8. Platforms - Linux, Shell scripting, Oracle WebLogic
9. Implementation and working Knowledge on cyber security standards
10. Implementation and working knowledge of DEVOps and CI/CD tools (Fortify , Jenkins , Git , Nexus , Jira , Sonar)

Competencies critical to the role

1. Strategic Thinking: Ability to anticipate regulatory shifts and develop proactive compliance strategies.
2. Analytical & Problem-Solving Skills: Strong ability to analyze complex regulations, identify potential vulnerabilities, and develop practical, legally sound solutions.
3. Influencing & Communication: Excellent verbal and written communication skills to clearly articulate compliance requirements and risks to both technical teams and senior executives.
4. Detail Orientation: Meticulous attention to detail is critical for reviewing policies, legal documents, and audit trails.
5. Collaboration & Leadership: Ability to work collaboratively with Legal, Audit, IT, and Business departments to ensure cohesive GRC efforts.

Qualification

1. B.E / B.Tech / MCA in Computer Science/IT
2. ITIL/ITSM/ITAM is highly desirable
3. MBA/PGDM in IT/System is preferred

Preferred Industry

BFSI