Senior IT Compliance Analyst (PCI)
COMPETENCIES:
- Intimate understanding of PCI-DSS controls
- Demonstrated experience in implementing and assessing PCI related standards including PCI-DSS, PA-DSS, ASV guidelines and other regulatory mandates
- Experience in implementing and utilizing compliance framework such as COSO, COBIT, NIST, and ISO 27001 etc
- Thorough understanding of Sarbanes Oxley (SOX), GDPR and the California Consumer Privacy Act (CCPA)
- Familiarity with a broad range of IT and Information Security products and technologies such as identity and access management, vulnerability management, encryption and key management, logging and monitoring and application security
- Familiarity with cloud-based environments and technologies with associated auditing methodologies
- Excellent documentation and communication skills
QUALIFICATIONS
- Bachelor's or Master's degree in a computer or information management field
- Cybersecurity certifications such as CISSP, CISA, CRISC, or CISM are preferred
- 5-7 years’ experience in an information security compliance, audit or risk management role with hands on experience in a multitude of compliance initiatives including but not limit to
- PCI-DSS
- SOX-404, EU-GDPR, CCPA
- COSO, CoBIT, ISO27001
- NIST (CSF & RMF)
- HIPAA
- SSAE-16 [SOC-1 and SOC-2
- Experience with developing and implementing automation for controls and compliance is preferred
- Strong analytical and problem-solving skills with the ability to function as a change agent
- Strong skills with intermediate to advanced level expertise with Excel and PowerPoint
- Demonstrated experience in working in a high paced multi-tasking environment.
- Understanding of security metrics and creation of effective dashboards for management review and consumption.