Security Analyst- PCI Compliance
MIAMI-33122, FL, US
08/01/2019
-
Required Skills
Company
Infinity Consulting Solutions, Inc
Experience
3 to 5 Year(s)
Job Description
Security Analyst- PCI Compliance
The Security Analyst- PCI Compliance will be responsible for assessing the current state vs. PCI DSS requirements, work with Business and IT areas on specific focus areas to implement processes and technologies to become compliant.
Manage projects within the global program, re-assess environment versus PCI requirements at specified intervals, and assist in the documentation of PCI compliance related policies, procedures, standards, and other deliverables required to prove compliance.
ESSENTIAL FUNCTIONS:
Develop project requirements, objectives, plans, schedules and tasks for both IT and the business
community related to compliance activities
Coordinate PCI assessments -related tasks to ensure the readiness of managers and their teams for
assessment testing and facilitating the timely resolution of any findings
Own the processes to validate the coverage and configuration of the core security solutions required by the PCI DSS
Work with SMEs to design and implement solutions required for remediation
Work closely with project team members to document current PCI requirements and instruct team members in appropriate control rationalization and test evidencing techniques
Advise on proposed security tool and process changes that could impact PCI DSS compliance
Knowledge of all requirements of the PCI DSS v3.x, other significant PCI SSC guidance, and card security and compliance requirements from the major card brands
Intermediate knowledge of the following areas: Penetration Testing, Vulnerability Scanning, Anti-virus and
Malware, Application Code Scanning and Secure Coding Practices, Configuration Management, File Integrity Monitoring, Multi-Factor Authentication, Encryption and Key Management, Hardening of servers and network devices
Ensure reports and findings are delivered in a timely and appropriate manner to management
Facilitate compliance with the PCI DSS via regular monitoring of related activities
Execute multiple PCI DSS control validation programs simultaneously with specific deadlines.
Recognizes and identifies potential areas where existing policies, standards and procedures require change.
Coordinate certified PCI ASV scans, ensure passing scan for each quarter, and drive remediation of scans
Manage the progress of remediation steps on identified control deficiencies
Support additional internal and external PCI compliance activity as part of the PCI Program
QUALIFICATIONS:
Bachelor’s degree in computer science or related work experience
3-4 years’ experience executing PCI compliance programs
3-4 years technical experience with global company environments
Experience with complex risk-based approach to internal and external compliance efforts
Proven analytical and organizational skills to independently work on multiple projects, and meet deadlines while ensuring quality results, is expected.
Must have familiarity with systems, networks, and a variety of the security concepts, practices, and procedures
Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues
Demonstrated ability to manage multiple assignments and deadlines
Excellent communication skills and significant attention to detail (both written and verbal)
Ability to work independently and effectively with all levels of staff and management both internally and externally
Knowledge of the ISO, COBIT and PCI DSS control frameworks is expected
Professional certification such as CISA, CISM, CRISC or CIPP is a plus
Proficiency with Microsoft Office Suite
Security Analyst
Information Technology
No Preference
Contract Only
Other
1
Candidate Requirements
-
Bachelors
Walkin Information
-
7/17/2019
-
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205,
NEW YORK-10018, NY
-