Job Details

Email to Friend Save Back

Security Analyst- PCI Compliance

MIAMI-33122, FL, US
08/01/2019

-

Required Skills

Microsoft Office Suite

Company

Infinity Consulting Solutions, Inc

Experience

3 to 5 Year(s)

Job Description

Security Analyst- PCI Compliance

The Security Analyst- PCI Compliance will be responsible for assessing the current state vs. PCI DSS requirements, work with Business and IT areas on specific focus areas to implement processes and technologies to become compliant.

Manage projects within the global program, re-assess environment versus PCI requirements at specified intervals, and assist in the documentation of PCI compliance related policies, procedures, standards, and other deliverables required to prove compliance.

ESSENTIAL FUNCTIONS:

Develop project requirements, objectives, plans, schedules and tasks for both IT and the business
community related to compliance activities

Coordinate PCI assessments -related tasks to ensure the readiness of managers and their teams for
assessment testing and facilitating the timely resolution of any findings

Own the processes to validate the coverage and configuration of the core security solutions required by the PCI DSS

Work with SMEs to design and implement solutions required for remediation

Work closely with project team members to document current PCI requirements and instruct team members in appropriate control rationalization and test evidencing techniques

Advise on proposed security tool and process changes that could impact PCI DSS compliance

Knowledge of all requirements of the PCI DSS v3.x, other significant PCI SSC guidance, and card security and compliance requirements from the major card brands

Intermediate knowledge of the following areas: Penetration Testing, Vulnerability Scanning, Anti-virus and
Malware, Application Code Scanning and Secure Coding Practices, Configuration Management, File Integrity Monitoring, Multi-Factor Authentication, Encryption and Key Management, Hardening of servers and network devices

Ensure reports and findings are delivered in a timely and appropriate manner to management

Facilitate compliance with the PCI DSS via regular monitoring of related activities

Execute multiple PCI DSS control validation programs simultaneously with specific deadlines.

Recognizes and identifies potential areas where existing policies, standards and procedures require change.

Coordinate certified PCI ASV scans, ensure passing scan for each quarter, and drive remediation of scans

Manage the progress of remediation steps on identified control deficiencies

Support additional internal and external PCI compliance activity as part of the PCI Program

QUALIFICATIONS:

Bachelor’s degree in computer science or related work experience

3-4 years’ experience executing PCI compliance programs

3-4 years technical experience with global company environments

Experience with complex risk-based approach to internal and external compliance efforts

Proven analytical and organizational skills to independently work on multiple projects, and meet deadlines while ensuring quality results, is expected.

Must have familiarity with systems, networks, and a variety of the security concepts, practices, and procedures

Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues

Demonstrated ability to manage multiple assignments and deadlines

Excellent communication skills and significant attention to detail (both written and verbal)

Ability to work independently and effectively with all levels of staff and management both internally and externally

Knowledge of the ISO, COBIT and PCI DSS control frameworks is expected

Professional certification such as CISA, CISM, CRISC or CIPP is a plus

Proficiency with Microsoft Office Suite