Senior Security Compliance Specialist (PCI)
Onsite 4 days in SF San Jose or Rocklin
THIS IS A BACKFILL
| Duties/Day to Day Overview | - Lead the enterprise PCI DSS compliance program including preparation for annual assessments and ongoing control validation.
- Conduct PCI readiness assessments and identify gaps in compliance with PCI DSS requirements.
- Act as a consultant when someone has question for PCI
- Monitor standards and update
- Partner with technology and business teams to design and implement remediation plans for identified compliance gaps.
- Provide guidance to technical teams on implementing and maintaining PCI controls.
- We have a lot of vulnerabilities - this person needs to be technically savvy enough to be able to advise on how to remediate vulnerability or out of compliance conditions need to know how to propose solutions to tech team
- Lead PCI scoping and segmentation efforts to reduce the organizations cardholder data environment and overall compliance scope.
- Maintain PCI documentation evidence repositories and compliance reporting.
- Provide periodic updates to leadership on PCI compliance posture risks and remediation progress.
- Improve compliance processes using GRC tools automation and scalable control monitoring.
|
| Top Requirements (Must haves) | - Bachelors degree or equivalent experience in information security risk or compliance.
- 7 years of experience in information security or compliance roles.
- 5 years of direct PCI DSS experience supporting or leading PCI compliance programs.
- Strong knowledge of PCI DSS and experience implementing controls in complex enterprise environments.
- QSA or CISSP certification strongly preferred.
- Need to be comfortable and professional when articulating findings/justifications/action plans to senior leadership
Technical Requirements - Experience working in large-scale enterprise technology environments.
- Strong understanding of security frameworks including PCI DSS ISO 27001 COBIT and SOX.
- Experience performing risk assessments and compliance gap analyses.
- Experience with GRC platforms and compliance automation tools.
- Strong written verbal and executive communication skills.
- Ability to influence cross-functional teams and drive remediation efforts.
- Experience working within the retail sector
- Ideally coming from retail and/or ecommerce
- Need to at least come from a complex enterprise environment where pay and credit card transactions are happening
|
Senior Security Compliance Specialist (PCI) Onsite 4 days in SF San Jose or Rocklin THIS IS A BACKFILL Duties/Day to Day Overview Lead the enterprise PCI DSS compliance program including preparation for annual assessments and ongoing control validation. Conduct PCI readiness assessm...
Senior Security Compliance Specialist (PCI)
Onsite 4 days in SF San Jose or Rocklin
THIS IS A BACKFILL
| Duties/Day to Day Overview | - Lead the enterprise PCI DSS compliance program including preparation for annual assessments and ongoing control validation.
- Conduct PCI readiness assessments and identify gaps in compliance with PCI DSS requirements.
- Act as a consultant when someone has question for PCI
- Monitor standards and update
- Partner with technology and business teams to design and implement remediation plans for identified compliance gaps.
- Provide guidance to technical teams on implementing and maintaining PCI controls.
- We have a lot of vulnerabilities - this person needs to be technically savvy enough to be able to advise on how to remediate vulnerability or out of compliance conditions need to know how to propose solutions to tech team
- Lead PCI scoping and segmentation efforts to reduce the organizations cardholder data environment and overall compliance scope.
- Maintain PCI documentation evidence repositories and compliance reporting.
- Provide periodic updates to leadership on PCI compliance posture risks and remediation progress.
- Improve compliance processes using GRC tools automation and scalable control monitoring.
|
| Top Requirements (Must haves) | - Bachelors degree or equivalent experience in information security risk or compliance.
- 7 years of experience in information security or compliance roles.
- 5 years of direct PCI DSS experience supporting or leading PCI compliance programs.
- Strong knowledge of PCI DSS and experience implementing controls in complex enterprise environments.
- QSA or CISSP certification strongly preferred.
- Need to be comfortable and professional when articulating findings/justifications/action plans to senior leadership
Technical Requirements - Experience working in large-scale enterprise technology environments.
- Strong understanding of security frameworks including PCI DSS ISO 27001 COBIT and SOX.
- Experience performing risk assessments and compliance gap analyses.
- Experience with GRC platforms and compliance automation tools.
- Strong written verbal and executive communication skills.
- Ability to influence cross-functional teams and drive remediation efforts.
- Experience working within the retail sector
- Ideally coming from retail and/or ecommerce
- Need to at least come from a complex enterprise environment where pay and credit card transactions are happening
|
View more
View less
Job Location:
Monthly Salary:
Not Disclosed
Posted on:
5 hours ago
Vacancies:
1 Vacancy
