About the Client
Our client is a cutting edge, fast moving, global online payment platform.
About the Job
You will be assisting the client with meeting US and international regulatory requirements.
- Assess compliance of the company environment to PCI-DSS and other security standards for ATMs
- Review the evidence obtained during the last PCI assessment and make sure that it is appropriate for the request
- Evaluate the design and effectiveness of technology controls throughout the business cycle, and identify opportunities for more efficient and effective controls
- Work with control owners to document PCI controls including description, ownership, testing procedures as part of our controls library
- Document the gaps found as part of the Issue management process; Work with the identified issue owners to follow up, track status and ensure that the issues are closed prior to remediation due date agreed
- Act as an onsite representative for the security compliance team to funnel in any specific security compliance matters
- Work with the respective audit leads (PCI & SOC1) to provide on-site support and assistance for compliance assessments
- Provide periodic compliance status reporting to multiple stakeholders within the organization
Self motivated, talented individual with the ability to work efficiently and independently with some supervision. Possessing a minimum of 5 years of information security, risk management and controls testing/monitoring experience.
- Experience conducting audits in accordance with the Sarbanes Oxley Act (SOX), SSAE16, AT101, PCI-DSS, ATM security or any other regulatory obligations or industry standards
- Understanding of information security and risk management frameworks such as COBIT, ISO17799/2700x, NIST, FIPS or COSO
- Ability to track and execute numerous parallel activities, work efficiently and independently with some supervision (i.e., self-motivated and willing to stretch to meet important deadlines)
- Work in a fast-paced, dynamic environment, embrace change, build and maintain constructive working relationships with a diverse community (in and outside of technology)
- Effectively communicate in both written and verbal manner to influence both technical and non-technical audiences
- Bachelor’s degree required, post-graduate degree a plus
- Industry certifications in the areas of Information Security/Systems are preferred – CISSP, CISA, CISM, CGEIT, ISA/QSA