PCI Compliance Analyst

Gravity IT Resources

Apply Now

Job Title: PCI Compliance Analyst

Location: Doral, FL

Job-Type: Contract

Referral Fee: +/- $150/week

Employment Eligibility: Gravity will consider US Citizens, Green Card Holders and those with full-time US Employment Authorization (H-1B Candidates). We are also open to contract or “corp to corp” agreements for highly qualified candidates.

Position Overview:

Gravity is looking for a PCI Compliance Analyst to spearhead our client’s assessment and remediation efforts. The successful candidate will possess strong experience running global PCI compliance assessments including: conducting interviews, collecting evidence and ensuring remediation efforts are met.

Our client is $19B, global cruise company and one of the largest vacation companies in the world and provides a comfortable, fun and inclusive working environment. Technology is a major driver of this company’s efforts to continue to deliver exceptional value to its customers.

Duties & Responsibilities:

• Bachelor’s degree in computer science or related work experience

• 3-4 years’ experience executing PCI compliance programs

• 3-4 years technical experience with global company environments

• Experience with complex risk-based approach to internal and external compliance efforts

• Proven analytical and organizational skills to independently work on multiple projects, and meet deadlines while ensuring quality results, is expected.

• Must have familiarity with systems, networks, and a variety of the security concepts, practices, and procedures

• Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues

• Demonstrated ability to manage multiple assignments and deadlines

• Excellent communication skills and significant attention to detail (both written and verbal)

• Ability to work independently and effectively with all levels of staff and management both internally and externally

• Knowledge of the ISO, COBIT and PCI DSS control frameworks is expected

• Professional certification such as CISA, CISM, CRISC or CIPP is a plus

• Proficiency with Microsoft Office Suite

Required Experience & Skills:

• Develop project requirements, objectives, plans, schedules and tasks for both IT and the business community related to compliance activities

• Coordinate PCI assessments -related tasks to ensure the readiness of managers and their teams for assessment testing and facilitating the timely resolution of any findings

• Own the processes to validate the coverage and configuration of the core security solutions required by the PCI DSS

• Work with SMEs to design and implement solutions required for remediation

• Work closely with project team members to document current PCI requirements and instruct team members in appropriate control rationalization and test evidencing techniques

• Advise on proposed security tool and process changes that could impact PCI DSS compliance

• Knowledge of all requirements of the PCI DSS v3.x, other significant PCI SSC guidance, and card security and compliance requirements from the major card brands

• Intermediate knowledge of the following areas: Penetration Testing, Vulnerability Scanning, Anti-virus and Malware, Application Code Scanning and Secure Coding Practices, Configuration Management, File Integrity Monitoring, Multi-Factor Authentication, Encryption and Key Management, Hardening of servers and network devices

• Ensure reports and findings are delivered in a timely and appropriate manner to management

• Facilitate compliance with the PCI DSS via regular monitoring of related activities

• Execute multiple PCI DSS control validation programs simultaneously with specific deadlines.

• Recognizes and identifies potential areas where existing policies, standards and procedures require change.

• Coordinate certified PCI ASV scans, ensure passing scan for each quarter, and drive remediation of scans

• Manage the progress of remediation steps on identified control deficiencies

• Support additional internal and external PCI compliance activity as part of the PCI Program

Jon.Hoppensteadt

Apply Now