Analyst – Cyber Security Compliance
California, United States of America
Full Time
2 hours ago
$67,000 - $84,000 USD
No Visa Sponsorship
Key skills
Cyber SecuritySDLCChange ManagementNetwork Security
About this role
Role Overview
- Lead Payment Card Industry Data Security Standards (PCI DSS) Assessments as an ISA
- Document assessment findings, provide gap analysis and recommendations for remediation
- Provide advice and guidance to business units in all areas relating to payment security, including PCI DSS (Payment Card Industry Data Security Standards) and security best practices aligned to Cyber Security strategy
- Liaise with external security assessment firms to ensure on-time completion of projects
- Assist in preparing formal presentations of compliance status and issues to business units and management
- Partner with business units on the creation and collection of evidence in preparation for internal and external assessments
- Lead Quarterly Security Reviews (QSRs) with business teams to ensure applicable PCI DSS controls are being performed and maintained
- Advocate security best practice throughout the business
- Assist in responding to compliance queries from third parties, clients, client reps, legal, advanced product specialists on behalf of the company
Requirements
- A strong working knowledge of the PCI DSS requirements and accurate reporting
- 1-3 years of experience in PCI compliance programs as a PCI SSC ISA
- General knowledge of IT environments, including but not limited to scope reduction, network devices, technical implementation, and asset management
- Experience in cyber security/compliance/IT assessment projects and processes
- Familiarity with best practices around network security, configuration management, system hardening, data retention and disposal, encryption, key management, anti-virus, vulnerability management/scanning/patching, application security, logical and physical security, Software Development Life Cycle/change management procedures/Separation of Duties/Code Reviews, logging and monitoring, file integrity monitoring, intrusion detection, endpoint security, incident response, supplier security assurance, and security operations
- Experience working with Network and Systems Engineers, Architects, Developers/Engineers, Finance Teams, DBAs, Call Center and Point of Sale administrators, and Suppliers
- Degree in IS/IT or PCI ISA, PCIP, CISM or other IT/Cyber Security certifications preferred
Tech Stack
- Cyber Security
- SDLC
Benefits
- Medical, vision, dental and mental health benefits for you and your family, with access to a health care concierge, and Flexible or Health Savings Accounts (FSA or HSA)
- Free concert tickets, generous paid time off including paid holidays, sick time, and personal days
- 401(k) program with company match, stock reimbursement program
- New parent programs including caregiver leave and baby bonuses, plus fertility, adoption, foster, or surrogacy support
- Career and skill development programs with School of Live, tuition reimbursement, and student loan repayment
- Volunteer time off, crowdfunding match