Senior Analyst - Cyber Security Compliance
United States
Full-time
1 week ago
$92,000 - $115,000 USD
H1B Sponsor Likely
Key skills
SDLCChange ManagementCommunicationNetwork Security
About this role
Live Nation Entertainment is the world’s leading live entertainment company, and they are seeking a highly motivated and detail-oriented Senior Analyst to join their Cyber Security Compliance team. This role focuses on conducting PCI Compliance assessments and providing expertise in security to ensure effective implementation and management of security controls.
Responsibilities:
- Lead Payment Card Industry Data Security Standards (PCI DSS) Assessments as an ISA
- Document assessment findings, provide gap analysis and recommendations for remediation
- Serve as the subject matter expert in the development, implementation, and maintenance of information related to all aspects of compliance
- Track the status of known Cyber Security risks and work with appropriate teams to promote remediation of known exposures
- Liaise with external security assessment firms to ensure on-time completion of projects
- Create and collect evidence from business teams in preparation for internal and external assessments
- Assist in implementing risk mitigation strategies for security issues using the NIST framework(s)
- Lead Quarterly Security Reviews (QSRs) with business teams to ensure applicable PCI DSS controls are being performed and maintained
- Advocate security best practice throughout the business
- Respond to compliance queries from third parties, clients, client reps, legal, advanced product specialists on behalf of the company
Requirements:
- 3-5 years of experience managing PCI compliance programs as a PCI SSC ISA or QSA
- 3-5 years of proven experience in regulatory compliance, IT audit, Cyber Security, IT Operations
- Knowledge and experience in reducing PCI Assessment Scope
- Strong working knowledge of the PCI DSS requirements and the importance of accurate reporting
- Experience managing cyber security/compliance/IT assessment projects and processes, working independently with limited supervision
- Experience facing technical and security challenges that are difficult and sometimes complex
- Familiarity with best practices around network security, configuration management, system hardening, data retention and disposal, encryption, key management, anti-virus, vulnerability management/scanning/patching, application security, logical and physical security, SDLC/change management procedures/SOD/Code Reviews, logging and monitoring, file integrity monitoring, intrusion detection, endpoint security, incident response, supplier security assurance, and security operations
- Experience working with Network and Systems Engineers, Architects, Developers/Engineers, Finance Teams, DBAs, Call Center and Point of Sale administrators, and Suppliers
- Experience coaching and reviewing the work of lower-level professionals or business partners
- Excellent verbal and written communication skills
- You can work in large global environments spanning multiple time zones
- You are highly responsible, self-motivated, and able to work with minimal supervision
- You are resourceful with the ability to adapt to a constantly changing technical environment
- You can critically evaluate new and current processes whilst embracing simplicity
- You enjoy working in a fast-paced environment with frequent deadlines
- You communicate clearly and transparently; have excellent interpersonal, written and verbal communication skills
- You can inspire confidence and maintain good working relationships with co-workers and clients
- You have excellent organizational and follow up skills
- You have a proactive nature and flexible approach
- You are self-motivated, self-disciplined and respectful
- Degree in IS/IT, CISA, CISM or other IT/Cyber Security certifications preferred