This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

The hottest job offers in the state of Virgina

To post a job, login or create an account |  Post a Job

PCI Security Analyst

Lawrence Harvey

This is a Full-time position in Sterling, VA posted June 7, 2021.

PCI Specialist
– GRC, Governance, Risk, Compliance, Vendor Assessment, Controls, Sterling, VA onsite, ASAP Start

Our leading Global Media client has an urgent requirement for a GRC focused PCI Specialist to support their tight-knit Security function.

This team member will be the main Subject Matter Expert for the organization’s PCI program and will participate and lead in the audits, attestations in addition to other various Cyber GRC areas including; security controls strategy, due diligence, security awareness, regulatory response, audit remediations, and other ad-hoc projects.

This position offers the opportunity to work within the early and growing stages of a Security GRC functions.

This position has a great mix of hands-on technical components as well as regs and controls activities.

The role sits at the intersection of information security, infrastructure, and engineering.

Main responsibilities:

· Lead PCI program from both a strategy and execution standpoints acting as the Primary Technical liaison and subject matter expert.

· Research security controls and translate to actionable insights and strategy to stakeholders and relevant leadership.

· Manage vendor risk program.

Review assessment alongside PCI
– DSS reports and PA-DSS.

Confirm vendor controls and advise remediation activities.

· Advise and guide companywide risk management program and risk appetite.

· Understanding new technologies and environments that may impact PCI standards internally and externally within the organization.

Certifications Required:
Working knowledge of PCI Standards and Requirements Must be a certified , PCI-QSA (Qualified Security Assessor), , or Internal Security Assessor or have held similar certifications Certifications Preferred
– CRISC, CISA, CISM, CISSP, or ISO 27001

Successful candidates will have the ability to work autonomously and be able to bridge the gap between deep technical knowledge and senior management engagement in order to influence strategy and information security management.

If you are interested in the opportunity, please respond via this advertisement or email Shoshbur Tasneem