|Preferred GIAC Certifications||GISP, GSNA|
|Salary||100-135K + 10%|
Progrexion is looking for a Security Compliance Analyst II to join our Information Technology Security Team. The successful candidate will demonstrate our Corporate Guiding Values of Integrity, Consumer Advocacy, Teamwork, Development, Quality and Performance in all areas of their work. The Senior Security Compliance Analyst will be responsible for driving internal compliance efforts, identifying and assessing risks, as well as leading the annual Payment Card Industry (PCI) and other Third-Party Assessment assessments.
Set standards and establish documentation for PCI and other similar programs
Strategize and outline goals and objectives of the program
Lead the annual assessment processes
Identify trends, root causes, and key risk indicators of non-compliance
Develop business processes that support compliance requirements
Facilitate regular organizational communication to reduce risk of non-compliance
Manage the day-to-day detailed aspects of multiple compliance projects
Set timelines for goal posts/due dates
Coordinate and utilize cross-functional resources for multiple projects in the program
Develop remediation plans to resolve findings and draft written reports that summarize the objectives, scope, findings and conclusions.
Prepare formal written audit reports and supporting workpapers that document testing and conclusions on the adequacy of controls
Communicate program objectives, goals, and progress to program directors, executives, upper management, and stakeholders
QUALIFICATIONS AND EDUCATION REQUIREMENTS REQUIRED:
BS degree in Computer Science, Engineering or other technical field required, or, equivalent work experience
7 to 10 years of experience in the areas of project management, business analysis, compliance/audit, or information security.
Current or former PCI Internal Security Assessor (PC-ISA)
Experience designing, testing or auditing technical controls
Working knowledge of and demonstrated experience with PCI Data Security Standard (PCI DSS)
Experience with payment cards and/or credit reports
Demonstrated knowledge of project management methodologies (Agile, Waterfall)
Ability to work in a fast-paced environment
Must be tactful, detail oriented, and able to comprehend technical and regulatory requirements.
Must be able to work with third-party assessors and auditors
Must exhibit excellence in partnering, teamwork, and quality performance
Able to effectively give, receive, and respond to feedback
Excellent oral and written communication skills with the ability to communicate security concepts to a technical and non-technical audience including senior management
Demonstrated ability to establish relationships and build rapport to influence colleagues at all levels, uncover issues, and identify needs
Information security recognized certification(s) preferred – Network+, Security+ and/or Linux+