We are currently seeking a Senior Cyber Security Engineer to join our Cybersecurity PCI team.
You will be an advanced technology professional providing expertise to assure compliance. You will be seen by IT colleagues as a technical resource in your area of expertise. In this role you will serves as a PCI-DSS specialist within the Cybersecurity PCI team, providing knowledge and actionable PCI DSS guidance to the enterprise as it relates to current and future processes.
Support and Troubleshooting
Third level contribution to technical domain including: Develops, maintains, distributes and reports on program of work and project plans.Identifies scope, recording and tracking associated inventory, ensuring significant change is monitored and controlled.Leads PCI assessments and identification of gaps to achieve and sustain compliance.Proactively identifies control weaknesses and deficiencies, assessing risk and impact, supporting risk register updates, collaborating to drive risk reduction and removal of compensating controls.Collaborates with internal teams and external parties.
Technology recommendation and design
Leads in the evaluation of new and existing technologies relatives to their domain(s) and makes strategic recommendations.Shares best practice, promoting and standardizing on consistent and efficient processes.Promotes security awareness of PCI principles and requirements.Works independently to design environments of increasing complexity and scope.Contributes to design specifications and the minimization of PCI scope.
Performance and tuning
Makes recommendations and ensures they are implemented across the global enterprise.Facilitates internal and external audits, ensuring timely collation of evidence, championing completeness and accuracy of reviews, driving continuous improvement and efficiency.Performs and executes self-assessment activities in markets designated as a level 2, 3 or 4 merchant.
Learning and Innovation:
Demonstrates developed knowledge thorough understanding in technical domain.Stays current with technology developments and competitive trends, uses this knowledge to identify and propose PCI compliance strategies to the enterprise.Ability to obtain ISA (Internal Security Assessor) certification within 12 months.
Other duties, responsibilities and activities as assigned.Ability to travel as necessary.
Previous experience as a PCIP, ISA or QSA preferred.