Previous Job
Previous
IT Security and PCI Compliance Administrator
Ref No.: 17-01132
Location: Greater Providence Area, Rhode Island
Position Type:Contract
Position Type: Contract, 3-6 months

IT Security and PCI Compliance Administrator
This position, is responsible for overall Information Technology compliance, encompassing all infrastructure and software applications, with an emphasis on Payment Card Industry (PCI) compliance.

Responsibilities:
  • Ensure that compliance for PCI standards are maintained across all departments. Coordinate with other members of the information technology and information security functions and end user departments to implement and sustain appropriate technical and procedural controls to support this objective.
  • Remain apprised of pending changes to standards and proactively design and apply appropriate measures.
  • Monitor PCI DSS compliance of relevant hosting partners and application vendors.
  • Perform ongoing security procedures, including review of firewall activity and other system logs, vulnerability (anti-virus, software/firmware patch) management, periodic system intrusion testing and investigation of exception conditions.
  • Monitor compliance with Information Security Policies with emphasis on PCI.
  • Implement operating procedures including communication, documentation, quality, and change control processes.
  • Develop, update and test the Information Technology Incident Response Plan.
  • Participate in new technology deployment initiatives, contributing to the foundation's overall adoption of best security practices.
  • Stay abreast of emerging technology developments and security threats and factor into our compliance program, strategies and tools.
  • Additional duties, as assigned.
 
Knowledge & Experience:
  • Minimum of 10 years of hands-on technical information security experience.
  • Expert-level knowledge of security principles and technologies.
  • Direct experience with PCI compliance required.
  • Experience designing and implementing security solutions.
  • Experience with network technologies and related segmentation strategies, as well as virtualization.
  • Bachelor's degree or equivalent experience.
  • Bachelor's degree in computer science, MIS, or related field preferred.
  • Master's degree is preferred.
  • A combination of CISSP, SANS GIAC, QSA, ISA, or PCIP certifications are required.
 
Roles, skills, and attributes required:
  • Strong, proven problem-solving skills and the ability to identify, analyze, and resolve problems, driving solutions through to completion.
  • The ability to translate complex technical information across all levels of the organization.
  • Strong facilitation skills and a clear ability to build strong relationships with business stakeholders at all levels, including executive managers and vendors.
  • Demonstrated ability to work effectively with a team, delivering high performance and customer satisfaction in a global, matrix-management environment.
  • Demonstrated ability to translate business drivers and priorities into security design.
  • Excellent written and presentation skills.
  • Willingness to travel internationally, with experience of dealing with different nationalities and cultures.
 
Practical experience with:
  • IT operations environments
  • Network Security, perimeter protection, web application security
  • Heterogeneous host operating systems
  • Virtualization
  • using RSA Archer eGRC to perform compliance and risk assessments (ideal)