Previous Job
Previous
PCI analyst
Ref No.: 17-05904
Location: San Francisco, California
Mandatory Skills (Pls. detail as much as possible) • Exposure to PCI or SOX assessment co-ordination, evidence tracking and remediation is a must
• Working knowledge of IT security concepts including disaster recovery, penetration/vulnerability assessment and security-centric QA is required
Preferred Skills (Pls. detail as much as possible) • Preferred certification in one or more industry recognized security certifications: CISSP, GCED, and/or GSEC. Retail sector experience and project management experience is a plus
• Tools preferred: ServiceNow, Rapid 7, Qualys, Bit9, Symantec, Tripwire and McAfee products
• Good working knowledge of infrastructure security concepts including firewalls, DMZs, intrusion detection/prevention systems, network security, application security concepts, password management, RBAC, access provisioning, and OWASP
Job Roles/Responsibilities (Pls. detail as much as possible) • Create and maintain security-related documents (security controls / assessments / compliance assessments / reports) and efficiently manages multiple simultaneous tasks, providing consistent record of all activities, while handling confidential work with discretion
• Providing support for execution of security policy, information standards, security procedures, periodic security assessments/audits, and partnering with internal or external organizations to meet compliance and security needs and participate in the development and oversight of required corrective action plans
• Evaluate risks that the applicable vulnerabilities pose to the organization and understand the technical implementation details in order to assess and recommend security control improvements or identify mitigating controls
• Assist with remediation of control deficiencies identified during the audit process.
• Assist with the education and training of process/control owners so they better understand the controls framework and their responsibilities.