Description: Security analysts are responsible for analyzing system and application security and making recommendations that optimize the protection of our computer systems and information resources. Security analysts develop, test, implement and maintain security policies and programs. They are responsible for staying current on security best practices and identifying security procedures to support business objectives and regulatory compliance.
Responsibilities:
The Information Security Office (ISO) Regulatory Compliance team is seeking a Security Analyst 2 to actively contribute to our organization's compliance efforts. This role calls for someone who can work closely with various business units, conduct thorough assessments, and assist in crafting effective remediation plans.
Key Responsibilities:
As a Security Analyst 2 on the Regulatory Compliance Team, you will:
Coordinate audits with external assessors (QSA) and internal stakeholders to streamline assessment process related to collecting evidences
Lead the validation of PCI requirements testing results and drive compliance gap remediation efforts
Create and maintain documentation to support PCI program
Conduct comprehensive internal compliance assessments, identify compliance gaps, and actively participate in developing remediation plans.
Collaborate closely with different business units to ensure alignment with relevant regulations and standards.
Support automation efforts across the compliance function.
Regularly review policies and procedures to ensure ongoing compliance with regulatory requirements.
Effectively manage and prioritize multiple projects related to regulatory compliance.
Stay vigilant in monitoring and tracking regulatory changes, providing teams with guidance on updating policies and procedures as needed.
Be a source of guidance and support for fellow members of the compliance team.
Qualifications:
Required:
Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future
Must be committed to incorporating security into all decisions and daily job responsibilities
3+ years with leading, planning and execution of PCI assessments which includes review of control design with a focus on payment card compliance and security.
Demonstrate the ability to work both independently with a strong sense of ownership and collaboratively within a team to achieve departmental and project objectives.
Ability to maintain a high degree of confidentiality.
Detail-oriented with strong project management skills, including project planning, directing project activities, and leading project teams.
Proficient in documentation, communication skills, and a proven ability to deliver formal and informal presentations to a diverse audience.
Ability to organize and prioritize multiple complex assignments and tasks for self and team members, ensuring deadlines are met.
Excellent problem-solving and analytical skills, with the ability to define problems, collect data, establish facts, and draw valid conclusions.
Demonstrated leadership, collaboration, and relationship management skills, representing goals within the team and outside the department.
Ability to be flexible and adaptable to changing requirements and responsibilities while delivering high-quality results.
Commitment to incorporating security into all decisions and daily job responsibilities.
Proficiency with Microsoft Office applications, including Outlook, Word, PowerPoint, and Excel.
Preferred:
Bachelor's degree in Cyber Security, Computer Science, Computer Information Systems, Management Information Systems, or extensive security-related experience, or an equivalent combination of education and experience.
Functional knowledge of productivity, documentation, and collaboration tools such as SharePoint, Jira, Confluence, and Jive.