Overview: We are seeking a highly skilled and experienced Information Security Analyst with a strong background in IT Security controls and PCI DSS (Payment Card Industry Data Security Standard) compliance. As an integral member of the team, you will be responsible for ensuring the protection of the organization's sensitive information, particularly in relation to payment card data. Your expertise and guidance will be essential in maintaining a secure environment and adhering to PCI DSS requirements.
Key Responsibilities
- Conduct comprehensive security assessments/risk assessments to evaluate the organization's adherence to PCI DSS standards and other applicable Regulatory Standards for Information Security.
- Provide expert advice and recommendations to management on implementing and maintaining PCI DSS compliance.
- Perform vulnerability analyses to identify potential security threats and weaknesses in systems and processes.
- Develop and execute strategies for remediating security gaps and non-compliance issues identified during assessments.
- Collaborate with cross-functional teams to implement security best practices and ensure the integration of security measures into various business processes.
- Advise on the design, implementation, and management of secure network architectures and configurations.
- Monitor and analyze security incidents and breaches, taking appropriate actions to mitigate and resolve them effectively.
- Oversee and assist in the development of security policies, procedures, and guidelines aligned with Information Security and PCI DSS requirements.
- Conduct security awareness training sessions for employees to promote a culture of security consciousness and compliance.
- Stay up to date with the latest trends, technologies, and developments in information security to continuously improve security practices.
- Participate in compliance audits and examinations, providing necessary documentation and evidence as required.
- Collaborate with third-party vendors and partners to ensure their compliance with PCI DSS and Information Security Standards, as applicable.
- Maintain an accurate inventory of assets and data subject to PCI DSS requirements.
- Act as a subject matter expert and liaison with internal and external stakeholders regarding security-related matters.
Requirements & Skillset
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Minimum of 3-4 years of experience in information security governance, compliance, and risk management.
- Professional certifications such as CISSP, CISA, CISM, LA ISO 27001, ISA or PCIP are preferred.
- Microsoft Certified Azure Security Engineer Associate (AZ-500) or similar cloud security certifications are preferred.
- Proven experience as an Information Security Consultant with a focus on PCI DSS compliance.
- Strong understanding and hands-on experience with Azure security services, including Azure Security Center, Azure Sentinel, Azure AD, and encryption methods. Ability to design and implement security controls in cloud environments.
- In-depth knowledge of PCI DSS requirements and their practical application in a corporate environment.
- Strong understanding of network security, encryption, firewalls, access controls, and other security technologies.
- Experience in Governance, Risk, and Compliance for Information Security.
- Familiarity with security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework).
- Excellent analytical and problem-solving skills to identify and address security risks effectively.
- Outstanding communication skills, both verbal and written, to interact with diverse stakeholders and convey complex security concepts in a clear and understandable manner.
- Ability to work independently and collaboratively within a team environment.
- Strong project management skills to lead and execute security-related initiatives.
- Dedication to maintaining confidentiality and ethical behavior in handling sensitive information.
Join our dynamic organization and contribute to safeguarding information with your expertise in Information Security and PCI DSS compliance. Apply now and be part of a company that values security and its employees' professional growth.
