Description

Responsibilities

Actively coordinate the internal and external SOX/PCI audits and provide IT management direction as to how to remediate pertinent action items in order to achieve SOX/PCI compliance with zero material findings.

Ensure compliance with any applicable information security standards and regulations.

Perform user access reviews and ensure respective remediation is performed in a timely manner.

Maintain Ongoing PCI Compliance Including, But Not Limited To

Prepare for the yearly PCI audit by maintaining/updating the master inventory of PCI controls

Consult with project teams on PCI requirements as they relate to system changes, product reviews, contracts and RFP responses


Work with PCI Auditor to ensure that system designs are vetted for potential PCI compliance conflicts before these designs are implemented

Schedule quarterly PCI scans and yearly Internal and External Penetration Tests, and work with Technical teams to ensure that Medium and High Risk Vulnerabilities are addressed

Schedule and coordinate yearly PCI Audit so that the PCI Auditor has access to people and resources necessary to perform his review

Requirements

Bachelor's degree in Computer Science, Information Systems or similar field. Advanced degree preferred

10+ years' experience of privacy and security compliance in a highly regulated, public organization

5+ years' experience Managing a team, programs and auditors (internal/external)

Significant experience authoring policies based on new and/or updated aviation, global, federal and/or state directives and regulations

Demonstrated experience in delivering comprehensive solutions to complex security issues on a global scale

Ability to multi-task and prioritize business requirements in a dynamic, fast paced environment while providing exceptional customer service

Extensive experience managing, coaching and mentoring team members and others in IT Compliance

Excellent communication, written and presentation skills for presentation and reports to all levels

Possess one or more of the following certifications: CISA, CISSP, GGEIT, GRC


 

Key Skills
Education

Bachelor's degree

Back To Jobs