The Security & Compliance Engineer is responsible to ensure the company remains compliant with all applicable standards.
The Security & Compliance Engineer will work closely with other groups to implement and maintain compliance protocols and standards. You will work with external providers, including payment providers, QSA and ASV’s to implement and manage plans & processes to ensure AV remains compliant with all applicable standards. You will identify risks & issues and implement appropriate remediations and / or compensating controls. You will be responsible for all compliance initiatives including the implementation of policies and procedures, internal reviews and audits and investigations
As Security & Compliance Engineer you will perform the following roles:
● Work closely with department managers to help author and implement policies and procedures to achieve & maintain organizational compliance.
● Conduct periodic internal reviews or audits to ensure that compliance procedures are followed. Identify compliance issues that require follow-up or investigation.
● Conduct or direct the internal investigation of compliance issues.
● Maintain documentation of compliance activities
● Advise internal management on the implementation or operation of compliance programs.
● Provide assistance to internal or external auditors in compliance reviews.
● Design or implement improvements in communication, monitoring, or enforcement of compliance standards.
● Highly organized with the ability to manage multiple competing priorities
● Energetic with strong motivational skills
● A change agent. You understand the effects change can have on a team / individual. You work closely with your team to guide and support them through the change process
● Calm under pressure. Ability to critically assess the situation, form plans based on fact and keep the team focused in high pressure situations
● Collaborative, keen to contribute and work with others to solve problems that may be outside of your immediate domain
● Resourceful, ability to get things done
● Rigorous and disciplined
● Persistent in overcoming obstacles
● Excellent communicator, both written & verbal
● + 5 years experience in security & compliance role with a specific focus on PCI DSS
● Implementing processes & protocols to support security & compliance, including PCI DSS
● + 5 Years Project Management
● +3 Years IT / Compliance audit experience
● Experience implementing compliance dashboards and reporting
● Experience with GDPR, PSD2, PA DSS
Nice to Have:
● Experience in a ticketing industry (Live events, Travel etc)
● Previous experience working directly with QSA’s and / or ASV’s
Currently have or willingness to obtain one technical and one audit certifications from the below list:
● Certified Information System Security Professional (CISSP).
● Certified Information Security Manager (CISM).
● Certified Information Systems Auditor (CISA).
● GIAC Systems and Network Auditor (GSNA).
● Certified ISO 27001, Lead Auditor, Internal Auditor.
● International Register of Certificated Auditors (IRCA).
● Information Security Management System (ISMS) Auditor.
● Certified Internal Auditor (CIA).
● Bachelor’s degree in a technical area of study (computer science, mathematics, engineering, etc.) or other BS/BA degree with a concentration in computer science or information systems.
● Total IT experience of over 8 years with at least 5 years in a direct people management role
In preparing your application please address it to Joanne Boucher. We thank all applicants for showing an interest in this position. Only those meeting our requirements will be contacted.
To see all of our open positions please visit our job board http://www.wardtechtalent.com/it-jobs/ , andfollow us on LinkedIn https://www.linkedin.com/company/ward-technology-talent/.