Security Compliance Analyst - Pci/Soc2

Detalles de la oferta

Reporting to the Security Compliance Manager, the Security Compliance Analyst is a key member of the Security, Governance and Compliance team. This position is focused on PCI and SOC1/SOC2 compliance, working across multiple business units and markets globally to ensure and deliver upon our annual compliance assessments and improve our security compliance posture overall. The Security Compliance Analyst will work closely with Information Security leadership and management team members to build and maintain a strong security compliance practice, while ensuring ongoing delivery on our compliance obligations. _
- The role requires attention to detail, technical expertise, and control testing experience with strong people skills. Must have the ability to build trusted relationships and influence decisions around security risk and compliance management. _

**What you'll do**:

- Support management of the PCI and SOC compliance process from end to end including pre-assessments, contracting, planning, scheduling, walkthroughs, testing, evidence collection, reporting, and remediation.
- Conduct multiple annual compliance reports and enterprise-level security assessments on Equifax systems globally (e.g. PCI-DSS, FISMA, FedRAMP, NIST, etc).
- Perform compliance scope advisement for both on-premises and cloud environments to determine applicable security compliance requirements for an environment.
- Support evidence collection with regards to various security compliance frameworks including SOC, PCI-DSS, FISMA, FedRAMP, NIST, etc.
- Collaborate with multiple departments and cross functional teams
- Assist with analysis of security control mapping and compliance efficiency improvements.
- Assist in maturing security compliance via automation or other tools
- Provide reporting and trending information of identified risks to compliance timelines
- Organize, publish, and maintain audit evidence and related documents in such a way that information is easily accessible
- Assist Global Security Compliance team in other tasks as required
- Perform compliance scope advisement for both on-premises and cloud environments to determine applicable security compliance requirements for an environment.
- Monitor and communicate program measures of success, plans, status, issues and risks in a timely manner to team members, stakeholders and senior level management.
- Identify industry best practices and recommend program updates or changes as needed to ensure program success.
- Proactively advise management and staff about potential security or compliance risks that may have a material impact on the business.
- Report to management and senior leadership on KPI's and KRI's for compliance programs (NIST, PCI-DSS, FISMA, FedRAMP, NYDFS500, SOC1/2 and ISO 27001).
- Perform program risk management and identify and assist BU/Applications teams with appropriate remediation guidance for identified compliance gaps.

**What experience you need**:

- Security Certifications such as CISSP, CCSP, CISA, CISM, QSA/ISA, CompTIA, etc.
- 3-5 years experience in **PCI or SOC1/2 audits **or directly related audit experience
- 3-5 years of experience performing assessments of information security programs including detailed control testing demonstrating thorough understanding of information security practices and methodologies, and public cloud environments (GCP, AWS, and Azure) and familiarity with security best practices
- 3-5 years experience testing and reviewing controls related to IT concepts, cloud services (IaaS, PaaS, SaaS), networking concepts (routers, firewalls, cloud networking rules), security tools (SIEM, IDS/IPS, FIM, A/V), virtualization, and tokenization

**What could set you apart**:

- Bachelor's Degree in Cybersecurity, Information Systems, Information Security, Information Technology, or comparable major strongly preferred
- Consulting experience (Big 4) much preferred
- Familiarity with project management, Wiz, ServiceNow preferred
- Excellent organizational, time management, customer service and problem-solving skills

LI-DU1
LI-Hybrid


Salario Nominal: A convenir

Fuente: Whatjobs_Ppc

Requisitos

Jefe De Control De Calidad

**Objetivo del puesto**: Asegurar la calidad de los procesos dentro de la compañía, analizando y diseñando planes de mejora que resuelvan los errores detecta...


Gestionadora De Créditos - San José

Publicado a month ago

Auxiliar Vindi Pinares Temporal 4 Meses

Reabastecer, limpiar, acomodar y rotar la mercadería en las góndolas y de las urnas, controlar las fechas de vencimiento y velar por la limpieza tanto del ár...


Auto Mercado - San José

Publicado a month ago

Lead Associate - Transactional Quality

**Company Description** WNS (Holdings) Limited (NYSE: WNS) is a global Business Process Management (BPM) leader. WNS offers business value to 400+global clie...


Wns Global Services - San José

Publicado a month ago

Rco Wfm Analyst, R&C Wfm

Experience in Workforce Management software, ie: Aspect, IEX - Experience in Workforce Management (minimum 9 months) - Strong numerical & analytical skills. ...


Amazon Support Services Costa Rica Srl - San José

Publicado a month ago

Built at: 2024-12-26T16:04:58.071Z