In this role, the candidate will collaborate with technology and business personnel in the areas of PCI, SOX, security awareness, cybersecurity risk assessment, and other areas as required. The candidate must be able to reliably achieve program objectives, address uncertainty, and act with integrity. The candidate will need to maintain an awareness of controls and existing/proposed security standards and how they affect the company environment. The candidate will identify areas of information security risk within the organization and assist in the translation of this risk to internal business partners. The candidate should have knowledge of information security governance, risk, control, PCI, SOX, and the ability to apply these concepts within their work environment.
Support technology compliance with external regulations such as PCI and SOX through review of control activities (e.g. logical access, DevOps, change management, IT operations, etc)
Perform cybersecurity risk assessments of technology processes and platforms, including products, microservices and supporting infrastructure
Support the security awareness program through creation of training content/communications and monitoring compliance
Partner with business and IT teammates as a trusted advisor on information security governance, risk, and compliance matters as required
3-5 years of experience
Technology governance, risk, and compliance, Technology controls, security frameworks , risk assessment, security awareness training
Management Information Systems, Computer Science, Business