TPRM - PCI Specialist
1 month ago
As a part of the AIT Information Security – Enterprise Security Team, the PCI Specialist – Senior supports the organization’s strategic initiatives that are aligned with the organizations business goals enhancing and aligning the PCI-DSS program. The PCI Specialist – Senior will collaborate with the leaders within Information Security and with the internal stakeholders in the development and implementation of the enterprise-wide PCI-DSS compliance program. The PCI Specialist – Senior will analyze cardholder (Credit/Debit) data flows (business and application data flows) and accordingly determine the scope of the organizations PCI-DSS assessments and the risk to cardholder data. The PCI Specialist – Senior will ensure organization-wide compliance with PCI-DSS requirements to reduce Information Security risk to known and acceptable level.
Required Experience:
5
+ Years
Job Locations:
Location Restrictions:
Remote
Basic Qualifications and
As a trusted risk advisor, the PCI Specialist – Senior will be required to communicate effectively with internal and external stakeholders to offer accurate and timely information and reporting. The individual will coach, mentor and lead staff in the daily operations of assigned areas. They will be required to deliver timely high-quality results demonstrated through product created and metrics reporting. Effective use of soft skills is required(e.g. time management, communication (verbal and written), organization) and will be required to maintain good communication with project stakeholders and demonstrate outstanding customer service that fosters positive relationships throughout the organization. The PCI Specialist – Senior is expected to have good understanding of US Healthcare including applicable laws, regulations and business needs, especially as they relate to a large provider organization like Client(ADH).
Responsibilities
· Support the PCI-DSS compliance initiatives aligned with business goals
· Support new acquisitions for any PCI-DSS compliance requirements
· Partner with security and network architecture team to help define and implement protections and defense-in-depth for PCI-DSS compliance requirements and help solve architecture gaps to maintain PCI-DSS attestation
· Partner with the stakeholders e.g., Business, Finance, Treasury, Legal, Network and Security architecture for PCI-DSS remediation gaps and status tracking required for maintaining compliance.
· Conduct periodic audits to continue to evaluate compliance with the PCI-DSS
· Review periodic network scans to identify vulnerabilities and partner with technology, engineering and architecture teams to remediate those vulnerabilities
· Serve in a consultative role to ensure individuals are aware of PCI-DSS compliance obligations and how to support compliant behavior and use of technology
· Escalate compliance concerns timely and effectively to business line management and to the Director of Enterprise Security
· Assist with the annual Self-Assessment Questionnaires (SAQ) and AOC review and coordinate with stakeholders the timely remediation of any gaps noted during process.
· Support awareness training of the workforce on information security standards, policies and best practices that help educate and grow PCI-DSS awareness
· Support the Incident Response Team to ensure timely containment, investigation, mitigation and response related to suspected merchant data compromises.
· Establish transparent and measurable risk management metrics and reporting for the PCI-DSS Program
Required Skills and Experience
· Knowledge of the following areas: PCI-DSS, HIPAA Security and Privacy Rule, Red Flags Rule, HITECH, Meaningful Use (MU) and HITRUST.
· Knowledge of Audit frameworks
· In-depth knowledge and experience with PCI-DSS, Risk Management Standards (OCTAVE/ NIST/ISO)
· Experience in analyzing penetration testing results and prioritizing remediation for identified vulnerabilities.
· Knowledge of driving PCI-DSS remediation tracking and follow ups with the stakeholders.
· Experience on analyzing PCI-DSS ASV scan reports.
· Knowledge in utilizing a risk-based approach to secure applications, databases and infrastructure based upon business needs.
· Skilled in auditing information security programs and systems.
· Ability to review network and security device (i.e., Firewalls, Switches, Routers, IDS, IPS and Load Balancers etc.) configurations and analyze network architectures.
· Ability to review system hardening (Servers/Virtualization Devices/ Cloud Infrastructure/ Databases)
· In-depth knowledge and experience in IT Security, including access controls, network Security, logging/monitoring, vulnerability assessments, system hardening, secure software development, application security, encryption and key management best practices etc.
· Understanding of security requirements related to cloud-based applications/environments.
· Experience in performing scoping, gap assessment and remediation for PCI-DSS in-scope environments.
· Experience in Microsoft suite of applications (Word, Excel, PowerPoint, Project, etc.).
· Excellent in English – written and spoken
· Good project management and time management skills.
· Team player with a positive and enthusiastic attitude.
· Ability to coordinate and prioritize multiple tasks and projects simultaneously.
· Ability to work in fast-paced environment to support evolving business needs.
#J-18808-Ljbffr-
Senior Info Security Specialist
1 month ago
Canada, CA Canadian Tire Full timeWhat you’ll doThe Senior Information Security Specialist is responsible for ensuring that enterprise data is secured and the delivery services in the areas related to data discovery, encryption, certificate and key management, data loss prevention and data loss protections (DLP) infrastructure support. The Senior Information Security Specialist will focus...
-
Sr McAfee DLP and CASB Consultant
1 month ago
Canada, CA OnX Canada Full timeOnX is looking for a Senior level specialist for a Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) solutions implementation role (hands-on!!!)Location: Must reside and work from CanadaDuration: 6m initial contractHrs/week: 40Rate: open rate/ depends on expertise level and experienceClient/domain: Industrial Machinery...
-
Information Security Specialist
1 month ago
Canada, CA The Toronto-Dominion Bank Full timeInformation Security Specialist (Penetration Testing) Work Location: CanadaHours: 37.5Line of Business: Technology SolutionsPay Details: We’re committed to providing fair and equitable compensation to all our colleagues. As a candidate, we encourage you to have an open dialogue with a member of our HR Team and ask compensation related questions, including...
-
Associate Director, Global Governance
4 weeks ago
Canada, CA Scotiabank Full timeRequisition ID: #Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.Global Banking and Markets (GBM) is a leading Canadian Capital Markets and Investment Banking business with a growing platform in the US and Latin America, operating globally for over 100 years. Scotiabank’s strong U.S. presence provides...
-
PCI Compliance Specialist
3 weeks ago
Canada IDENTIFY SECURITY Full timePosition Overview:As a vital member of the AIT Information Security – Enterprise Security Team, the PCI Compliance Specialist plays a crucial role in supporting the organization's strategic objectives that align with its business aspirations, thereby enhancing and refining the PCI-DSS program. This position requires collaboration with leaders within...
-
PCI Compliance Quality Assurance Specialist
3 weeks ago
Canada Chad Management Group Full timeChad Management Group is seeking experienced and qualified PCI Quality Security Assessors (QSA) to enhance our team and support our expansion. If you are a dedicated Information Security Consultant with a strong background as a QSA, this is an excellent opportunity for you. You will work alongside a team of expert security consultants on a variety of...
-
Cybersecurity Risk Management Specialist
4 days ago
Canada Hamilton Barnes 🌳 Full timeAbout the RoleHamilton Barnes is seeking an experienced Cybersecurity Risk Management Specialist to join our team. As a key member of our cybersecurity team, you will be responsible for leading security consultations with Fortune 100 customers and creating entire Risk Management and compliance strategies.Key ResponsibilitiesConduct thorough Risk Assessments,...
-
Cybersecurity Risk Management Specialist
4 days ago
Canada Hamilton Barnes 🌳 Full timeAbout the RoleHamilton Barnes is seeking an experienced Cybersecurity Risk Management Specialist to join our team. As a key member of our cybersecurity team, you will be responsible for leading security consultations with Fortune 100 customers and creating entire Risk Management and compliance strategies.Key ResponsibilitiesConduct thorough Risk Assessments,...
-
Sr McAfee DLP and CASB Consultant
1 month ago
Canada OnX Canada Full timeOnX is looking for a Senior level specialist for a Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) solutions implementation role (hands-on!!!) Location: Must reside and work from Canada Duration: 6m initial contract Hrs/week: 40 Rate: open rate/ depends on expertise level and experience Client/domain: Industrial Machinery Manufacturing...
-
Sr McAfee DLP and CASB Consultant
1 month ago
Canada OnX Canada Full timeOnX is looking for a Senior level specialist for a Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) solutions implementation role (hands-on!!!)Location: Must reside and work from CanadaDuration: 6m initial contractHrs/week: 40Rate: open rate/ depends on expertise level and experienceClient/domain: Industrial Machinery...
-
Sr McAfee DLP and CASB Consultant
1 month ago
Canada OnX Canada Full timeOnX is looking for a Senior level specialist for a Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) solutions implementation role (hands-on!!!)Location: Must reside and work from CanadaDuration: 6m initial contractHrs/week: 40Rate: open rate/ depends on expertise level and experienceClient/domain: Industrial Machinery...
-
Infrastructure Specialist
7 days ago
Canada OTTO Motors by Rockwell Automation Full timeAbout the RoleThe DevOps Team at OTTO Motors by Rockwell Automation is seeking an experienced leader to drive and maintain a secure development continuous integration experience. The team is responsible for ensuring that the full lifecycle of development from source submission to release is fully automated and secure.The successful candidate will be...
-
Infrastructure Specialist
4 days ago
Canada OTTO Motors by Rockwell Automation Full timeAbout the RoleThe DevOps Team at OTTO Motors by Rockwell Automation is seeking an experienced leader to drive and maintain a secure development continuous integration experience. The team is responsible for ensuring that the full lifecycle of development from source submission to release is fully automated and secure.The successful candidate will be...
-
Cybersecurity Specialist
7 days ago
Canada The Toronto-Dominion Bank (Canada) Full timeJob Summary:We are seeking a highly skilled Cybersecurity Specialist to join our team at The Toronto-Dominion Bank (Canada). As a key member of our Information Security team, you will be responsible for conducting penetration tests, vulnerability assessments, and risk assessments to ensure the security and integrity of our systems and data.Key...
-
Cybersecurity Specialist
4 days ago
Canada The Toronto-Dominion Bank (Canada) Full timeJob Summary:We are seeking a highly skilled Cybersecurity Specialist to join our team at The Toronto-Dominion Bank (Canada). As a key member of our Information Security team, you will be responsible for conducting penetration tests, vulnerability assessments, and risk assessments to ensure the security and integrity of our systems and data.Key...
-
Compliance Risk Management Specialist
3 weeks ago
Canada Versapay Full timeLocation: Canada (Remote)Department: Risk & ComplianceEmployment Type: Regular Full-TimeAbout VersapayVersapay is dedicated to empowering growing businesses by streamlining the invoice-to-cash process through automation, facilitating B2B payments, and enhancing cash application with artificial intelligence. Our platform seamlessly integrates with leading...
-
Senior Product Security Specialist
4 days ago
Canada Absorb Technology Full timeAbout the Role:We are seeking a seasoned and strategic Senior Product Security Engineer to join our high-performing team at Absorb Technology. As a Senior Product Security Engineer, you will be instrumental in safeguarding our SaaS application, ensuring compliance with industry regulations, and driving a culture of security within the organization.Key...
-
Senior Product Security Specialist
4 days ago
Canada Absorb Technology Full timeAbout the Role:We are seeking a seasoned and strategic Senior Product Security Engineer to join our high-performing team at Absorb Technology. As a Senior Product Security Engineer, you will be instrumental in safeguarding our SaaS application, ensuring compliance with industry regulations, and driving a culture of security within the organization.Key...
-
Information Security Specialist
3 weeks ago
Canada The Toronto-Dominion Bank Full timePosition Title: Information Security Specialist - Data ProtectionLocation: Toronto, Ontario, CanadaWork Hours: 37.5Business Division: Technology SolutionsCompensation Overview: We are dedicated to ensuring fair and equitable pay for all employees. We encourage candidates to engage in open discussions with our HR Team regarding compensation inquiries.Role...
-
Cloud Infrastructure Architect
5 days ago
Canada Intello Technologies Inc. Full timeAbout the RoleWe are seeking a highly skilled Cloud Infrastructure Specialist to join our team at Intello Technologies Inc. This is a key role that will play a critical part in shaping the future of our cloud infrastructure.Key ResponsibilitiesDesign and implement cloud infrastructure solutions that meet the needs of our businessDevelop and maintain...
-
Information Security Analyst
7 days ago
Canada The Toronto-Dominion Bank (Canada) Full timeJob Summary:We are seeking a highly skilled Cybersecurity Specialist to join our team at The Toronto-Dominion Bank (Canada). As a key member of our Information Security team, you will be responsible for conducting thorough and methodical penetration testing on web applications, network infrastructures, and other systems to identify security...
-
Information Security Analyst
4 days ago
Canada The Toronto-Dominion Bank (Canada) Full timeJob Summary:We are seeking a highly skilled Cybersecurity Specialist to join our team at The Toronto-Dominion Bank (Canada). As a key member of our Information Security team, you will be responsible for conducting thorough and methodical penetration testing on web applications, network infrastructures, and other systems to identify security...
-
Cloud Infrastructure Architect
5 days ago
Canada Intello Technologies Inc. Full timeAbout the RoleWe are seeking a highly skilled Cloud Infrastructure Specialist to join our team at Intello Technologies Inc. This is a key role that will play a critical part in shaping the future of our cloud infrastructure.Key ResponsibilitiesDesign and implement cloud infrastructure solutions that meet the needs of our businessDevelop and maintain...
-
Cryptography Security Specialist
3 weeks ago
Canada The Toronto-Dominion Bank (Canada) Full timeCryptography Security Specialist - Data Protection Framework Work Location: Toronto, Ontario, Canada Hours: 37.5 Line of Business: Technology Solutions Pay Details: We are dedicated to ensuring fair and equitable compensation for all our employees. We encourage candidates to engage in open discussions with our HR Team regarding compensation-related...