· Extensive Information/Cyber Security consultancy experience facing
security delivery expertise.
· Provide subject matter expertise for Payment Card Industry Data
Security Standard (PCI DSS).
· A deep knowledge in at least two of the following: PCI-DSS, ISO27001
(Information Security), Information Assurance, Security Policy, GRC,
NIST, GDPR or Data Privacy.
Gap Analysis and Scoping
· Assess changes to regulatory requirements and standards and determine
the impact on internal policies, controls, and processes. Make
recommendations for associated changes to policies, controls, and
processes, and simplify implementation.
· Review and validation of the PCI DSS scope and network segmentation
controls, payment application design and functionality.
· Review of all locations and flows of cardholder data, as well as asset
· Conducting PCI standards interviews to have a complete map of
information/data workflows, processes, and procedures, payment card data
flow, information security controls.
· Conducting technical interviews to understand eventual data security
problems from the in-depth technical point of view.
· Identify and evaluate technology risks, internal controls to mitigate
risks, and related opportunities for continuous control improvement.
Facilitate and document risk assessments and communicate key findings.
· Producing Scoping and Gap Analysis Documentation.
· Undergraduate degree in Information Management, Computer Science,
Engineering, or emphasis in technology or related field.
· Good communication in English.
· 2 to 4 relevant years of information security experience and/or IT audit /
IT security or IT security infrastructure experience.
· Previous experience working as a PCI QSA is mandatory.
· Experience interpreting industry and regulatory requirements and
authoring supporting controls.
· Experience with information security-related frameworks (ISO 27001,
COSO, Cloud Security Alliance).
· Certifications like CEH, CISA, CISM, CISSP, ISO 27001 LA/LI (any
Các công việc tương tự
Vui lòng đăng nhập để thực hiện chức năng này
Bạn có thể nộp đơn ứng tuyển không cần đăng nhập hoặc chưa là thành viên của CareerBuilder.