PCI Analyst

Insight Global is looking for a detail minded individual with experience in information technology, IT Security, IT Risk Management, or IT Audit to be part of our client's GRC team. This person will have a focus on Payment Card Industry Data Security Standard (PCI-DSS) compliance. This person will be part of a team that will work with other business process owners and leadership to make a more risk-aware and effective IT organization, that can deliver transformational business change and meet regulatory compliance requirements.

* Developing the overall PCI timelines and project plans for necessary compliance work, including the following types of activities: collection, verification, validation, and quality assurance of the requested documentation, process and control walkthrough's, testing, observation, inquiry, and interviews with the QSA, and remediation to address any control gaps.

* Working with internal and external auditors as they conduct their audits including but not limited to coordinating and facilitating site visits, providing all requested documentation, and addressing questions, concerns, or recommendations.

* Evaluates compliance with programs and processes to mitigate compliance risk and ensure protection of company assets and information.

* Reviews and enhances network systems and processes for compliance with PCI DSS and internal standards.

* Collaborating with internal stakeholders, various leadership levels, with responsibility for in-scope applications to educate them on compliance matters, ensuring appropriate controls are in place to meet the stated requirements, and assist with outlining remediation plans to address identified deficiencies.

* Collaborating with compliance team members, including on-site, remote, and when needed to offshore resources.

* Proactively identifies improvement opportunities, determines and tracks action plans until successfully implemented. Recommends and implements compliance measures.

* Stays current on evolving regulatory changes related to PCI-DSS compliance and provide timely advice on requirements.

* Develop plans to transition from current version of PCI-DSS into new version/requirements.

* Active participation in PCI readiness evaluations

* Execution of PCI assessments (All internal activities regarding the in-scope requirements and collaboration with our QSA)

* A minimum of 5 years of PCI Compliance expertise.

* At least two years of experience conducting PCI-DSS engagements from start to finish.

* Experience in working directly with a Qualified Security Assessor or an Internal Security Assessor.

* Ability to understand technical risks, threats, and issues; recommend solutions to address.

* Ability to communicate technical concepts in business terms.

* Proven experience influencing business and technology leadership to achieve compliance requirements.

* Ability to establish credibility and working relationships with a wide range of personnel, including operations, management, executive, and legal teams as well as external auditors.

* Bachelor's degree in Management Information Systems, Computer Science, Cybersecurity, or related field

* Security related certifications are preferred.

* Demonstrated experience generating metrics to measure service and program effectiveness and consistency. Demonstrated experience in identifying compliance risk and development of mitigation/remediation plans.

* Ability to work in large environments spanning across multiple regions and time zones.

* Experience using a Governance, Risk and Compliance tool as a document repository for Compliance documentation.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.