A client is looking for a Cyber Security Compliance Analyst to work on a yearlong contract with possibility of extension. This person will be responsible for all PCI compliance expectations from managing the annual assessment, holding meetings, creating action items, collecting evidence, gathering/ holding stakeholders accountable, to going beyond project management into PCI support by, updating PCI documents, ensuring continuous monitoring practices are in place, etc. They will need to understand requirements and will be accountable for continuous monitoring and check points, appropriate communication of environment scanning. S/He will manage PCI compliance and annual assessments, understanding what PCI is, and looking to learn and gain exposure in the new PCI version (4.0) and will be managing that rollout. They will be expected to understand regulations that impact the business and compliance areas like PCI DSS 4.0, NIST 800-853 and ISA/IEC 62443 frameworks in an effort to translate those requirements into a documented set of controls. We are also looking for someone who has an investigative nature and enjoys learning about unknowns and has the ability to work collaboratively and interact effectively with cross-functional teams to help our client enhance their security posture and maintain a strong culture of compliance.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
2+ years' of hands-on experience with PCI compliance version 3.21
Experience as the primary liaison between internal teams and third-party assessors, allowing a smooth transition from PCI 3.2.1 to an upcoming PCI 4.0 audit (they will not be actually performing the audits/ assessments)
2+ years' experience with cyber security frameworks and controls
SOC, HIPAA, NIST, ISA/IEC 62443, ISO27001,etc.
Strong project management skills, with the ability to manage multiple tasks and priorities simultaneously
Put together project plan and managing against the task list
Time management skills
Working knowledge of current cyber regulations (SEC-ESG, TSA Directives), evolving laws and industry standards relevant to information security compliance
Capable of working autonomously and managing multiple tasks and changing priorities
Monitor the security compliance via available security tools and dashboards and ensure gaps are mitigated by collaborating with other stakeholders
Serve as a resource and advocate for security compliance across the company
Excellent written and verbal communication
Someone who is motivated, a self-starter, and able to shift priorities and be reactive to business needs
May perform other duties as assigned
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.