drjobs PCI Internal Security Assessor - Caribbean

PCI Internal Security Assessor - Caribbean

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Kingston - Jamaica

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

Job Description: PCI Internal Security Assessor (ISA)

Department: Enterprise Security & Technology Risk Management Location: Regionwide

Reports To: Chief Information Security Officer (CISO)

Employment Type: Fulltime

Job Overview

The PCI Internal Security Assessor (ISA) is responsible for ensuring that our client from banking industry complies with the Payment Card Industry Data Security Standard (PCI DSS). The ISA will assess monitor and enforce the security measures necessary to protect cardholder data and maintain PCI compliance across all systems and processes. This role works closely with internal stakeholders and external parties to maintain a secure environment mitigate risks and improve overall security posture.

Key Responsibilities:

  • PCI DSS Compliance Management:
    • Conduct regular internal assessments and audits to ensure the organizations compliance with PCI DSS.

Develop and implement PCI compliance policies procedures and controls.

  • Serve as the internal point of contact for PCI DSSrelated matters and ensure all applicable security controls are in place.
  • Collaborate with the external Qualified Security Assessor (QSA) to facilitate annual PCI DSS certification audits.

Documentation and Reporting:

  • Prepare and maintain comprehensive documentation including policies procedures and reports required for PCI DSS compliance.
  • Maintain comprehensive documentation of assessment findings corrective actions and compliance status.
  • Manage the submission of the SelfAssessment Questionnaires (SAQs) and Attestation of Compliance documents (AOCs) as needed.


Qualifications:

Education:

  • Bachelors degree in Information Security Computer Science or a related field (or

equivalent work experience).

  • Experience:
    • Minimum of 35 years of experience in information security PCI compliance or a related field.
    • Previous experience as an ISA QSA or a similar role is highly desirable.
  • Certifications:
    • Certified PCI Internal Security Assessor (ISA) or Certified PCI Professional (PCIP) certifications preferred.

Additional certifications such as CISSP CISM CISA or CEH are a plus.

  • Skills and Competencies:
    • Deep understanding of PCI DSS requirements and data security best practices.
    • Familiarity with security frameworks (NIST ISO 27001 CIS Controls) and security technologies (firewalls IDS/IPS encryption etc.).
    • Strong analytical problemsolving and project management skills.
    • Excellent communication and interpersonal skills with the ability to work cross functionally.
    • Proficiency in using security assessment tools and techniques (e.g. vulnerability scanners SIEM).

Other Requirements:

Ability to work independently and handle sensitive information confidentially.

  • Detailoriented with strong organizational skills.
  • Occasional travel may be required for audits or compliance reviews.

  • Risk Assessment and Mitigation:
    • Identify and assess potential risks to cardholder data environments and provide recommendations for risk mitigation.
    • Implement and enforce necessary security controls to address gaps identified during assessments.
    • Ensure vulnerability scanning penetration testing and security reviews are conducted to identify weaknesses and ensure continuous compliance.

  • Training and Awareness:
    • Conduct internal PCI DSS training for staff to ensure a deep understanding of the importance of compliance and security measures.
    • Provide ongoing guidance and support to departments regarding security best practices related to PCI DSS.

  • Collaboration and Communication:
    • Work closely with projects Enterprise Security Technology and other relevant departments to align PCI DSS compliance with overall security policies and practices.
    • Proactively identify and/or promptly escalate risks and issues affecting PCI compliance status.
    • Stay updated on changes in PCI DSS requirements and industry best practices to ensure our client from banking industry remains compliant.
    • Present PCI DSS compliance status reports to senior management and external stakeholders.
    • Act as a liaison where necessary between our client from banking industry and external vendors or service providers involved in processing or storing cardholder data.

  • Employment Type

    Full Time

    Company Industry

    About Company

    Report This Job
    Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.