PCI Internal Security Assessor
PCI Internal Security Assessor
Posted on :
07-01-2025
Employer Active
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Title: PCI (Payment Card Industry) Internal Security Assessor
Work type: 6 12month contract
Industry: Banking and amp; Financial Services
Work location: Hybrid (remote and inoffice) Applications open to resident Caribbean nationals.
Role overview:
The PCI Internal Security Assessor (ISA) is responsible for ensuring compliance with the Payment and nbsp;
Card Industry Data Security Standard (PCI DSS). This role involves assessing monitoring and and nbsp;
enforcing security measures to safeguard cardholder data and maintain PCI compliance across systems and nbsp;
and processes. The ISA will collaborate closely with both internal stakeholders and external and nbsp;
entities to uphold a secure environment mitigate risks and strengthen overall security posture.
Responsibilities:
PCI DSS Compliance Management:
and nbsp;Conduct regular internal assessments and audits to confirm compliance with PCI DSS.
and nbsp;Develop and implement policies procedures and controls supporting PCI compliance.
and nbsp;Act as the internal PCI DSS contact and ensure all required security controls are in and nbsp;
place.
and nbsp;Coordinate with external Qualified Security Assessors (QSA) to facilitate annual PCI DSS and nbsp;
certification audits.
Risk Assessment and Mitigation:
and nbsp;Identify and evaluate potential risks within cardholder data environments providing and nbsp;
recommendations for mitigation.
and nbsp;Implement necessary security controls to address gaps found during assessments.
and nbsp;Ensure continuous compliance by overseeing vulnerability scans penetration testing and and nbsp;
security reviews.
Documentation and Reporting:
and nbsp;Prepare and maintain detailed documentation including PCI DSS policies procedures and and nbsp;
reports.
and nbsp;Document assessment findings corrective actions and compliance status.
and nbsp;Manage submission of SelfAssessment Questionnaires (SAQs) and Attestation of Compliance (AOCs) and nbsp;
as needed.
Training and Awareness:
and nbsp;Deliver internal PCI DSS training to emphasize the importance of compliance and security and nbsp;
measures.
and nbsp;Offer guidance to departments on security best practices related to PCI DSS.
Collaboration and and nbsp;Communication:
and nbsp;Work with teams across projects enterprise security technology and other relevant
departments to align PCI DSS compliance with broader security policies.
and nbsp;Stay updated on PCI DSS changes and industry best practices.
and nbsp;Present PCI DSS compliance status updates to senior management and external and nbsp;
stakeholders.
and nbsp;Serve as a liaison between internal teams and external vendors involved with cardholder data and nbsp;
processing.
Qualifications:
and nbsp;Education: Bachelors degree in Information Security Computer Science or a related field (or and nbsp;
equivalent work experience).
and nbsp;Experience: 35 years in information security PCI compliance or a related field; prior and nbsp;
experience as an ISA QSA or in a similar role is highly valued.
Certifications:
and nbsp;Preferred: Certified PCI Internal Security Assessor (ISA) or Certified PCI Professional and nbsp;
(PCIP).
and nbsp;Additional credentials like CISSP CISM CISA or CEH are advantageous.
Skills and Competencies:
and nbsp;Strong knowledge of PCI DSS requirements and data security best practices.
and nbsp;Familiarity with security frameworks (e.g. NIST ISO 27001) and technologies (e.g. firewalls and nbsp;
IDS/IPS).
and nbsp;Proficient analytical problemsolving and project management skills.
and nbsp;Effective communicator with crossfunctional collaboration abilities.
and nbsp;Skilled in using security assessment tools (e.g. vulnerability scanners SIEM).
and nbsp;Detailoriented and capable of handling sensitive information confidentially.
Additional Requirements:
Occasional travel may be required for audits or compliance reviews.
Employment Type
Full Time
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
