Overview:
Recruiter: Julian Gonzalez
Reports to: Brandon Sauve
THE ROLE:
This position will help define and validate the Information Security / Cybersecurity Risk - through:
Job Qualifications:
SUPERVISORY RESPONSIBILITIES: Manages a team of 2-3 IT auditors.
SKILLS AND BACKGROUND REQUIRED TO BE SUCCESSFUL:
- Expert understanding of PCI-DSS and underlying intent of requirements.
- Experience in recommending and evaluating compensating controls.
- Strong documentation skills and the ability to effectively communicate in English (in both written and spoken form).
- IT audit or consulting experience with experience managing audit teams and leading engagements.
- Strong interpersonal skills.
- Three to five years of experience with a reputed firm performing security compliance auditing and/or risk management.
- Two years of experience managing an IT audit team.
Preferred:
- Direct experience with one or more of the following and be able to provide advisory services centered on compliance.
- NIST Cybersecurity Framework.
- NIST Special Publication 800-30.
- NIST Special Publication 800-53.
- ISO 27001/27002.
- 1 Audit Certification & 1 Technical Certification REQUIRED (For Example: PCI QSA, CISA, CISM, or CISSP).
- Ability to interact effectively at all levels with sensitivity to cultural diversity.
- Ability to adapt as the external environment and organization evolves.
- PCI QSA certification.
- Experience with PCI DSS 4.0, SOX and ISMS (to ISO 27001) controls.
- Experience evaluating and reporting key security metrics and key performance indicators.
- Experience with cloud security and risk assessments.
**Education**:
- Bachelor's degree in information technology or related field.
- Preferred: PCI DSS / CISA / CRISC / CGEIT / NIST / ISO 27001 / CISSP or other industry certification(s) a plus.