Overview:Recruiter: Julian GonzalezReports to: Brandon SauveTHE ROLE:This position will help define and validate the Information Security / Cybersecurity Risk – through:Serving in as advisory role as a subject matter expert leading the Cybersecurity's Payment Card Industry (PCI) team and providing guidance to the enterprise regarding the PCI Data Security Standard (PCI DSS) and other applicable PCI Council standards.Conducting internal assessments in partnership with information security teams, application owners, and service owners with PCI-DSS compliance tasks such as evidence preparation, evidence gathering and review, aligned to the PCI-DSS requirements.Job Qualifications:SUPERVISORY RESPONSIBILITIES: Manages a team of 2-3 IT auditors.SKILLS AND BACKGROUND REQUIRED TO BE SUCCESSFUL:The ideal candidate will be a highly motivated self-starting professional with profound understanding of PCI DSS requirements and testing methodology (version 3.2.1 and above).The candidate will have well developed communication and intrapersonal skills with a solid foundational understanding and experience in process, relationship, and program management.Expert understanding of PCI-DSS and underlying intent of requirements.Experience in recommending and evaluating compensating controls.Strong documentation skills and the ability to effectively communicate in English (in both written and spoken form).IT audit or consulting experience with experience managing audit teams and leading engagements.Strong interpersonal skills.The ideal candidate will have an active PCI QSA certification and at least three years of experience in the payment card industry. The individual must have expert knowledge of the PCI-DSS and have conducted multiple assessments for Level 1 Merchants and or Service Providers.Three to five years of experience with a reputed firm performing security compliance auditing and/or risk management.Two years of experience managing an IT audit team.Preferred:Direct experience with one or more of the following and be able to provide advisory services centered on compliance:NIST Cybersecurity Framework.NIST Special Publication 800-30.NIST Special Publication 800-53.ISO 27001/27002.1 Audit Certification & 1 Technical Certification REQUIRED (For Example: PCI QSA, CISA, CISM, or CISSP).Ability to interact effectively at all levels with sensitivity to cultural diversity.Ability to adapt as the external environment and organization evolves.PCI QSA certification.Experience with PCI DSS 4.0, SOX and ISMS (to ISO 27001) controls.Experience evaluating and reporting key security metrics and key performance indicators.Experience with cloud security and risk assessments.Education:Bachelor's degree in information technology or related field.Preferred: PCI DSS / CISA / CRISC / CGEIT / NIST / ISO 27001 / CISSP or other industry certification(s) a plus.#J-18808-Ljbffr