Duration: 6-12+ months
Resume Must Haves - Previous RoC (Report on Compliance) experience & excel proficient.
Responsibilities
• Support objectives of the Security Assurance Team with leadership and key technology contributors and develop plans aligned to the following:
o Control frameworks and requirements
o Risk assessments and mitigation strategies to manage risk at an acceptable level (internal and third party)
o Measures to demonstrate the value in control testing and risk reduction
• Provide input on design controls, help identify new and improved ways to leverage technology to maintain PCI compliance, assist with remediation efforts, as needed, and support the overall testing activities.
• Interface with auditors, internal compliance, and support teams.
• Communicate complex matters clearly and succinctly, articulate issues, communicate status, and drive to find solutions.
• Coach employees and partners on the proper methods to protect information resources.
• Assist with communications, engagements, and training plans to enhance a culture of shared security accountability.
• Identify and implement improved processes.
• Maintain and promote a strong security culture.
Minimum Qualifications (required)
• Bachelor's degree in Information Technology, Computer Science, Computer Engineering, Information Technology Management, or related field (or equivalent years of experience, education and training)
• 6+ years of experience in Information Technology and/or Information Security with emphasis on the following:
o Experience with working knowledge of security tools such as vulnerability management scanning, SIEM, FIM, encryption, DLP and logging
o Demonstrated working knowledge of:
§ Network design and configuration
§ Implementation of security controls such as firewall rulesets, access control lists, vLan management, etc.
§ Experience with cloud environments such as Azure or AWS
• 4+ years of IT GRC Security experience to include one or more of the following:
o Experience with PCI DSS Report on Compliance (RoC) evidence gathering
o Experience supporting management in a control environment involving PCI
o Knowledge of industry trends, direction, and best practices in domain areas of responsibility
Additional Qualifications
• GIAC GSEC, CISA, CISM, CISSP, ITIL and/or PMP
• Knowledge and experience across multiple Information Security domains
• Knowledge and experience with fuel Point-of-Sale (POS) equipment
• Ability and willingness to keep up with emerging security technologies and trends
• Demonstrated experience with security training related to PCI
• Experience in the agricultural, grain, energy, and consumer foods industries
Pre-employment screening is based on the job requirements and industry guidelines and may or may not be required for the position. If required, selected candidates must pass pre-employment screenings to include all or a combination of drug, criminal, motor vehicle check, physical requirements and FMSCA Clearinghouse.