Enterprise Compliance Analyst Iii - Tijuana, México - Integon Service Co.

Integon Service Co.
Integon Service Co.
Empresa verificada
Tijuana, México

hace 1 semana

Rodrigo Fernández

Publicado por:

Rodrigo Fernández

Reclutador de talento para beBee
Descripción

Primary Purpose:

The Information Security Analyst III is a senior level position responsible for ensuring that National General Policies and processes adhere to
- regulatory and legal compliance standards such as PCI, SOX, HIPAA, and ISO Cybersecurity Frameworks. The Compliance Analyst will work
- with the other members of the team to enhance business practices, internal controls and perform other review-related activities to support the
- execution of the department's annual assessment plan


Essential Duties and Responsibilities:


  • Works with Security Architects, Security Analysts, Security Administrators and other IT and business departments to enhance/develop and review procedures and controls to meet PCI compliance requirements
  • Supports the planning and execution of control assessments related to PCI and other industry
  • Collect and document business requirements for process identification/improvement/automation efforts
  • Contributes to the development of process improvements
  • Applies knowledge of key regulations to influence assessment scope
  • Fieldwork/Execution: with limited supervision, performs testing (including walkthroughs), takes ownership to complete clear and
well-organized assessment papers that appropriately document the work performed, uses root cause analysis for problem
- solving and communicates potential issues timely to supervisor
  • Evaluates risks of key control deficiencies and effectiveness of overall control framework, and ensure management has effective
and timely control remediation plans- Reporting: Formulates appropriate conclusions regarding the adequacy of internal controls and procedures based on the

assessment work performed and knowledge of company operation; drafts well written, clear and concise finding reports and
- participates in presenting the findings to the Enterprise Risk & Compliance management
  • Remediation: Monitors the implementation of corrective action plans with first and second lines of defense and presents updates
to the findings to the Enterprise Information Risk & Compliance management- Conducts assessments of controls while documenting remediation items and working with vendors until items have reached a

satisfactory level of risk- Other duties as assigned


JOB REQUIREMENTS

Minimum Skills and Competencies:


  • 810 years substantive experience as a Compliance Assessor or Auditor with a licensed financial institution or a regulatory
compliance examiner with a federal or state financial services regulator

  • Bachelor's degree in Computer Science or Computer Information Systems or related or equivalent experience
  • 510 years substantive experience with PCI compliance; assessing controls, collecting artifacts, completing CCWs and working
closely with QSAs

  • Demonstrated knowledge of PCI, HIPAA, SOX, ISO27000 and NIST Cybersecurity Frameworks
  • Demonstrated understanding of the current PCI DSS and how it applies to a large, complex organization accepting payment via multiple channels and technologies
  • 510 years experience with infrastructure technologies including platforms, firewalls, routers, switches, virtualization and databases
  • Demonstrated detailed oriented selfstarter and the ability to work independently with limited supervision and limited direction, and in collaborative team environments
  • A strong ability to multitask and manage varying priorities and projects
Excellent interpersonal, verbal, and written communication skills with the ability to communicate security risk and compliance related concepts to a broad range of technical and non-technical staff


Desired Skills:


  • QSA, ISA, PCIP, CCNA, CCNP, CIA, CISSP, CISA, CISM, CCRISC, or CGEIT certifications
  • Stream, Archer, CyberArk, Fortify, Qualys, Rapid7, BeyondTrust Retina, Qradar, Trustwave TrustKeeper, Proofpoint, McAfee ePO/HBSS, VMWare, Palo Alto
(JavaScript, PHP, ASP)

  • Knowledge of SQL & Oracle dB's
Más ofertas de trabajo de Integon Service Co.
Ver todas las ofertas de empleo de Integon Service Co.