Senior Risk Manager
Recruiter
Listed on
Location
Salary/Rate
Salary Notes
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
Summary of role:
- Managing the annual PCI assessments for assigned environments. This will include PCI DSS assessments but may also include PCI PIN and P2PE validations
- Maintaining continuous compliance with these requirements through the year
- Supporting PCI related customer questionnaires and onsite assessments
- Documenting and maintaining disaster recovery plans for PCI environments
- Supporting the data privacy programme covering PCI environments
- Demonstrating the team's core values;
- Efficiency, Awareness, Professionalism and Deliver
Principal responsibilities:
- Managing and maintaining PCI compliance for the assigned environments:
- Developing a deep understanding of compliance requirements (PCI DSS, PIN, P2PE), of the assigned environments and associated internal controls and interactions with other environments
- Collaborating with other team members and other teams to deliver effectively by reducing duplication of effort
- Maintaining the approach of continuously gathering/reviewing evidence and remediating issues or improving controls.
- Escalating and managing risks
- Preparing for external audit and customer assessments
- Striving to achieve the stated deadlines
- Supporting the data privacy programme covering PCI environments
- Maintaining confidentiality as the team may be privy to sensitive company and customer information
- Identifying personal data traversing and stored in the PCI environments and working closely with data privacy team to maintain compliance with regional and global programme
- Striving to deliver against the agreed deadlines and continually learning about company environments, internal controls and teams
- Documenting and maintaining disaster recovery plans for PCI environments
- Aligning the PCI and disaster recovery approaches to maintain an effective regulatory and operational risk management framework
Key skills:
- Team player who can work in a collaborative environment
- Effective communication and interpersonal skills
- Strong report writing and presentation skills Keen learner and committed to presenting high quality deliverables within agreed timescales
- Knowledge of the payments industry
Experience:
- At least 10 years' experience with at least 5 years in 1 or more of the following:
- Managing PCI audits
- IT security management
- Computer systems auditing
- IT internal audit
- PCI DSS, PCI PIN, P2PE
- Project Management
- LINK security standards
Qualifications:
1 or more of the following:
- CISA or CISM
- Internal Security Assessor (PCI ISA)
- Degree in IT or equivalent