Sr. Information Security Analyst-PCI
Company Name:
VisionIT
Sr. Information Security Analyst-PCI
POSITION
Summary:
Work to assure that Our Client's systems and Information Technology (IT) adheres to regulatory requirements for Sarbanes-Oxley (SOX), Payment Card Industry (PCI) and/or
nevada
Gaming Control Board (NGCB) and other gaming regulations. This includes assisting with all IT areas to remediate any audit issues, focusing on ensuring regulatory requirements are met, including but not limited to, licensing, technical standards, internal controls, minimum standards, employee licensing and responsible gambling standards.
ESSENTIAL FUNCTIONS AND TASKS:
General:
o Facilitates audit processing to ensure completion of audits for Sarbanes-Oxley (SOX), Payment Card Industry (PCI), Nevada Gaming Control Board (NGCB) and other audits as required
o Drives remediation and collects documentation related MICS, SOX and PCI audit requirements
o Works directly with auditors and IT control owners to assure audits are completed on time
o Promotes compliance awareness and provides reporting on progress
o Promotes technology best practice compliance standards
o Collaborates with third party vendors, where appropriate
o Generates and provides regular compliance reports and scorecards
o Completes the Technology Compliance Risk Assessment process for applications and systems
o Experienced in the use of Compliance tools
o Ability to facilitate meetings and drive agendas
Gaming:
o Plans, prepares, tests, submits and tracks technical and control submissions to the appropriate regulators
o Accurately records and reports on the status of submissions and approvals
o Provides timely and accurate submissions to regulators in all jurisdictions concerned. In addition, ensures that submissions are complete in both content and detail to meet regulators' expectations.
o Works with the Nevada Gaming Control Board auditors to provide information for properties with regard to IT devices and processes
o Reviews all technical and controls submission packages to the specifications of each jurisdiction according to internal company procedures
o Ensures that urgent or special changes are expedited, coordinated and that the regulator is informed in accordance with requirements or internal controls
o Provides advice and assistance to individual properties in the development of documented internal controls pertaining to Information Technology
o Controls regulatory submission documentation
Sarbanes-Oxley Section 404:
o Facilitates annual testing with internal and external auditors
o Leads and assists teams with their SOX remediation efforts
o Manages audit reviews throughout the year to ensure best practices are integrated into all environments
o Works with auditors to gather information for risk assessments
Payment Card Industry (PCI):
o Understands IT controls related to PCI requirements
o Assists with the remediation of items from annual QSA reviews
This job description in no way states or implies that these are the only duties to be performed by the employee in this position. It is not intended to give all details or a step-by-step account of the way each procedure or task is performed. The incumbent is expected to perform other duties necessary for the effective operation of the department. All duties are to be performed in accordance with Our Client's departmental policies, practices and procedures.
SUPERVISORY
Responsibilities:
This position has no direct/official supervisory responsibilities.
EDUCATION and/or
Experience:
o Four-year degree, plus 4 years experience in Information Technology Compliance required
o Three years of experience in an IT Compliance or Security Risk Management position
o A minimum of 1 year of project management experience is highly desired
o Experience or exposure in working with auditors preferred
o Must exhibit knowledge of a hospitality/gaming environment and how the business is affected by regulatory requirements
o Must be knowledgeable and capable of working in a 24x7 environment
CERTIFICATES, LICENSES, REGISTRATIONS:
o CISSP and/or CISA preferred
o The applicant must be eligible for gaming license, which requires the applicant does not have a criminal background among other things
o Proof of eligibility to work in the United States
SECTION 3: COMPETENCIES & WORKING CONDITIONS
Knowledge/Skills/Abilities:
o Must be able to work independently with minimal supervision
o Must exhibit a sincere interest and passion to become a compliance advocate for Information Technology
o Highly ethical and discreet with ability to maintain confidentiality
o Excellent interpersonal telephone skills and the ability to empathize with customer's needs, while enforcing company policies
o Provides 24x7 on-call support, as required
o Must be highly organized and possess excellent written and verbal communication skills
o Display motivational attributes (self and others)
o Focused towards excellent customer service
Estimated Salary: $20 to $28 per hour based on qualifications.
VisionIT
Sr. Information Security Analyst-PCI
POSITION
Summary:
Work to assure that Our Client's systems and Information Technology (IT) adheres to regulatory requirements for Sarbanes-Oxley (SOX), Payment Card Industry (PCI) and/or
nevada
Gaming Control Board (NGCB) and other gaming regulations. This includes assisting with all IT areas to remediate any audit issues, focusing on ensuring regulatory requirements are met, including but not limited to, licensing, technical standards, internal controls, minimum standards, employee licensing and responsible gambling standards.
ESSENTIAL FUNCTIONS AND TASKS:
General:
o Facilitates audit processing to ensure completion of audits for Sarbanes-Oxley (SOX), Payment Card Industry (PCI), Nevada Gaming Control Board (NGCB) and other audits as required
o Drives remediation and collects documentation related MICS, SOX and PCI audit requirements
o Works directly with auditors and IT control owners to assure audits are completed on time
o Promotes compliance awareness and provides reporting on progress
o Promotes technology best practice compliance standards
o Collaborates with third party vendors, where appropriate
o Generates and provides regular compliance reports and scorecards
o Completes the Technology Compliance Risk Assessment process for applications and systems
o Experienced in the use of Compliance tools
o Ability to facilitate meetings and drive agendas
Gaming:
o Plans, prepares, tests, submits and tracks technical and control submissions to the appropriate regulators
o Accurately records and reports on the status of submissions and approvals
o Provides timely and accurate submissions to regulators in all jurisdictions concerned. In addition, ensures that submissions are complete in both content and detail to meet regulators' expectations.
o Works with the Nevada Gaming Control Board auditors to provide information for properties with regard to IT devices and processes
o Reviews all technical and controls submission packages to the specifications of each jurisdiction according to internal company procedures
o Ensures that urgent or special changes are expedited, coordinated and that the regulator is informed in accordance with requirements or internal controls
o Provides advice and assistance to individual properties in the development of documented internal controls pertaining to Information Technology
o Controls regulatory submission documentation
Sarbanes-Oxley Section 404:
o Facilitates annual testing with internal and external auditors
o Leads and assists teams with their SOX remediation efforts
o Manages audit reviews throughout the year to ensure best practices are integrated into all environments
o Works with auditors to gather information for risk assessments
Payment Card Industry (PCI):
o Understands IT controls related to PCI requirements
o Assists with the remediation of items from annual QSA reviews
This job description in no way states or implies that these are the only duties to be performed by the employee in this position. It is not intended to give all details or a step-by-step account of the way each procedure or task is performed. The incumbent is expected to perform other duties necessary for the effective operation of the department. All duties are to be performed in accordance with Our Client's departmental policies, practices and procedures.
SUPERVISORY
Responsibilities:
This position has no direct/official supervisory responsibilities.
EDUCATION and/or
Experience:
o Four-year degree, plus 4 years experience in Information Technology Compliance required
o Three years of experience in an IT Compliance or Security Risk Management position
o A minimum of 1 year of project management experience is highly desired
o Experience or exposure in working with auditors preferred
o Must exhibit knowledge of a hospitality/gaming environment and how the business is affected by regulatory requirements
o Must be knowledgeable and capable of working in a 24x7 environment
CERTIFICATES, LICENSES, REGISTRATIONS:
o CISSP and/or CISA preferred
o The applicant must be eligible for gaming license, which requires the applicant does not have a criminal background among other things
o Proof of eligibility to work in the United States
SECTION 3: COMPETENCIES & WORKING CONDITIONS
Knowledge/Skills/Abilities:
o Must be able to work independently with minimal supervision
o Must exhibit a sincere interest and passion to become a compliance advocate for Information Technology
o Highly ethical and discreet with ability to maintain confidentiality
o Excellent interpersonal telephone skills and the ability to empathize with customer's needs, while enforcing company policies
o Provides 24x7 on-call support, as required
o Must be highly organized and possess excellent written and verbal communication skills
o Display motivational attributes (self and others)
o Focused towards excellent customer service
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
