Payment Security Practice Lead - Information Security

Employer
Target
Location
Brooklyn Park, Minnesota, United States
Posted
Feb 24, 2018
Closes
Aug 08, 2018
Category
Business, Other
Employment Status
Full Time
Description: JOIN US AS A PAYMENT SECURITY PRACTICE LEAD, INFORMATION RISK MANAGEMENT, INFORMATION SECURITY

About This Opportunity

The Payment Security Practice Lead will be responsible for ensuring the PCI DSS compliance of people, process, and technology for a subset of technical-focused PCI DSS requirements at Target as well as the additional. This is not a check the box role; we work with teams across the organization daily on current and future looking activities.Use your skills, experience and talents to be a part of groundbreaking thinking and visionary goals.  As a Payment Security Practice Lead, you'll take the lead as you…

• Help determine and drive strategic and day to day team objectives

• Consult on Target's complex payment systems considering PCI DSS compliance obligations

• Understand and document complex branded payment acceptance or card servicing processes

• Apply established PCI DSS scoping criteria

• Obtain and review evidence of compliance to support technical or complex PCI DSS requirements

• Support the completion of the annual PCI DSS Report on Compliance

• Drive necessary system and process updates

• Scope, interpret, and prioritize both application and network vulnerability test results

• Manage and communicate key compliance milestones for critical systems and complex processes

• Facilitate interaction between the business and Target's PCI DSS Qualified Security Assessor (QSA)

• Work closely with cross-functional teams and develop strong liaison relationships.

• Stay current with new and evolving security topics and technologies via formal training and self-directed education

• Willingly share knowledge and experiences with less experienced staff to help grow team talent bench through training and mentoring

PREFERRED REQUIREMENTS:

• Bachelor's degree

• 5-10 years IT background; experience with compliance or regulatory issues preferred

• 3+ years prior experience supporting a Level 1 or Level 2 organization's PCI DSS compliance effort, working with an ISA or QSA, or serving as a ISA or QSA

• Intermediate knowledge of all requirements of the PCI DSS v3.x, other significant PCI SSC guidance, and card security and compliance requirements from the major card brands

• Intermediate knowledge of five or more of the following technical areas: network segmentation, operating system security, encryption and key management, tokenization, anti-virus and malware, secure system development, identity and access management, vulnerability management, physical access controls, penetration testing, file integrity monitoring, logging, and information security policy

• Able to scope, interpret and prioritize both application and network vulnerability test results

• Experience with project management (planning, organizing, and managing resources to bring about the successful completion of specific project goals and objectives)

• Ability to identify problems, analyze data and present conclusions effectively

• Strong verbal, written and presentations skills

• Excellent PC skills (Excel, Word, Adobe, SharePoint)

• Industry Certifications (CISSP/PCI QSA or ISA/PCIP/CISM/CRISC) preferred



Qualifications:

Similar jobs

Similar jobs