Payment Security Practice Lead - Information Security

3 days left

Brooklyn Park, Minnesota, United States
Feb 24, 2018
Mar 24, 2018
Business, Other
Employment Status
Full Time
JOIN US AS A PAYMENT SECURITY PRACTICE LEAD, INFORMATION RISK MANAGEMENT, INFORMATION SECURITYThe Payment Security Practice Lead will be responsible for ensuring the PCI DSS compliance of people, process, and technology for a subset of technical-focused PCI DSS requirements at Target as well as the additional. This is not a check the box role; we work with teams across the organization daily on current and future looking activities.

Use your skills, experience and talents to be a part of groundbreaking thinking and visionary goals.  As a Payment Security Practice Lead, you'll take the lead as you…

• Help determine and drive strategic and day to day team objectives

• Consult on Target's complex payment systems considering PCI DSS compliance obligations

• Understand and document complex branded payment acceptance or card servicing processes

• Apply established PCI DSS scoping criteria

• Obtain and review evidence of compliance to support technical or complex PCI DSS requirements

• Support the completion of the annual PCI DSS Report on Compliance

• Drive necessary system and process updates

• Scope, interpret, and prioritize both application and network vulnerability test results

• Manage and communicate key compliance milestones for critical systems and complex processes

• Facilitate interaction between the business and Target's PCI DSS Qualified Security Assessor (QSA)

• Work closely with cross-functional teams and develop strong liaison relationships.

• Stay current with new and evolving security topics and technologies via formal training and self-directed education

• Willingly share knowledge and experiences with less experienced staff to help grow team talent bench through training and mentoring


• Bachelor's degree

• 5-10 years IT background; experience with compliance or regulatory issues preferred

• 3+ years prior experience supporting a Level 1 or Level 2 organization's PCI DSS compliance effort, working with an ISA or QSA, or serving as a ISA or QSA

• Intermediate knowledge of all requirements of the PCI DSS v3.x, other significant PCI SSC guidance, and card security and compliance requirements from the major card brands

• Intermediate knowledge of five or more of the following technical areas: network segmentation, operating system security, encryption and key management, tokenization, anti-virus and malware, secure system development, identity and access management, vulnerability management, physical access controls, penetration testing, file integrity monitoring, logging, and information security policy

• Able to scope, interpret and prioritize both application and network vulnerability test results

• Experience with project management (planning, organizing, and managing resources to bring about the successful completion of specific project goals and objectives)

• Ability to identify problems, analyze data and present conclusions effectively

• Strong verbal, written and presentations skills

• Excellent PC skills (Excel, Word, Adobe, SharePoint)

• Industry Certifications (CISSP/PCI QSA or ISA/PCIP/CISM/CRISC) preferred

Similar jobs

Similar jobs