Sr Consultant - PCI DSS in Greenville, SC at Windstream

Date Posted: 4/12/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Charlotte NC 6801 Morrison Blv
    Greenville, SC
  • Job Type:
    Finance
  • Experience:
    At least 8 year(s)
  • Date Posted:
    4/12/2018

Job Description

Job ID:17004462

Position Summary:


The Windstream Third Party Assurance & Compliance (TPAC) team is a High Performing group that provides Assurance & Compliance services and support to the business leaders across the organization. Our TPAC Team works to address areas to implement and monitor compliance related to various standards, as well as continuous improvement, while providing independent and objective assurance and advisory services to help affect change and improve the business. We are offering an opportunity to be a part of a newly formed Payment Card Industry Data Security Standard (PCI DSS) Compliance Team within the Windstream TPAC organization. Our team is focused on IT/Technology PCI DS Compliance Architecture, Audits and Operational reviews across Windstream’s portfolio; with the ability to identify areas for improvement, develop recommendations and become part of the solutions that will help improve the business.  The Sr. Compliance Analyst is responsible for working with business and technical team members and third-party auditors to ensure Windstream’s adherence to the PCI DSS compliance standards. 


Responsibilities:


  • Conduct compliance assessments for defined business applications or technology installations in defined areas, and provide advice and guidance on the applications/Technology and operation for PCI compliance requirements
  • Collects, collates and examines records as part of PCI DSS testing strategies for evidence of PCI compliance with IT Operational Standards
  • Evaluates and appraises evidence collated and drafts part, or all, of formal reports commenting on the conformance found to exist in the reviewed part of an information systems environment
  • Works with third-Party auditors to facilitate PCI DSS assessments
  • Recommends improvements in processes and control procedures, effectiveness and efficiency of control mechanisms and methods of risk reduction to satisfy PCI DSS
  • Issues formal reports to management on the extent of compliance of systems in alignment with the PCI DSS
  • Progresses reporting and escalation to audit and compliance stakeholders for internal or external audit actions.
  • Identifies business and technical PCI compliance impact and requirements for technology general controls and operational procedures
  • Identifies and communicates changes to PCI DSS requirements and in-scope systems on an on-going basis, ensuring that changes and new requirements are translated into new PCI DSS compliant operating procedures.
  • Reviews and ensures PCI compliance training programs and communications meet PCI DSS requirements
  • Creates product and service documentation detail to support ongoing PCI DSS efforts for attestation
  • Maintains list of outstanding audit actions and works with the remediation team to remediation completion
  • Works with architecture teams to facilitate design and diagram PCI environments and data flows
  • Participate in planning, scheduling and preliminary analysis for all internal and external audit projects.
  • Will provide support and oversight for team Compliance Analysts
  • Assist with organizational policy and procedures documentation and other special projects as directed

Job Requirements

  • Bachelor’s degree in Computer Science degree or related field or equivalent combination of industry related professional experience and education
  • 5+ years of experience with PCI DSS audit/compliance initiatives, teams, and programs
  • 5+ years of experience working with highly technical and business teams
  • 5 + years of experience in IT Security, Corporate Risk Governance, or as an internal /external IT auditor
  • Knowledge of technical infrastructure, network, system, database and application level security
  • Ability to understand basic firewall and router configurations
  • Basic knowledge of Telecom operations and wide range of service offerings and technologies helpful
  • Proven ability to execute engagements along with ensuring deliverables meet work plan specifications and deadlines
  • Ability to manage multiple tasks and responsibilities, work alone or in small teams, achieve established goals and objectives, and communicate progress in a timely and meaningful manner.
  • Understanding of payment applications, data base and application security, and network security
  • Strong written, verbal and analytical skills
  • Proficient with Microsoft Word, Excel, and Power Point
  • CISSP, CISA, QSA, ISA, PCIP certifications highly desirable
Minimum Requirements:

College degree and 8+ years professional level experience with 3-4 years supervisory experience; or 12+ years professional level related experience with 3-4 years supervisory experience; or an equivalent combination of education and professional level related experience required

IND123
RF-LI



EEO Statement: Employment at Windstream is subject to post offer, pre-employment drug testing. Equal Opportunity Employer. Windstream is a drug-free workplace.