Information Security Officer (Remote)

Mô tả Công việc
Typical Responsibilities
· Extensive Information/Cyber Security consultancy experience facing
security delivery expertise.
· Provide subject matter expertise for Payment Card Industry Data
Security Standard (PCI DSS).
· A deep knowledge in at least two of the following: PCI-DSS, ISO27001
(Information Security), Information Assurance, Security Policy, GRC,
NIST, GDPR or Data Privacy.
Gap Analysis and Scoping
· Assess changes to regulatory requirements and standards and determine
the impact on internal policies, controls, and processes. Make
recommendations for associated changes to policies, controls, and
processes, and simplify implementation.
· Review and validation of the PCI DSS scope and network segmentation
controls, payment application design and functionality.
· Review of all locations and flows of cardholder data, as well as asset
inventories.
· Conducting PCI standards interviews to have a complete map of
information/data workflows, processes, and procedures, payment card data
flow, information security controls.
· Conducting technical interviews to understand eventual data security
problems from the in-depth technical point of view.
· Identify and evaluate technology risks, internal controls to mitigate
risks, and related opportunities for continuous control improvement.
Facilitate and document risk assessments and communicate key findings.
· Producing Scoping and Gap Analysis Documentation.