Lead Compliance (PCI) Specialist
4.
2 4 hours ago Full Job Description The Lead Compliance Specialist is a key leader within the Disney Parks, Experiences & Products (DPEP) Information Security & Compliance team.
The primary focus will be to ensure the processes and controls are in place across the Segment to satisfy security, internal control, risk management, external audit, and compliance requirements.
Among the various policy and regulatory related programs monitored is the Payment Card Industry Data Security Standard (PCI-DSS) Program.
This program exists to manage compliance with PCI DSS and annual reporting and attestation requirements.
Responsibilities:
Evaluates compliance with programs and processes to mitigate compliance risk and ensure protection of company assets and information Reviews and enhances network systems and processes for compliance with PCI DSS and internal standards Proactively identifies non-conforming areas and assesses risk.
Recommends and implements compliance measures Provides advice on compliance issues to solve challenging security compliance problems Ensures documentation and reporting in support of analysis.
Stays current on evolving legislative / regulatory changes related to PCI DSS compliance and provide timely advice on PCI DSS requirements Coordinates with multiple stakeholder groups across DPEP to assess and monitor compliance risks Responsible for planning, conducting and reporting on PCI compliance assessments including assessment planning, execution, and reporting; generating and distributing status reports Provide consulting to internal business partners regarding PCI DSS compliance Monitor compliance with information security policies and standards and prepare appropriate documentation for internal and external audits Coordinate internal/external audits and attestations; ensure required artifacts are delivered timely and with quality, and that deficiencies identified are addressed Provide oversight of Compliance remediation projects (as requested) ensuring timely completion and validation of completion Basic
Qualifications:
Minimum 10 years' Information Technology Compliance expertise, with a minimum of 3 years' in leading Compliance program for a large and complex organization CISA certification required Expert knowledge of security related legislation/regulations with emphasis on Sarbanes-Oxley, PCI, and privacy Demonstrated experience in identifying compliance risks and development of mitigation plans Proven experience influencing business and technology leadership to achieve security and compliance requirements Ability to establish credibility and working relationships with a wide range of personnel, including operations, management, executive, and legal teams as well as external auditors Solid understanding of project management principles Demonstrated experience generating metrics to measure service and program effectiveness and consistency Good organization skills and attention to detail Demonstrated professional written, verbal, and presentation communications skills Highly flexible and adaptive; able to multi-thread across a number of simultaneous work efforts Sharp analytical and problem-solving skills Ability to solve complex problems and develop creative alternatives, as well as, continuous process improvement skills Demonstrated ability to handle confidential information Proven ability to work effectively in a fast-paced environment as part of a high performance team dispersed in multiple locations Preferred
Qualifications:
Ability to be flexible with work schedule and travel requirements Have a clear understanding of cloud computing services/ deployment architecture Working knowledge of network and IT security components, including firewalls, intrusion detection systems, anti-malware software, data encryption, server operating systems, and other industry-standard techniques and practices Knowledge of common web and mobile application vulnerabilities, such as the OWASP Top 10 for web and mobile, and ability to provide solutions Required Education:
Bachelor's degree in computer science, information systems, information protection (information security), or a related IT field is required.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
2 4 hours ago Full Job Description The Lead Compliance Specialist is a key leader within the Disney Parks, Experiences & Products (DPEP) Information Security & Compliance team.
The primary focus will be to ensure the processes and controls are in place across the Segment to satisfy security, internal control, risk management, external audit, and compliance requirements.
Among the various policy and regulatory related programs monitored is the Payment Card Industry Data Security Standard (PCI-DSS) Program.
This program exists to manage compliance with PCI DSS and annual reporting and attestation requirements.
Responsibilities:
Evaluates compliance with programs and processes to mitigate compliance risk and ensure protection of company assets and information Reviews and enhances network systems and processes for compliance with PCI DSS and internal standards Proactively identifies non-conforming areas and assesses risk.
Recommends and implements compliance measures Provides advice on compliance issues to solve challenging security compliance problems Ensures documentation and reporting in support of analysis.
Stays current on evolving legislative / regulatory changes related to PCI DSS compliance and provide timely advice on PCI DSS requirements Coordinates with multiple stakeholder groups across DPEP to assess and monitor compliance risks Responsible for planning, conducting and reporting on PCI compliance assessments including assessment planning, execution, and reporting; generating and distributing status reports Provide consulting to internal business partners regarding PCI DSS compliance Monitor compliance with information security policies and standards and prepare appropriate documentation for internal and external audits Coordinate internal/external audits and attestations; ensure required artifacts are delivered timely and with quality, and that deficiencies identified are addressed Provide oversight of Compliance remediation projects (as requested) ensuring timely completion and validation of completion Basic
Qualifications:
Minimum 10 years' Information Technology Compliance expertise, with a minimum of 3 years' in leading Compliance program for a large and complex organization CISA certification required Expert knowledge of security related legislation/regulations with emphasis on Sarbanes-Oxley, PCI, and privacy Demonstrated experience in identifying compliance risks and development of mitigation plans Proven experience influencing business and technology leadership to achieve security and compliance requirements Ability to establish credibility and working relationships with a wide range of personnel, including operations, management, executive, and legal teams as well as external auditors Solid understanding of project management principles Demonstrated experience generating metrics to measure service and program effectiveness and consistency Good organization skills and attention to detail Demonstrated professional written, verbal, and presentation communications skills Highly flexible and adaptive; able to multi-thread across a number of simultaneous work efforts Sharp analytical and problem-solving skills Ability to solve complex problems and develop creative alternatives, as well as, continuous process improvement skills Demonstrated ability to handle confidential information Proven ability to work effectively in a fast-paced environment as part of a high performance team dispersed in multiple locations Preferred
Qualifications:
Ability to be flexible with work schedule and travel requirements Have a clear understanding of cloud computing services/ deployment architecture Working knowledge of network and IT security components, including firewalls, intrusion detection systems, anti-malware software, data encryption, server operating systems, and other industry-standard techniques and practices Knowledge of common web and mobile application vulnerabilities, such as the OWASP Top 10 for web and mobile, and ability to provide solutions Required Education:
Bachelor's degree in computer science, information systems, information protection (information security), or a related IT field is required.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
