• Security Compliance Analyst II

    ID
    2019-3360
    Pos. Category
    Information Technology
    Location : City
    Salt Lake City
    Location : State/Province
    UT
    Created Date
    8/7/2019
    Type
    Regular Full-Time
  • Overview

    Want to work on a world-class team building life-changing financial products? Let me introduce you to Progrexion – that’s what we do every day.

     

    Based in downtown Salt Lake City, our team builds industry leading services that help consumers access, understand, and verify their credit reports are fair, accurate, and substantiated. Our services power the technology behind Lexington Law (an independently owned law firm), Credit.com, and CreditRepair.com.  And the good news? We have a lot of fun while we do it. 

     

    Responsibilities

    Role and Responsibilties

     

    Progrexion is looking for a Security Compliance Analyst I to join our Information Technology Security Team. The successful candidate will demonstrate our Corporate Guiding Values of Integrity, Consumer Advocacy, Teamwork, Development, Quality and Performance in all areas of his/her work. The candidate will be a highly skilled individual that manages day-to-day requirements for PCI and compliance requirements, review contract language for technical considerations, drafts and updates security policies, procedures, and other supporting documentation while maintaining relationship with business stakeholders. This individual will have strong technical skills to ensure Progrexion’s information is compliant at all times. Our ideal candidate will not only have solid interpersonal and written communication skills, but will also have a technical background and ability to convey technical information into business terms.  The PCI Compliance Analyst will be responsible for supporting internal compliance efforts, identifying and assessing risks, as well as, participating in the annual PCI assessment.

    • Perform PCI Internal Security Assessor work and sampling and monitor technical compliance requirements to ensure that the environment is PCI-DSS compliant.
    • Identify trends, root causes, and key risk indicators of non-compliance.
    • Participate in the annual PCI assessment process.
    • Work closely with the ISA to develop remediation plans to resolve findings and draft written reports that summarize the objectives, scope, findings and conclusions.
    • Document standard operating policies and procedures.
    • Articulate compliance goals and initiatives effectively to gain buy-in, trust, and collaboration from internal executives, product and operations teams.
    • Establish and manage compliance project plans and escalation methodologies, project reporting timetables, issue/resolution processes, and requirements prioritization.
    • Communicate to senior management by demonstrating strong skills in presenting technical concepts in business terms.

    Qualifications

    Qualifications

    • Bachelor's Degree or equivalent in Computer Science, Computer Engineering, Information Technology, or related field.
    • 1-2 years of experience in the areas of coordination/project management, compliance/audit, business analysis or software quality assurance.
    • Intermediate or above experience using Microsoft Office Suite (Word, Excel, and PowerPoint).
    • Ability to work in a fast-paced environment.
    • Must be tactful, detail oriented, and able to comprehend technical and regulatory requirements.
    • Must be able to work with third-party assessors and auditors.
    • Must exhibit excellence in partnering, teamwork, and quality performance.
    • Able to effectively give, receive, and respond to feedback.
    • Excellent oral and written communication skills with the ability to communicate security concepts to a technical and non-technical audience including senior management.
    • Demonstrated ability to establish relationships and build rapport to influence colleagues at all levels, uncover issues, and identify needs.

    PREFERRED QUALIFICATIONS

    • Experience testing or auditing technical controls.
    • Knowledge of and experience with Payment Card Industry Data Security Standard (PCI DSS) framework.
    • Experience with payment cards and/or credit reports.
    • Knowledge of project management methodologies (Agile, Waterfall).
    • Current or former ISA preferred.
    • Experience with GRC tools preferred.
    • Information security recognized certification(s) preferred – Network+, Security+ and/or Linux+.

     

    The job description is not designed to cover or contain a comprehensive listing of required duties or responsibilities. Other duties, responsibilities and activities may change or be assigned at any time with or without notice.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.