PCI-DSS Compliance Analyst
Hybrid working - 2/3 days working in Hatfield office
Permanent role, offering salary £50k - £60k + Excellent Benefits
ABOUT THE COMPANY
Global Technology powerhouse pioneering the future of transport & logistics through innovation and automation. They create world-class systems at the intersection of robotics and IoT, cloud platforms, big data, machine learning, software development, and are one of the UK leaders in this space.
ABOUT THE ROLE
As the PCI-DSS Compliance Analyst you will support their InfoSec GRC team in information security across the whole organisation, including overall information security governance, compliance programs, third-party vendor risk management, and education.
You will be responsible for conducting internal audits, security assessment as well as creating policies, controls and procedures.
This role is not a technical hands on role, but would suit an individual who has a
technical background having worked with a range of technology and security tools who is now looking for an information security GRC role.
WHAT WILL YOU DO?
● Conducting internal security assessments and audits for PCI-DSS Compliance
● Contributing to the creation and refreshment of information security documents, policies, processes and procedures for PCI-DSS Compliance
● Working with business stakeholders and project teams to understand, scope and define security requirements.
● Assisting in developing control testing strategies, to ensure our security controls are meeting their objectives.
● Providing effective reporting to the Head of Information Security Governance of trends, audit findings and risk ratings.
● Performing internal and third-party vendor risk assessments, and writing risk assessment reports.
● Managing and analysing security controls, while understanding the risk of certain controls not being in place.
● Supporting the Information Security teams and Business functions in maintaining security other attestations, which include ISO27001 and SSAE18/SOC 2.
PLEASE APPLY IF YOU HAVE
● Experience in an Information Security GRC related role, and experience in conducting security assessments, writing Information Security related Policies, Processes and Procedures
● Experience in security assessment for PCI-DSS compliance and good knowledge of PCI-DSS controls
● Third-Party Vendor Risk Management experience
● Good communication skills with ability to articulate compliance changes and experience in collaboration with internal / external stakeholders
ADDITIONAL BENEFITS
● 30 Day ‘work from anywhere’ policy +
● Remote working for the month of August
● 25 days annual leave, rising to 27 days after 5 years service (plus optional holiday purchase)
● Pension scheme (various options available including employer contribution matching up to 7%)
● Private Medical Insurance
● 22 weeks paid maternity leave and 6 weeks paid paternity leave (once relevant service requirements complete)
● Train Ticket loan (interest-free)
● Cycle to Work Scheme
● Opportunity to participate in Share save and Buy as You Earn share schemes
● Income Protection(can be up to 50% of salary for 3 years) and Life Assurance(3 x annual salary)
For more information and immediate consideration apply today