Laserfiche & PCI Compliance Administrator
GECU
El Paso, TX, USA
Published 1 week ago
Compliance Management Systems / Technology
Are you passionate about making a positive impact in the community you live in? Do you want to be on the forefront of paving the way to financial freedom for the members we serve? At GECU, our Core Values drive our Culture: Advocate, Integrity, Accountable, Dedicated and Passionate. Come grow your career with an award- winning team!
BASIC RESPONSIBILITIES
Responsible for the administration of Laserfiche, the credit union's enterprise content management system, to ensure the confidentiality, efficiency, security, and compliance of documents preserved in the imaging system.
Responsible for the compliance, protection, use, and control monitoring of the credit union's Payment Card Industry (PCI) data collected in business solutions and processes.
IMAGING TYPICAL DUTIES
Maintains standards of confidentiality and utilizes the concept of least privilege to folders for Laserfiche access requests.
Implements standards to address system access rights and revision controls to ensure access privileges to GECU imaging records are authorized according to the best practice concept of least privilege and secures the imaging system and the integrity of master documents.
Investigates and resolves issues with the software application by diagnosing root causes. Ensures application availability and recoverability in the event of a software failure with the least disruption to the end-users and members.
Communicates and consults with other staff when installing, configuring, testing, and monitoring the client-server software application, new and existing, to validate software fixes and upgrades.
Oversees the management of all imaging processes for all departments. Coordinates with department liaisons, evaluates existing document management systems processes, policies, standards, and procedures to determine current effectiveness, document redundancy, and efficiency, and identifies and recommends improvements.
Verifies record purging, including imaged and unstructured documents, to ensure destruction according to the retention schedule set in policies, standards, and procedures and complies with applicable laws and regulations regarding data security and document management.
Reviews departmental user access and periodically conducts a full review of all user permissions and access needs.
PCI COMPLIANCE TYPICAL DUTIES
Ensures the credit union adheres to PCI DSS requirements by protecting, controlling, and monitoring PCI data use and access, including the SPV program.
Recommends policies, standards, or procedures that govern the security of internal PCI data across the organization, specifically focusing on compliance requirements.
Manages the annual PCI assessment, including evidence gathering and quality assurance and audit resource meeting coordination
Tracks, documents, and addresses PCI compliance gaps to ensure timely closure.
Ensures external and internal vulnerability scans, assessments, and penetration testing are conducted to ensure compliance with PCI DSS.
Researches and leads security enhancement projects focused on new or changing PCI compliance requirements.
Provides cybersecurity user awareness presentations on PCI data handling and compliance for the credit union.
Responsible for managing and safeguarding cryptographic keys used for data encryption across our organization, including the management of the lifecycle of encryption keys. Implements and maintains key management policies, procedures, and best practices.
OTHER TYPICAL DUTIES
Answers and handles after-hour calls, including weekends and holidays, to provide support or troubleshoot application, database issues, or encryption-related incidents.
Maintains and understands compliance to ensure that work complies with GECU's established policies, procedures and applicable regulations, to include Bank Secrecy Act (BSA), Anti-Money Laundering (AML), Member Identification Program (MIP), and Office of Foreign Asset Control (OFAC).
Other duties may be assigned or required in connection with the general operation of the credit union.
CRITICAL KNOWLEDGE, SKILLS, AND EDUCATIONAL REQUIREMENTS
Bachelor's degree or higher in a computer-related field and minimum of 3 years of experience in information technology related field. In lieu of a bachelor's degree, equivalent work experience of four (3) years may be substituted for a total of six (6) years of experience. The following certifications preferred or must be completed within two years of hiring.
• Laserfiche Certified Administrator
• Laserfiche Certified Process Designer
• CompTIA Security +
• Certified Information Systems Auditor (CISA)
In-depth knowledge of credit union record retention policies, standards, and procedures.
Proficiency in PCI DSS and PCI Pin Security requirements. You will have the ability to deliver projects within time and budget.
Strong technical, analytical, and organizational skills.
Strong verbal and written communication skills.
Requires sitting the majority of the day, occasionally lifting over 30 pounds, bending, squatting, climbing, twisting, kneeling, reach above and below shoulder level occasionally.
PRIMARY RESPONSIBILITY
This position's primary responsibility is to provide quality services. Quality service means treating members and coworkers with respect and courtesy at all levels, whether in person or by telephone, as outlined in the Employee Handbook.
Availability requirements: Monday - Friday: 8:00 a.m. - 5:30 p.m. with occasional after hours projects
This application is valid for 12 months. After that date, unless otherwise notified, please understand that your status as an applicant will end. You may re-apply for employment in the future by completing a new application. All correspondence regarding the processing of the application will be sent via e-mail to the address provided on the application. Please ensure spam filters are set accordingly to prevent e-mails from going to the Junk Mail/Spam folder.
BASIC RESPONSIBILITIES
Responsible for the administration of Laserfiche, the credit union's enterprise content management system, to ensure the confidentiality, efficiency, security, and compliance of documents preserved in the imaging system.
Responsible for the compliance, protection, use, and control monitoring of the credit union's Payment Card Industry (PCI) data collected in business solutions and processes.
IMAGING TYPICAL DUTIES
Maintains standards of confidentiality and utilizes the concept of least privilege to folders for Laserfiche access requests.
Implements standards to address system access rights and revision controls to ensure access privileges to GECU imaging records are authorized according to the best practice concept of least privilege and secures the imaging system and the integrity of master documents.
Investigates and resolves issues with the software application by diagnosing root causes. Ensures application availability and recoverability in the event of a software failure with the least disruption to the end-users and members.
Communicates and consults with other staff when installing, configuring, testing, and monitoring the client-server software application, new and existing, to validate software fixes and upgrades.
Oversees the management of all imaging processes for all departments. Coordinates with department liaisons, evaluates existing document management systems processes, policies, standards, and procedures to determine current effectiveness, document redundancy, and efficiency, and identifies and recommends improvements.
Verifies record purging, including imaged and unstructured documents, to ensure destruction according to the retention schedule set in policies, standards, and procedures and complies with applicable laws and regulations regarding data security and document management.
Reviews departmental user access and periodically conducts a full review of all user permissions and access needs.
PCI COMPLIANCE TYPICAL DUTIES
Ensures the credit union adheres to PCI DSS requirements by protecting, controlling, and monitoring PCI data use and access, including the SPV program.
Recommends policies, standards, or procedures that govern the security of internal PCI data across the organization, specifically focusing on compliance requirements.
Manages the annual PCI assessment, including evidence gathering and quality assurance and audit resource meeting coordination
Tracks, documents, and addresses PCI compliance gaps to ensure timely closure.
Ensures external and internal vulnerability scans, assessments, and penetration testing are conducted to ensure compliance with PCI DSS.
Researches and leads security enhancement projects focused on new or changing PCI compliance requirements.
Provides cybersecurity user awareness presentations on PCI data handling and compliance for the credit union.
Responsible for managing and safeguarding cryptographic keys used for data encryption across our organization, including the management of the lifecycle of encryption keys. Implements and maintains key management policies, procedures, and best practices.
OTHER TYPICAL DUTIES
Answers and handles after-hour calls, including weekends and holidays, to provide support or troubleshoot application, database issues, or encryption-related incidents.
Maintains and understands compliance to ensure that work complies with GECU's established policies, procedures and applicable regulations, to include Bank Secrecy Act (BSA), Anti-Money Laundering (AML), Member Identification Program (MIP), and Office of Foreign Asset Control (OFAC).
Other duties may be assigned or required in connection with the general operation of the credit union.
CRITICAL KNOWLEDGE, SKILLS, AND EDUCATIONAL REQUIREMENTS
Bachelor's degree or higher in a computer-related field and minimum of 3 years of experience in information technology related field. In lieu of a bachelor's degree, equivalent work experience of four (3) years may be substituted for a total of six (6) years of experience. The following certifications preferred or must be completed within two years of hiring.
• Laserfiche Certified Administrator
• Laserfiche Certified Process Designer
• CompTIA Security +
• Certified Information Systems Auditor (CISA)
In-depth knowledge of credit union record retention policies, standards, and procedures.
Proficiency in PCI DSS and PCI Pin Security requirements. You will have the ability to deliver projects within time and budget.
Strong technical, analytical, and organizational skills.
Strong verbal and written communication skills.
Requires sitting the majority of the day, occasionally lifting over 30 pounds, bending, squatting, climbing, twisting, kneeling, reach above and below shoulder level occasionally.
PRIMARY RESPONSIBILITY
This position's primary responsibility is to provide quality services. Quality service means treating members and coworkers with respect and courtesy at all levels, whether in person or by telephone, as outlined in the Employee Handbook.
Availability requirements: Monday - Friday: 8:00 a.m. - 5:30 p.m. with occasional after hours projects
This application is valid for 12 months. After that date, unless otherwise notified, please understand that your status as an applicant will end. You may re-apply for employment in the future by completing a new application. All correspondence regarding the processing of the application will be sent via e-mail to the address provided on the application. Please ensure spam filters are set accordingly to prevent e-mails from going to the Junk Mail/Spam folder.