Senior Retail PCI Compliance Specialist
Irving Oil
Portsmouth, NH 03801, USA
Published 1 week ago
Compliance Management Systems / Technology
With over 900 retail gas locations in two countries, we are looking for someone to provide technical leadership and strategic decision recommendations for our Payment Card Industry Data Security Standard (PCI DSS) requirements. This role is also responsible for coordinating the development of standardized network architecture and ensure we remain compliant within our various jurisdictions. This role can be located in either Saint John, NB, or Portsmouth, N.H.
What We Offer:
Irving Oil is committed to supporting a diverse and inclusive work environment. We thrive on the good energy that's created when our people from different backgrounds, identities, cultures and experiences share their unique perspectives. Diversity is key to our success and inclusion is everyone's responsibility.
Job Requirements - Work Experience
Information Technology
Job Requirements - Education
Bachelors: Information Technology
What We Offer:
- Work Environment - Be a part of a collaborative environment that cultivates individual growth!
- Competitive Compensation - Including an annual bonus plan, and 401k company matched up to 4% Flexible Benefits Plan - Including health, dental and vision, as well as short and long-term disability, life insurance, and paid paternal leave.
- Paid Vacation - Plus an annual option to purchase additional vacation, too.
- Wellness Support - With an annual wellness allowance, paid personal care days, and a 24/7 Employee & Family Assistance Program
- Opportunity to give back to some amazing causes in our community - You chose when and where to make an impact through an annual paid volunteer day, company volunteer opportunities, and an annual donation matching
- Solid understanding of network architecture to ensure protection of the card data environment; identify existing or potential gaps and make plans to address.
- Ability to review new and existing systems design projects, or outsourcing plans for compliance with PCI security standards and overall architectural plans.
- Develop remediation plans to mitigate the risk of a potential payment network security breach.
- Hands-on experience with development and execution on test plans to check infrastructure and systems technical performance.
- Ability to develop reports and dashboards to share findings through test plans and gap analyses on retail systems architecture security.
- Be a champion of PCI compliance; educate other team members through both formal and informal methods.
- Good knowledge of applicable data privacy practices and laws for jurisdictions in Canada and the U.S.
- Collaborate with and support Retail IT team, vendors, and internal project teams in compliance assessment and mitigation.
- Lead the development and execution of a comprehensive PCI DSS technical assessment program through reviewing, evaluating, and testing security policies, related technologies, systems, applications, and processes.
- Review audit reports to ensure integrity and confidentiality of information. This includes assessment of administrative, physical, and technical controls currently in place.
- Assist internal and external auditors as required.
- Work with vendors and operations to develop and regulate a secure change management protocol which facilitates site level capabilities and maintain network security compliance.
- Develop, document, communicate, and enforce security policies and standards.
- Remain current on emerging technologies and recommend those that will increase security, infrastructure flexibility, and cost effectiveness.
- Develop and execute test plans to check systems security and technical performance; report on findings and make recommendations.
- Strong knowledge of software evaluation principles and practices.
- Post-secondary education in Computer Science, Information Systems, Business Administration, or equivalent experience.
- 10+ years of experience in IT.
- 5+ years of experience working in PCI including PCI Data Security technical assessments, audits, and PCI DSS compliance assessments.
- Good knowledge of PCI standards and requirements.
- Good knowledge of identify and access management (IAM) systems and logical access controls.
- PMP designation and / or security certifications an asset.
- ITIL and TOGAF certifications an asset.
- Working technical knowledge of current systems software, protocols, and standards; specific retail IT experience in the PCR environment a definite asset.
Irving Oil is committed to supporting a diverse and inclusive work environment. We thrive on the good energy that's created when our people from different backgrounds, identities, cultures and experiences share their unique perspectives. Diversity is key to our success and inclusion is everyone's responsibility.
Job Requirements - Work Experience
Information Technology
Job Requirements - Education
Bachelors: Information Technology