A Fresh Approach To Great Results.
Charlotte-based Compass Group North America is the leader in foodservice management and support services. By combining fresh ideas with the industry’s greatest talent, we continue to set the standards for food and service excellence. Our vision for success is a powerful one – to continue to rise above the competition in every aspect of our business – from leading-edge technology, to purchasing, to foodservice, to catering and vending, to facilities management and support services. That kind of commitment commands only the best, and it.s our great people providing great service that generates our great results. In turn, it’s important to us that our talented employees be given the proper resources to achieve their fullest potential. Play a key role in our future success:
Job Description:
Reporting directly to the Director of Information Systems Security, the PCI Auditor/Security Engineer will be responsible for a combination of security engineering, incident response, and conducting on-site and remote audits of our units. The product of each audit will be a list of observations of non-compliance with PCI DSS standards.
The PCI Auditor/Security Engineer will use former audit & engineering experience to review reports provided by our Qualified Security Assessor (QSA), Approved Scanning Vendor (ASV), and Payment Application Qualified Security Assessor (PA-QSA). The PCI Auditor/Security Engineer will work with internal departments, security vendors, and client IT staff to remediate any findings to ensure ongoing PCI DSS compliance.
Responsibilities:
- Must be able to perform hands-on support for a wide range of security technologies including, but not limited to: SIEM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, and data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, forensics software, security incident response
- Perform project leadership tasks on security initiatives/projects
- Perform on-site audits of the implementation and infrastructure that supports the Point of Sale system(s).
- Interact with client IT to ensure proper controls and segmentation are in place per PCI DSS standards.
- Complete internal SAQ reports as required and have in depth knowledge and the requirements to comply with PCI DSS Reports on Compliance (ROC), Approved Scanning Vendor (ASV) Scan Reports, and PCI AOC (Attestation of Compliance).
- Document and present audit findings to leadership and the internal PCI Team for follow up and remediation. Provide status reports for consistent findings and proposed solutions; Interact with QSA, PA-QSA and ASV security professionals to confirm findings and resolve conflicting information or audit findings resulting from the audit.
- Work in a team environment to analyze the audit findings and help develop procedural strategies for reviewing reports and services. Help ensure relevant test coverage and appropriate sampling of locations. Participate as an integral part of the team, exhibiting ownership, follow through, initiative, awareness and effective communication with peers and management.
- Continually stay abreast of the evolving PCI Security Standards, learn, actively share knowledge and foster exchange of skills. Proactively identify opportunities to improve the quality of reporting and usability of that information.
- Perform ad hoc projects as required.
- Be willing to travel (up to 10%) of the year for on-site audits and perform other duties as assigned.
Qualifications:
- Minimum of 2 years of hands-on network security engineering and audit experience
- Industry certifications (such as CISSP, PCI-ISA, CISA, CCSP)
- Bachelor’s degree required
- Management experience preferred
- Methodical and organized; able to independently manage multiple opportunities, projects, and clients concurrently
- Highly developed technical knowledge of networking and network security
- Understanding of information systems and highly technical networking infrastructures
- Ability to work with a diverse group of security professionals with various roles and responsibilities
- Experience evaluating the security infrastructure for medium to large enterprise merchants
- Working knowledge of POS systems and the lifecycle of payment card transactions
- Working knowledge of audit methodologies and security assessment tools
- Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment
- Able to multi-task and work independently with minimum supervision to meet firm deadlines
- Flexible, proactive, quick to learn and possessing a can-do attitude
- A blend of curiosity, creativity, persistence, commitment, passion and optimism
- Strong Preference given to those with experience:
- PCI-ISA currently supporting a corporate POS environment
- Evaluating various information systems, networks and/or payment applications
- Experience in performing penetration testing on internal and external networks
- Experience reviewing network scans for vulnerabilities from an Approved Scanning Vendor (ASV)
- Excellent writing skills (e.g. SAQ reports, Report on Compliance (ROC),
- whitepapers, etc.)
- Strong project management skills
Great People. Great Service. Great Results.
At Compass Group North America, our superior balance of efficiency and quality attract the highest caliber level of service our clients deserve. We retain the finest workers with a highly competitive compensation and comprehensive benefits plan. If you're looking for a career where you set the standard for personal advancement, then Compass Group North America is for you! Working together, we will continue to experience success as the industry's best.
Achieving leadership in the foodservice industry
Compass Group North America is a diversity growth-oriented organization. Our goal is to improve the quality of work life by using fair and consistent treatment and providing equal growth opportunities for ALL associates.
J2W: CGCorp
#LI-POST2
Job ID: JFL07171550247