Job Description :
Job Title: IT Auditor Architect PCI Compliance
Job Location: Melville Long Island
Project Duration: Full Time
Mode of Interview: Phone & Face to Face
The Architect, IT Auditor of PCI Compliance (Architect, IT Audit) will be responsible for planning, overseeing consultant based workers, and executing IT Payment Card Industry (PCI) and IT Risk engagements as well as support the demand, creation and compliance audit development efforts.
PCIP Certification is required & ISA will be a huge plus !!
The hiring manager is flexible if the candidate has at least PCIP certification and/or a CISSP certification with PCI experience. They can get the ISA through client later on.!!
Responsibilities:
Oversee activities of PCI project consultants in the IT Audit group to ensure adherence to established PCI compliance and PII processes
Work with Sr. Manager and Sr Director of IT Audit to establish and maintain PCI program management office
Establish all required PCI-DSS 3.0 Standards to ensure compliance with Self-Assessment questionnaire Level D and Lower
Work with all IT functional groups to insure all PCI compliance requirements, such as Internal PCI Scans, External PCI Scans, PCI Segment Network documentation, etc. are executed in a timely manner as required by the PCI-DSS standards
Establish and maintain business relationships with external QSA firms as needed to provide CANON USA IT the proper guidance on PCI-DSS compliance requirements
Ensure the annual completion for all SAQD, C, C-VT) execution
Test and document computer system records for information system integrity and transaction accuracy, reports discrepancies
Prepare audit plans and understand the specific issues to be evaluated
Develops final written reports to communicate audit results to management and regulatory compliance agencies if applicable and make recommendations as appropriate
Facilitate work of consultants and/or external IT auditors during audits and on-site visits
Assist in the preparation of documentation, testing and evaluation of the company''s IT general controls over financial reporting across multiple environments assessing the design, effectiveness and adequacy of key systems and processes based on walk through and transaction compliance testing
Identify and recommend mitigating technology process controls to reduce risks noted in system evaluations
Assist Internal Audit management with periodic reporting to the Audit Committee, development of the annual internal audit plan, and championing internal control and corporate governance concepts throughout the business
Interact with all levels of management and company employees
Foster an environment of regulatory awareness and ensure regulatory compliance
Design and execute risk-focused Audit Plans in Infrastructure and Applications Development and Maintenance, leveraging resources and expertise across teams
Anticipate bottlenecks and challenges and minimize their impact through prompt action
Actively involved in developing the department''s vision and strategy
Have a strong understanding of best practices in the internal audit profession, and drive sustainable results through good QA processes
Foster innovation and challenge the status quo
Build and maintain trusted relationships with our regulators and the audit committees we serve
Qualifications:
Demonstrated experience with PCI-DSS certification and processes, with a minimum of 5 years experience
PCIP / CISSP Certification is required
ISA Certification will be a huge plus
CISA or CISM Certification required
Ability to create an assessment and testing program that incorporates all aspects of PCI scanning, assessing, and testing
Ability to develop programs that tie in vulnerability management for PCI with change management processes
Demonstrated experience using PCI based tools such as Nipper, Spider, Nexus, etc. to perform periodic scans of required network, servers and other technology devices
Light travel within the continental US required
Other Commonly Used Titles/Keywords: PCIP, PCI, PCI Professional, Payment Card Industry Professional, ISA, Internal Security Assessor, PCI-ISA, Payment Card Industry Internal Security Assessor